Halo Security detects exposed secrets and API keys in JavaScript

From helpnetsecurity.com

Web properties are increasingly relying on third-party JavaScript to increase functionality, but this can also bring inherent risks.

A report from Source Defense, which scanned the 4,300 highest-trafficked websites globally, found an average of four third-party scripts per page. Often, these tags are added without proper security controls or oversight from security teams, giving attackers an easy way to find exposed API keys and breach sites.

Read more…