Credentials

• AI Tooling Doubles the Credential Leak Rate: Secrets Sprawl 2026 March 17, 2026

  GitGuardian's 2026 report: 28.65 million hardcoded secrets on public GitHub, 81% surge in AI-service credential leaks, Claude Code commits leaking at double the baseline rate, and 24,000 secrets exposed in MCP config files. The leak surface has grown with the tooling surface.

• The Cascade Problem: How One Breach Seeds the Next March 15, 2026

  Two incidents this week -- the Drift → Telus Digital credential chain and the AppsFlyer SDK poisoning -- share one structural pattern: a trusted third-party tool becomes the access vector for the next attack. Your blast radius is no longer bounded by your own perimeter.