Researchers from TruffleSecurity have identified more than 700 live API keys and passwords that were included in comments filed with pull requests and issues filed on GitHub.

https://trufflesecurity.com/blog/thousands-of-github-comments-leak-live-api-keys

https://files.mastodon.social/media_attachments/files/111/182/912/069/294/616/original/b7dcb9e4d1872555.webp