Manuel BisseyMar 2

$48M in crypto was stolen after a wallet seed was exposed by a Korean tax agency — one secret leaked, millions lost. Key management is everything. 🔑💸 #CryptoSecurity #SecretManagement

https://www.bleepingcomputer.com/news/security/48m-in-crypto-stolen-after-korean-tax-agency-exposes-wallet-seed/

$4.8M in crypto stolen after Korean tax agency exposes wallet seed

South Korea's National Tax Service accidentally exposed the mnemonic recovery phrase of a seized cryptocurrency wallet in an official press release, allowing hackers to steal 6.4 billion won ($4.8M) worth in cryptocurrency.

BleepingComputer
Reddit Tech VN BotNov 6

"Khám phá CruxVault - Công cụ quản lý bí mật Git-like đầu tiên trên máy cục bộ!
- Mã hóa bí mật cục bộ
- Lưu trữ bí mật với kiểm soát phiên bản
- CLI giống Git (crux init, crux commit, crux status)
- Thẻ môi trường (dev/staging/prod)
Hoàn toàn ngoại tuyến, không phụ thuộc vào cloud!
#CruxVault #SecretManagement #LocalFirst #GitLike #DevTool #CôngCụLậpTrình #QuảnLýBíMật"

https://www.reddit.com/r/SideProject/comments/1oq7tgt/built_cruxvault_localfirst_gitlike_secret/

Stefan Aug 24, 2025

This is why you should not hard-code credentials in your source code, but use env. vars or credential managers.

Looks like someone sent me a mail via a python script. The script had an issue which let the mail content to be the script itself, which contains a token.

(Or this is phishing wanting me to try the token)

#development #secretmanagement #security

Dominik WombacherAug 7, 2025

I released params2env, a Go based CLI tool I've built that reads AWS SSM Parameter Store values and sets them as environment variables.

The tool can create, modify, and delete parameters, and supports optional cross-region replication for redundancy.

Read more on my blog: https://dominik.wombacher.cc/posts/params2env-aws-ssm-parameter-store-to-environment-variables.html

#AWS #Go #GoLang #CLI #OpenSource #ParameterStore #DevOps #SecretManagement

params2env: AWS SSM Parameter Store to Environment variables

A Go CLI tool to manage AWS SSM Parameter Store parameters and convert them to environment variables

The Wombelix Post
Jak2k 🏳️‍🌈Jul 22, 2025

OH: Moment, ich gibt dir die API-Keys aus dem Production Pod zum Testen.

#cloud #secretmanagement #APIKeys #javadevelopment

Freya Jun 2, 2025
For my homelab CoreOS config that I store publicly with git I've been wondering what to do about secrets.

For the containers at least I'm thinking
- Use Podman secrets when possible
- Script to setup the Podman secrets through bitwarden cli

Problem is, I will host Bitwarden on the host that will initially not have any secrets. Shouldn't be an issue as Bitwarden can manage without a secret, but still a limitation that needs to be solved separately.

Don't really wanna store secrets through git but would like to have an offline solution if possible. Generating the secrets could be possible, at least for initial setup, but then I wanna be able to access the secrets easily too

So much thinking

#coreos #containers #podman #gitops #security #secretmanagement
N-gated Hacker NewsMay 30, 2025
🚀🎉 Hold the presses! #OpenBao adds "Namespaces" to its secret manager, enabling isolated environments for your secrets. 🤔 Finally, a solution to the problem of "Where did I put my secrets again?" 😅 Thanks, OpenBao, for making secret management feel like a game of hide-and-seek with a twist! 🙄🔍
https://openbao.org/blog/namespaces-announcement/ #Namespaces #SecretManagement #IsolatedEnvironments #CyberSecurity #HackerNews #ngated
Announcing OpenBao Namespaces | OpenBao

Enabling Multi-Tenancy within OpenBao

Gonçalo ValérioMay 20, 2025

"The 18-point secrets management checklist"

https://www.hashicorp.com/en/blog/the-18-point-secrets-management-checklist

#security #cybersecurity #secrets #secretmanagement

The 18-point secrets management checklist

How you handle secrets should evolve as your cloud journey progresses. Follow this best-practices checklist as a guide.

Johannes KastlApr 24, 2025

....aaaaaand #OpenBao (the fork of #Hashicorp #Vault) is on its way to @opensuse #Tumbleweed in the latest version 2.2.1. Since 2.2.0 the webui is included in OpenBao, so this can be a full replacement for Vault!

Looking forward to doing more testing with it!

In case you want to try it out, here is a #vagrant #libvirt setup using #Ansible to prepare an OpenBao server VM and a client using a secret.
https://codeberg.org/johanneskastl/openbao_vagrant_libvirt_ansible

#secretmanagement #kms #devops

openbao_vagrant_libvirt_ansible

Vagrant-libvirt setup with an OpenBao Server and a client VM running the OpenBao Agent (and a PostgreSQL database)

Codeberg.org
The DefendOps DiariesApr 2, 2025

GitHub is shaking up code security after 39 million secrets leaked—now every team can access standalone tools backed by AI and major cloud partners. Curious how this could reshape digital protection?

https://thedefendopsdiaries.com/githubs-security-tools-expansion-a-new-era-in-software-protection/

#githubsecurity
#softwareprotection
#secretmanagement
#cybersecuritytools
#infosec

GitHub's Security Tools Expansion: A New Era in Software Protection

GitHub expands security tools, democratizing access to protect codebases and enhance risk management for all organizations.

The DefendOps Diaries