❌

Normal view

What 5 Million Apps Revealed About Secrets in JavaScript

17 February 2026 at 15:40
Leaked API keys are nothing new, but the scale of the problem in front-end code has been largely a mystery - until now. Intruder's research team built a new secrets detection method and scanned 5 million applications specifically looking for secrets hidden in JavaScript bundles. Here's what we learned. [...]

Passwords to passkeys: Staying ISO 27001 compliant in a passwordless era

16 February 2026 at 16:02
Password-based authentication is increasingly risky as organizations adopt passkeys to strengthen security and meet ISO/IEC 27001 requirements. Passwork explains how to align passwordless adoption with Annex A controls, risk assessments, and secure implementation practices. [...]

Canada Goose investigating as hackers leak 600K customer records

16 February 2026 at 05:45
ShinyHunters, a well-known data extortion group, claims to have stolen more than 600,000 Canada Goose customer records containing personal and payment-related data. Canada Goose told BleepingComputer the dataset appears to relate to past customer transactions and that it has not found evidence of a breach of its own systems. [...]
❌