Reading up on 1Password
5 deep · digging since nov 20, 25
- I found 10k GitHub repositories distributing Trojan malware
A researcher found 10,000 GitHub repositories distributing Trojan malware, likely targeting AI coding agents that automatically clone and run dependencies.
Takes
I told codex to use http://sag.sh whenever I'm distracted and it needs my help to be unblocked, and ever once it a while I hear it talking to me, and it's the coolest thing ever. (e.g. for releases, that needs npm and is 1Password-gated)
@steipete
Today we’re introducing 1Password® Unified Access. As AI agents start operating inside real production environments, organizations need visibility into how credentials and access are actually used. Unified Access helps security teams discover, secure, and audit access across humans, machines, and AI agents. 🔗 More here:
@1Password
The upcoming https://t.co/6SX7zmEyrA.creds will now also look for .env, which supports command interpolation, so you can fetch keys directly from 1password or the like in development: https://t.co/E3ueHDWGqj
@dhh
Tired of copy and pasting secrets into your .env file? There’s a better way.With 1Password Developer, you can now securely store, share, and mount your .env files — right inside the 1Password desktop app.No command-line setup. No plaintext secrets stored on disk. Just simple,… pic.twitter.com/OeOqqsIIvJ
@1Password