TL;DR: I scanned every public GitLab Cloud repository (~5.6 million) with TruffleHog, found over 17,000 verified live secrets, and earned over $9,000 in bounties along the way. This guest post by Security Engineer Luke Marshall was developed through Truffle Security's Research CFP program. Luke specializes in investigating exposed secrets across open-source ecosystems, a path that led him into bug bounty work and responsible disclosure. This is the last blog post in a two-part series exploring s...