SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Asia

Secrets Management Stories

Asian Stories

Secrets Management stories

Global Stories

Secrets Management stories

Tenable finds GitHub workflow flaw in Microsoft repo
DevOps

Tenable finds GitHub workflow flaw in Microsoft repo

A flaw in a widely watched Microsoft repository could have let attackers run code and steal secrets through GitHub Actions, Tenable said.

By Mark Tarre 4 min read Last week
Keeper Security launches Agent Kit for AI coding agents
Virtualisation

Keeper Security launches Agent Kit for AI coding agents

It lets developers use AI coding tools without pasting sensitive credentials into prompts, reducing the risk of secrets leaking into logs or source control.

By Catherine Knowles 4 min read This month
Entrust & IBM Consulting team up on quantum-safe security
Data Protection

Entrust & IBM Consulting team up on quantum-safe security

Large firms face mounting pressure to unify cryptography oversight as quantum risk and regulatory scrutiny make legacy encryption harder to defend.

By Shannon Williams 4 min read Last month
Cequence launches agent controls for enterprise AI
Data Protection

Cequence launches agent controls for enterprise AI

The release aims to curb a growing security risk as enterprises let autonomous agents into internal apps with broad human-style access.

By Shannon Williams 4 min read Last month
Keeper launches Verify Mode to block phishing logins
Privileged Access Management

Keeper launches Verify Mode to block phishing logins

Enterprise administrators can now warn staff before passwords are pasted into fake sites, as phishing remains a major cause of breaches.

By Mark Tarre 4 min read Last month
DTEX warns Telegram & WhatsApp AI agents risk exfiltration
Virtualisation

DTEX warns Telegram & WhatsApp AI agents risk exfiltration

Security teams may miss data theft as AI agents use Telegram and WhatsApp to run locally on endpoints with user-level access.

By Sofiah Nichole Salivio 5 min read Last month
Claude Code can leak secrets in public npm packages
Data Protection

Claude Code can leak secrets in public npm packages

Hundreds of packages could have exposed API keys and logins after Claude Code saved approved commands in a file npm may publish by default.

By Shannon Williams 4 min read Last month
LevelBlue warns of GhostOps risk from rogue AI agents
Data Protection

LevelBlue warns of GhostOps risk from rogue AI agents

Unapproved AI agents are already exposing firms to hidden security gaps, with LevelBlue saying many are running tools without oversight.

By Joseph Gabriel Lagonsin 4 min read Last month
AI coding speeds up, but security teams fall behind
DevOps

AI coding speeds up, but security teams fall behind

Security teams are struggling to review surging AI-generated code, with 62% saying the workload is getting harder to manage.

By Shannon Williams 4 min read Last month
Grafana Labs launches Grafana 13 with observability updates
Virtualisation

Grafana Labs launches Grafana 13 with observability updates

The release aims to ease log searching and dashboard management as engineering teams wrestle with rising telemetry volumes and system complexity.

By Sean Mitchell 4 min read Last month
Chainguard & Cursor tackle AI code supply chain risks
DevOps

Chainguard & Cursor tackle AI code supply chain risks

AI coding agents are increasing supply chain risk, prompting new controls to verify third-party dependencies before they reach production.

By Catherine Knowles 4 min read Last month
Tenable flags Microsoft GitHub workflow flaw exposing code
DevOps

Tenable flags Microsoft GitHub workflow flaw exposing code

A critical flaw in a widely used Microsoft code-sample repository could have let attackers steal secrets and run code through GitHub issues.

By Sean Mitchell 4 min read Last month
Vercel breach linked to compromised Context.ai integration
Multi-factor authentication

Vercel breach linked to compromised Context.ai integration

Customers were urged to rotate secrets after unauthorised access to Vercel systems exposed a limited set of credentials via a third-party AI tool.

By Kaleah Salmon 5 min read Last month
Identity crisis as machine accounts outnumber humans
Privileged Access Management

Identity crisis as machine accounts outnumber humans

Machines now account for most cloud identities, leaving firms exposed to faster attacks, over-privileged access and AI-driven risks.

By Shannon Williams 6 min read Last month
Orca Security flags AI secrets & supply chain gaps
Malware

Orca Security flags AI secrets & supply chain gaps

Leaked AI credentials and unpatched dependencies are leaving production systems exposed across US and European organisations, Orca Security said.

By Shannon Williams 4 min read Last month

Stories from Other Regions

Secrets Management stories

BeyondTrust expands identity security insights to Australia
Hybrid Cloud

BeyondTrust expands identity security insights to Australia

Local firms in regulated sectors can now keep identity security data onshore as scrutiny over machine and AI access intensifies.

By Mark Tarre 4 min read This month
Celerity acquires Ranger4 to boost automation & AI
DevOps

Celerity acquires Ranger4 to boost automation & AI

The deal strengthens Celerity's FinOps and secrets management offer as more businesses seek fewer suppliers for hybrid cloud control.

By Mark Tarre 4 min read Last month