"35% of Exposed API Keys Still Active, Posing Major Security Risks"

The company Nightfall AI found that secrets such as passwords and Application Programming Interface (API) keys were most often found in GitHub. Every year, about 350 total secrets are exposed per 100 employees. Thirty-five percent of the discovered API keys were still active, increasing vulnerability to privilege escalation attacks, data leaks, and breaches. Companies that have adopted modern cloud, Software-as-a-Service (SaaS), and generative Artificial Intelligence (GenAI) environments have only recently begun to understand the hidden risks of secret sprawl, which occurs when sensitive information such as API keys or passwords are spread to apps, files, and messages where it does not belong. This article continues to discuss key findings from Nightfall AI's annual "State of Secrets Report."

Help Net Security reports "35% of Exposed API Keys Still Active, Posing Major Security Risks"

Submitted by grigby1

Submitted by Gregory Rigby on