23.77M Secrets Leaked by AI in 2024 – GitGuardian Report (blog.gitguardian.com)

In a striking report by GitGuardian, it was revealed that 28.65 million new hardcoded secrets were added to public GitHub commits in 2025, marking a 34% increase from the previous year and the largest annual surge recorded. This spike is attributed to the rapid integration of AI-assisted coding tools, which has democratized software development and increased GitHub activities significantly, resulting in 1.94 billion public commits and the acceleration of secret leaks. Notably, AI service secrets surged by 81%, with infrastructures related to AI leaking five times faster than core model providers, indicating a worrying trend as organizations struggle to manage the security risks inherent in faster software production. The report underscores an urgent need for improved secrets management, particularly as private repositories harbor even more hardcoded secrets than public ones, and reveals a staggering 64% of valid secrets from 2022 remain exploitable. As AI tools continue to penetrate development workflows, they create new vulnerabilities through local environments and collaboration tools, where secrets are easily mishandled during urgent tasks. As AI adoption accelerates, security teams must adopt a proactive approach focused on understanding and governing non-human identities within their infrastructure to mitigate the growing risks associated with secrets sprawl and ensure sustainable AI development.