hardcoded-credentials
Safeguard articles tagged "hardcoded-credentials" — guides, analysis, and best practices for software supply chain and application security.
5 articles
What Are Hardcoded Credentials
Hardcoded credentials are secrets baked into code instead of a vault. Toyota, Uber, and Samsung breaches show why that risk never expires on its own.
Hardcoded credentials vulnerabilities explained
Hardcoded credentials (CWE-798) have caused real breaches at Uber, Toyota, and Mercedes-Benz. Here's how they happen, how common they are, and how to fix them.
Best secrets detection tools for source code repositories
A practical, no-hype comparison of secrets detection tools for source code repos — evaluation criteria, five real vendors reviewed fairly, and how Safeguard fits in.
SolarWinds Web Help Desk CVE-2024-28987: Hardcoded Credential in Federal Networks
SolarWinds shipped a hardcoded helpdeskIntegrationUser credential in Web Help Desk that CISA added to KEV on October 15, 2024 after federal agency intrusions.
Atlassian Questions for Confluence CVE-2022-26138: A Hardcoded Password That Gave Away the Keys
CVE-2022-26138 exposed a hardcoded password in the Questions for Confluence app, granting unauthenticated access to Confluence data. A preventable disaster.