Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

AI desktop assistants and coding tools need credentials to reach external services, and many of them store those credentials as plaintext JSON at predictable paths in the user's home directory. This research covers how credential storage works across 14 popular AI tools, where OS keychain integration is present or missing, and eight attack scenarios that turn that exposure into real risk, from malware-based theft to remote session hijacking to supply-chain compromise via MCP servers.

Built-in browser password managers are convenient. For enterprise secrets, convenience is not a security strategy. There are two kinds of password storage in the world: the kind that helps you log in to your favorite lunch-ordering site faster, and the kind that protects the credentials that can unlock your business. Sadly, many organizations treat both the same way.

Here's a number worth sitting with: the CIS Microsoft Windows 11 Enterprise Benchmark v4.0.0 is 1,364 pages long and covers more than 500 individual configuration settings. That's one operating system. Add your Linux servers, network devices, databases, and cloud workloads, and you're looking at a configuration surface area no team can stay on top of manually. A CIS benchmark tool solves that problem at scale.