Detecting and removing dangerous secrets on workstations before Shai-Hulud does
The article discusses the importance of detecting and removing dangerous secrets from developer workstations to prevent credential theft. It highlights the use of open-source tools like bagel and Fleet to automate the scanning and compliance checking process. The proposed solution aims to enhance security measures for both technical and non-technical users in organizations.
- ▪Credential theft from developer workstations is a growing concern due to the increasing attack surface.
- ▪Bagel is an open-source tool that scans for secrets in user directories and outputs results in JSON format.
- ▪Fleet is an open-source platform that uses osquery for telemetry and can integrate with other tools for compliance checking.
Opening excerpt (first ~120 words) tap to expand
Detecting and removing dangerous secrets on dev workstations before Shai-Hulud does2026-05-25Guillaume RossCredential theft from developer workstations#Let’s use a combination of open-source tools to detect problematic clear-text secrets on workstations and to ensure they’re not so easy for malware/scripts to steal.PyPI, npm, VS Code Extensions, OpenVSX, brew and other package managers expand the attack surface on workstations. While companies still lie to themselves that “all code changes are reviewed”, millions of developers have code execution access to workstations, and those developers can get compromised by various threat actors.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at Recyclebin.zip.
Discussion
0 commentsMore from Recyclebin.zip
