Dan Goodin / Ars Technica:
GitGuardian: nearly 3K of the 450K projects submitted to PyPI exposed at least one credential in code, like API keys, including some from “very large companies” — Many transgressions come from “very large companies that have robust security teams.”
Lees verder op Tech Meme