Back to News
Artificial Intelligence

Secrets Sprawl 2026: GitGuardian Warns CISOs of Soaring AI Credential Leaks

CyberSecurityWaala 21 hours ago Mar 30, 2026
Secrets Sprawl 2026: GitGuardian Warns CISOs of Soaring AI Credential Leaks

Secrets sprawl kept accelerating in 2025. GitGuardian said the problem outpaced most teams’ expectations. The company’s State of Secrets Sprawl 2026 report analyzed billions of commits and telemetry. It found 29 million new hardcoded secrets in 2025 alone. That is a 34 percent year-over-year increase and the largest single year jump on record.

What the report shows

First, AI changed where and how credentials leak. GitGuardian found AI-related services drove an 81 percent rise in leaks. The firm detected 1,275,105 leaked secrets tied to AI services in 2025. Eight of the ten fastest-growing categories of leaked secrets were AI related. The growth is not limited to well-known API keys. GitGuardian flagged large increases in retrieval APIs, orchestration tools, and managed backends. The conclusion is simple. Every new AI integration adds machine identities and widens the attack surface.

Second, internal systems are far more exposed than teams realize. GitGuardian found that 32.2 percent of internal repositories contained at least one hardcoded secret. Public repositories had 5.6 percent. Internal repos host CI tokens, cloud credentials, and database passwords. The report warns that security through obscurity has failed and that internal repos must be treated as primary leak sources.

Third, a large share of leaks never touch source code. GitGuardian reported that 28 percent of incidents in 2025 originated entirely outside code. Slack, Jira, Confluence, and other collaboration tools were common leak vectors. The firm noted these collaboration leaks were more severe. Fifty-six point seven percent of secrets found only in collaboration tools were rated critical, compared to 43.7 percent for code-only incidents. If teams only scan repositories, they miss a quarter of their exposure.

Where leaks concentrate

  • Self-hosted GitLab instances and Docker registries exposed secrets at three to four times the rate of public GitHub, GitGuardian said. The company discovered thousands of unintentionally exposed instances and scanned 80,000 credentials, with 10,000 still valid.
  • Docker images were especially concerning. GitGuardian warned that 18 percent of scanned Docker images contained secrets and 15 percent of those secrets were valid.
  • Long-lived credentials persist. GitGuardian retested secrets that were valid in 2022 and found 64 percent remained exploitable four years later. The report bluntly states, “Detection is not remediation.”

Developer endpoints are now a major credential aggregation layer. GitGuardian analyzed a supply chain incident and reported data from 6,943 systems. The firm found 294,842 secret occurrences corresponding to 33,185 unique secrets. Each live secret appeared in multiple locations on the same machine. Secrets were scattered across .env files, shell history, IDE configs, cached tokens, and build artifacts. The report also noted that 59 percent of compromised systems were CI/CD runners. Once secrets reach build infrastructure, they become an organizational problem, not an individual one.

New AI frameworks also added risk. GitGuardian found 24,008 unique secrets in Model Context Protocol-related config files on public GitHub. The company verified 2,117 of those as valid. The report warns that agentic AI adoption encourages putting credentials into config files and local JSON. That trend is outpacing controls.

What to do now

GitGuardian recommends a shift from detection-only to continuous non-human identity governance. The report lists three critical questions every program must answer at scale. What non-human identities exist in my environment? Who owns them? What can they access? The firm urges organizations to eliminate long-lived static credentials where possible. It also recommends adopting short-lived identity-based access, default secrets vaulting, and lifecycle management for every service account, CI job, and AI agent.

Remediation must be routine, owned, and automated. GitGuardian said rotation and revocation are not routine in most organizations. The firm warned that many teams avoid rotation because they fear breaking production. The report calls for safe, repeatable workflows that rotate credentials without downtime.

The lesson is clear. Secrets sprawl will not slow while AI adoption and distributed delivery expand. GitGuardian’s analysis makes the case for broader visibility across internal repos, collaboration tools, container registries, and developer endpoints. It also makes the case for treating secrets as governed identities rather than isolated incidents.

#SecretsSprawl #GitGuardian #Cybersecurity #AIsecurity #CISO #NonHumanIdentity