Meet Aembit IAM for Agentic AI. See what’s possible →

TRY AEMBIT
Blog
Blog
Blog
X

Blog

Tag: Breaches

A blurred software error message on a computer screen showing an exception response with a visible token value.

CrewAI GitHub Token Exposure Highlights the Growing Risk of Static Credentials in AI Systems

The exposure demonstrates how ordinary errors can reveal internal credentials and how stronger limits on scope and lifespan can contain the impact.
3 min read
Claude Code external UI.

Anthropic Disruption of an AI-Run Attack and What It Means for Agentic Identity

The incident demonstrates how autonomous behavior reshapes intrusion patterns when identity is not clearly assigned or enforced.
4 min read
Red Hat GitLab instance breach analysis with thumbnail of code on a laptop.

Red Hat’s GitLab Breach and the Cost of Embedded Credentials

The incident shows how repositories double as inadvertent credential stores, extending risk from vendors into customer environments.
3 min read
Businessperson interacting with CRM data.

When Salesforce Becomes a De Facto Credential Repository: Lessons from the Drift OAuth Breach

This malicious campaign demonstrates how long-lived token theft can become the first step in a much broader breach.
3 min read
Image of back of developer working at three computers.

GitHub Action tjactions/changed-files Supply Chain Breach Exposes NHI Risks in CI/CD

Long-lived credentials and secrets fueled the attack.
4 min read
Open physical lock sitting on a laptop keyboard.

OWASP’s Top Security Risks for Non-Human Identities and How to Address Them

We deep dive into the first-ever NHI threat list – exploring each risk, real-world breaches that prove the threat is real, and how to defend against them.
5 min read
Image of lock on top of computer hardware

BeyondTrust Breach Exposes API Key Abuse Risks

When a single API key compromise spiraled into a broader attack, it exposed how overlooked non-human identities can become gateways for escalating threats.
3 min read
malicious hacker carrying anonymous mask looking at servers

How to Defend Non-Human Identities from Infostealers

The identity layer’s most insidious threat is now setting its sights on a different group of targets. Here’s how to be ready.
4 min read
woman contemplating secrets managers alternatives as expressed by key icons

5 Secrets Manager Alternatives for Securing Non-Human Identities

Secrets managers offer value, but alternatives can help better secure non-human identities in complex, multi-cloud environments.
5 min read
Advance-Protection-Against-NHI-Breaches

How to Advance Breach Protection Against Non-Human Identity Threats in Workloads (Slide Show)

Sticky note security now plagues application and service connections, necessitating a shift to more mature workload access safeguards.
2 min read
Load More