This page collects WhisperX intelligence signals tagged #credential-exposure. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A high-severity vulnerability in Kyverno's policy engine allows ServiceAccount tokens to be automatically forwarded to external endpoints without policy authors' knowledge or consent. The flaw, tracked as GHSA-8wfp-579w-6r25, stems from an insecure-by-default behavior in Kyverno's apiCall service mode, where the admiss...
A vulnerability in Kyverno's apiCall service mode silently attaches admission controller ServiceAccount (SA) tokens to all outbound HTTP requests, creating a credential exposure pathway when requests reach external or attacker-controlled endpoints. The flaw operates as an insecure default behavior, meaning policy autho...
A critical security vulnerability in the `/api/admin/dashboard` endpoint was discovered exposing sensitive credentials, including a Stripe API key and complete database login information with passwords, directly in JSON responses. The flaw, classified as sensitive data exposure, affected the file `src/routes/admin.js` ...
Organizations face a sharply expanding attack surface as exposed AI credentials—including OpenAI and Azure OpenAI API keys—have surged 140% over the past year, according to new intelligence from SentinelOne. The spike tracks directly with shadow AI adoption, as development teams embed AI services into workflows outside...