<ul><li>Since 2021, security researcher Bill Demirkapi has identified over 15,000 developer secrets, including passwords and API keys, and exposed vulnerabilities on 66,000 websites using unconventional data sources.</li><li>His efforts, revealed at Defcon, uncovered sensitive data from entities such as Nebraska’s Supreme Court, Stanford University, and OpenAI customers. Demirkapi’s methods involve scanning massive data repositories like VirusTotal for leaked credentials and dangling domains.</li><li>While Demirkapi alerted some companies, limitations exist in broader reporting mechanisms, particularly with platforms like GitHub and Amazon Web Services. His work highlights the need for innovative strategies to enhance online security.</li></ul>

Thousands of Corporate Secrets Were Left Exposed. This Guy Found Them All

Discover more