Copilot-enabled repos are 40% more likely to contain API keys, passwords, or tokens — just one of several issues security ...