Summary:

  1. Extensive Exposure
    Security researcher Bill Demirkapi uncovered over 15,000 exposed developer secrets, including sensitive credentials from Nebraska’s Supreme Court and Stanford University.

  2. Vulnerable Websites
    Demirkapi found 66,000 websites with dangling subdomain issues, including a New York Times development domain, increasing their risk of attacks.

  3. Automated Response
    He developed an automated method for revoking compromised secrets and collaborated with companies like OpenAI to enable self-service deactivation.

Read more at: Defcon