Hackers are increasing scans for leaked Git configuration files, which can expose sensitive data like tokens and credentials. A report by GreyNoise highlighted a surge in scans from April 20-21, 2025, with nearly 4,800 unique IPs detected, predominantly from Singapore, the U.S., and Germany. These exposed Git files often lead to significant security breaches, allowing unauthorized access to cloud services and repositories. To mitigate risks, experts recommend blocking access to .git/ directories and monitoring logs for suspicious activity.
Hackers Ramp up Scans for Leaked Git Tokens and Secrets
