TL;DR
GitGuardian reports 29 million secrets exposed on GitHub with an 81% surge in AI service leaks, while researchers discover data leak risks in AWS Bedrock AI tools. Meanwhile, the FBI investigates Steam games distributing malware that drained cryptocurrency wallets, and new phishing campaigns use real-time chat to impersonate major brands.
The combination of 29 million exposed secrets on GitHub (81% increase in AI service leaks), FBI investigations into Steam malware campaigns, and AWS Bedrock data leak vulnerabilities represents significant active threats to enterprise and consumer security.
The past week delivered a barrage of data exposure incidents spanning cloud secrets, gaming platforms, and AI infrastructure. From millions of leaked API keys to crypto wallet theft disguised as game cheats, the attack surface continues expanding across digital ecosystems.
GitGuardian's latest research reveals a staggering 81% increase in AI service credential leaks, with 29 million secrets now exposed across public GitHub repositories. The surge reflects the rapid adoption of AI services without corresponding improvements in secrets management practices.
The exposed credentials include API keys for major AI platforms, potentially granting unauthorized access to expensive computational resources and sensitive training data. Organizations deploying AI services at scale face mounting risks as developers inadvertently commit authentication tokens to public code repositories.
The FBI has launched investigations into multiple Steam games containing hidden malware designed to steal browser data and drain cryptocurrency wallets. The campaign operated between May 2024 and January 2026, targeting gamers through seemingly legitimate game downloads.
The malware specifically targeted cryptocurrency wallet files and browser-stored credentials, demonstrating the gaming ecosystem's value as an attack vector for financial crime. The FBI's involvement signals the scale and impact of these operations on victims.
Security researchers identified a significant data leak vulnerability in AWS Bedrock's AgentCore Code Interpreter sandbox environment. The flaw allows malicious actors to exfiltrate sensitive cloud data through DNS queries, bypassing intended security boundaries.
The vulnerability highlights emerging risks in AI infrastructure, where sandboxing mechanisms may not adequately contain data flows. Organizations using AWS Bedrock for processing sensitive information should review their data handling procedures and network monitoring capabilities.
A new campaign distributes Vidar 2.0 infostealer malware through fake game cheats posted on GitHub and Reddit. The operation specifically targets younger gamers who may be more likely to ignore security warnings when downloading unofficial game modifications.
The malware harvests cryptocurrency wallets, login tokens, and files from infected systems. The campaign leverages trusted platforms like GitHub to appear legitimate, exploiting the gaming community's willingness to download third-party tools.
Cofense researchers documented a sophisticated phishing operation using LiveChat functionality to impersonate Amazon and PayPal customer service representatives in real-time. The attackers engage victims through live chat sessions to harvest credit card details and multi-factor authentication codes.
The campaign's real-time interaction component significantly increases its effectiveness compared to traditional static phishing pages. Victims receive immediate responses to their queries, creating a more convincing impersonation of legitimate customer service interactions.
The Department of Justice announced Adobe will pay $150 million to settle allegations of deceptive subscription practices, including hidden cancellation fees buried in terms of service documentation. While not a traditional data breach, the case highlights how organizations can exploit user interface design to extract unauthorized payments.
The settlement demonstrates regulatory enforcement extending beyond data protection into broader consumer protection areas affecting digital services.
Troy Hunt's Weekly Update 495 detailed the technical evolution of Have I Been Pwned from a simple website with 150 million email addresses to a complex distributed system handling massive breach datasets. The post provides insights into scaling breach notification services as the volume and complexity of data breaches continue growing.