The State of Secrets Sprawl 2026: 9 Takeaways for CISOs

Staff Editor 2026-03-30
The State of Secrets Sprawl 2026: 9 Takeaways for CISOs

The State of Secrets Sprawl 2026: 9 Takeaways for CISOs

https://thehackernews.com/2026/03/the-state-of-secrets-sprawl-2026-9.html

Publish Date: 2026-03-30 07:30:00

Source Domain: thehackernews.com

Secrets sprawl isn’t slowing down: in 2025, it accelerated faster than most security teams anticipated. GitGuardian’s State of Secrets Sprawl 2026 report analyzed billions of commits across public GitHub and uncovered 29 million new hardcoded secrets in 2025 alone, a 34% increase year over year and the largest single-year jump ever recorded.

This year’s findings reveal three core trends: AI has fundamentally reshaped how and where credentials leak, internal systems are far more exposed than most organizations realize, and remediation continues to be the industry’s Achilles heel.

Here are nine strategic takeaways that matter.

1. Secrets are growing faster than the developer population

Since 2021, leaked secrets have grown 152%, while GitHub’s public developer base expanded 98%. More developers and more AI-assisted code generation mean more credentials in circulation, and detection alone can’t keep pace.

2. AI services drove 81% more leaks year over year

GitGuardian detected 1,275,105 leaked secrets tied to AI services in 2025, up 81% from 2024. Eight of the ten fastest-growing categories of leaked secrets were AI-related. This isn’t just about OpenAI or Anthropic keys. The real explosion is happening in LLM infrastructure: retrieval APIs like Brave Search (+1,255%), orchestration tools like Firecrawl (+796%), and managed backends like Supabase (+992%). Every new AI integration introduces another machine identity, and each one expands the attack surface. Deploying AI safely requires a proper secrets security strategy.

3. Internal repositories are 6x more likely to leak than public ones

While public GitHub gets the attention, internal repositories are where the highest-value credentials live. GitGuardian’s research found that 32.2% of internal repos contain at least one hardcoded secret, compared to just 5.6% of public repos. These aren’t test keys. They’re CI/CD tokens, cloud access credentials, and database passwords, the exact assets attackers target once they…

Source

More Stories

Opal Security Raises Million for AI-Native Identity Governance

Opal Security Raises $23 Million for AI-Native Identity Governance

Staff Editor 2026-06-06
Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI

Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI

Staff Editor 2026-06-06
Franklin Student is a Cyber Security Champ at Bridgewater State

Franklin Student is a Cyber Security Champ at Bridgewater State

Staff Editor 2026-06-06

Terms and Conditions - Privacy Policy