DZone
Image is sourced from DZone’s Twitter
As a developer, I admit that I’ve committed secrets to public Github repositories before. Hardcoded secrets have always been a problem in organizations and are one of the first things I look for during a penetration test. When developers write secrets such as passwords and API keys directly into source code, these secrets can make their way to public repositories or application packages, then into an attacker’s hands.
Source: DZone