
GitHub now scans for exposed Resend API keys. Here is what teams should check
GitHub expanded secret scanning for Resend, APIclub, and VolcEngine credentials, with new webhook data and public monitoring insights.
Read analysisUseful context, practical decisions, and none of the launch-day noise.

GitHub expanded secret scanning for Resend, APIclub, and VolcEngine credentials, with new webhook data and public monitoring insights.
Read analysis
External collaborators can now join group conversations without a dedicated space, changing how teams handle guest access and context.
Read analysis
GitHub’s new default cooldown gives broken or compromised releases time to surface, while security updates continue immediately.
Read analysis
After a broken .al DNSSEC rollover, 1.1.1.1 began returning EDE 33 when a Negative Trust Anchor keeps names resolving.
Read analysis
GCPW can now enforce hardware keys as a second factor and accept nearby mobile passkeys over Bluetooth.
Read analysis
Security teams can now create, list, update, and delete custom detectors across repositories, organizations, and enterprises.
Read analysis
Smart Tiered Cache can now use an AWS, GCP, Azure, or Oracle Cloud region to avoid inefficient cross-continent origin routes.
Read analysis
Not every launch matters. These signals identify changes that can alter cost, risk, or daily work.
Read analysis