The Good Tech Companies - GitGuardian Reports an 81% Surge of AI-Service Leaks as 29M Secrets Hit Public GitHub
Episode Date: March 17, 2026This story was originally published on HackerNoon at: https://hackernoon.com/gitguardian-reports-an-81percent-surge-of-ai-service-leaks-as-29m-secrets-hit-public-github. ... In 2025, Developer Commits Using Claude Code Show 3.2% Secret Leak Rate vs. 1.5% Baseline. The Human Factor Remains Critical Check more stories related to cybersecurity at: https://hackernoon.com/c/cybersecurity. You can also check exclusive content about #cybersecurity, #gitguardian, #cybernewswire, #press-release, #cyber-security, #cyber-threats, #cyber-security-awareness, #good-company, and more. This story was written by: @cybernewswire. Learn more about this writer by checking @cybernewswire's about page, and for more stories, please visit hackernoon.com. GitGuardian releases 5th edition of its “State of Secrets Sprawl” report. Leaked secrets have been growing roughly 1.6× faster than the active developer population. Leak rates in AI-assisted code were roughly double the GitHub-wide baseline.
Transcript
Discussion (0)
This audio is presented by Hacker Noon, where anyone can learn anything about any technology.
Git Guardian reports an 81% surge of AI service leaks as 29M secrets hit public GitHub, by Cyber Newswire.
New York, New York, March 17, 2026, Cyber Newswire, in 2025, developer commits using ClaudeCode Show 3.
2% secret leak rate versus 1.5% baseline. The human factor remains critical Git Guardian,
the security leader behind GitHub's most installed application, today released the fifth edition of its
State of Secrets Sprawl, report, documenting how mainstream AI adoption in 2025 reshaped software
delivery and accelerated the exposure of non-human identities, NHIs, and their secrets across public
and internal systems. While the software ecosystem is growing quickly, leaked secrets are growing
faster, and remediation is not keeping up. The year software changed forever in 2025.
AI adoption permanently changed software engineering, plus 43% YoI increase in public commits,
growing at least two times faster than before.
Since 2021, secrets have been growing roughly 1, 6 times faster than the active developer
population.
Secret leak rates in AI assisted code were, on average across the year, roughly double
the GitHub wide baseline.
Together, these forces drove a plus 34% YOWI increase in newly leaked secrets on GitHub,
reaching approximately 29 million secrets detected overall, marking the largest single-year jump
ever recorded. Nine takeaways for CSOs securing non-human identities, NIH, exposed credentials
remain a major, repeatable path to compromise. In 2025, AI assistance increased the speed
of software creation and multiplied the number off tokens, keys, and service identities embedded
across modern stacks, without equivalent improvements in governance. AI assistants are
amplifying risk in new categories of credentials 1. ClaudeCode-Assisted commits leaked secrets at
approximately 3.2%. 2% 2 times the baseline. AI-assisted coding has democratized software
development, enabling developers without formal training to build applications quickly.
However, this accessibility comes with a security gap. Less experienced developers may lack
security awareness and can ignore AI warnings or explicitly prompt tools to include sensitive
information. These leaked secrets may ultimately reflect human mistakes, not just AI failures.
2. AI service credentials leaks are accelerating fastest. Leaks tied to AI services increased plus 81%
Y to 1,275,000, and are more likely to slip through protections built primarily for conventional developer
workflows. 3. MCP configuration risk is emerging. MCP server documentation often recommend
splicing credentials directly in configuration files rather than using safer client authentication patterns.
This contributed to 24,008 unique secrets exposed in the studied MCP configuration files.
AI expands the attack surface overnight for. Internal repositories remain the biggest exposure reservoir.
They are approximately six times more likely than public ones to contain hard-coded secrets.
Five, secrets sprawl extends beyond code. Approximately 28% of incidents are
originate from leaks in collaboration and productivity tools, not just repositories, where
credential scan be exposed to broader audiences, automations, and AI agents.
6. Developer machines are becoming part of the credential perimeter. As I agents gain deeper
local access, editors, terminals, files, credential stores, prompt injection in supply chain
style attacks. Shy Hulid, for example, can turn local secrets into organizational risk.
AI agents need local credentials to connect across systems, turning developer laptops into a massive
attack surface. We built our local scanning and identities inventory tool to protect them. Security
teams need to map out exactly which machines hold which secrets, surfacing critical weaknesses
like overprivileged access and exposed production keys, says Eric Farrier, Gittgardian's CEO
the industry is facing a growing debt and needs NHA governance, not just detection seven. Long-lived
secrets still dominate. Approximately 60% of policy violations are credentials that persist over time,
highlighting the slow transition toward ephemeral, least privilege access.
8. Prioritization is harder than it looks. Approximately 46% of critical secrets have no vendor
provided validation mechanism, requiring contextual signals, location, usage, downstream consumers,
and secrets managers to assess real-world exploitability.
9. Remediation is failing at scale. Sixty-four percent of valid secrets from 2022 are still
not provoked in 2026, most often because security teams lack the governance-needed Tochiva viable,
repeatable remediation path for any leaked secret. Git Guardian believes the next phase of security
programs must treat non-human identities as first-class assets, with dedicated governance,
context, and remediation automation across code and non-code surfaces. The full report is
available here about Git Guardian as an end-to-end NHI security platform that empowers software-driven
organizations to secure their non-human identities, NHIs, and comply with industry standards.
With attackers increasingly targeting NHIs, such as service accounts and applications,
Gid Guardian integrates secrets security and NHA governance. This dual approach enables the detection
of compromised secrets across your dev environments while also managing non-human identities
and their Secrets life cycles. The platform is the world's most installed GitHub application and supports
over 550 plus types of secrets, offers public monitoring for leaked data, and deploys honey tokens
for added defense. Trusted by over 600,000 developers, Git Guardian is the choice of leading
organizations like Snowflake, Ing, BASF, and Buig Telecom for robust secrets protection. For more information,
Users can visit www.
Git Guardian.
Com Contact PR partner Holly Hagerman Connect Marketing Holly at Connect Marketing.
Com this story was published as a press release by Chainwire under Hackernoon Business
Blogging Program disclaimer.
This article is for informational purposes only and does not constitute investment advice.
Cryptocurrencies are speculative, complex, and involve high risks.
This can mean high prices, volatility and potential loss of your initial investment.
You should consider your.
financial situation, investment purposes, and consult with a financial advisor before making any investment
decisions. The Hacker Noon editorial team has only verified the story for grammatical accuracy
and does not endorse or guarantee the accuracy, reliability, or completeness of the information stated in
this article. Hashtag D-Y-O-R thank you for listening to this Hacker Noon story, read by artificial
intelligence. Visit Hackernoon.com to read, write, learn and publish.