Study Reveals Limitations of Traditional Vulnerability Scanners in Detecting Exposed Secrets in JavaScript Bundles

A study conducted by Intruder's research team analyzed the limitations of traditional vulnerability scanners in detecting exposed secrets within JavaScript bundles. By developing a new method for detecting sensitive tokens, the team scanned 5 million applications, uncovering leaks of API keys and other critical information. The issue persists despite known risks associated with such exposures. No specific date or additional technical details about the method were provided.