KeyLeak Blog

Field notes on leaks that static tools miss

Runtime secret scanning, exposed API keys, and BaaS (Supabase/Firebase) security — researched, sourced, and written for people who ship.