Image: Unsplash
Research by Wiz shows that industry titans, with combined valuations exceeding $400 billion, have left the equivalent of their front doors propped open.
Research found that 65% of the world’s most valuable AI firms accidentally exposed their most sensitive digital secrets on GitHub.
These are industry titans with combined valuations exceeding $400 billion, leaving the equivalent of their front doors propped open. API keys, authentication tokens, and credentials that could grant access to private models, training data, and internal systems sat in plain sight on the world’s most popular code repository.
Research by the wizards at Wiz found these exposed secrets buried in deleted repositories and developer forks, places most security scanners never touch. The implication is hard to miss, a long-standing blind spot at the very core of the AI boom.
The leaked material reads like a cybercriminal’s shopping list. Among the most damaging discoveries were Langsmith API keys providing organization level access and enterprise tier ElevenLabs credentials found in plaintext files, uncovered as researchers combed through public repositories.
One anonymous AI company’s leaked Hugging Face token provided access to approximately 1,000 private AI models, plus multiple Weights and Biases keys that exposed proprietary training datasets.
One company with zero public repositories and just 14 team members still managed to leak sensitive credentials, while the largest company without exposed secrets maintained 60 public repositories and 28 organization members. Translation, size and GitHub visibility are not reliable signals of security maturity, a reality investors and customers should factor into any due diligence.
And this is not theoretical. These leaked credentials could expose organizational structures, training data, and private AI models, enabling competitive sabotage, IP theft, and supply chain attacks that spill into every business built on AI infrastructure.
At the root is a simple tension that keeps winning the day, speed versus security. This appears to be the underlying cause leading to cloud misconfigurations, inadequate secret management, and tooling gaps.
The field lives on rapid prototyping and share first, fix later habits. AI teams racing to prototype often store secrets in public repositories, with many missing even basic scanning of deleted forks or development notebooks.
Collaboration compounds the risk. Projects operate in loosely governed, experimentation driven environments with frequently shared notebooks, models, and repositories, exactly where security protocols buckle under the pressure of rapid iteration.
Here is the part that should make leaders wince, the communication breakdown. Nearly half of disclosure attempts either failed to reach their targets or received no response, Wiz discovered. Many organizations lack clear incident response channels, so exposed secrets stay active and exploitable for far too long.
The fallout is not your average breach scenario. AI leaks can disrupt multiple organizational levels simultaneously, technology, business, legal, ethical, and strategic competitiveness.
In AI, training data represents a precious commodity, a single leaked token can grant access to thousands of private models, enabling IP theft or model poisoning. That creates attack paths that traditional software never had to worry about. Compromise the training process, and you can undermine trust in deployed systems across entire product lines.
The wider backdrop adds urgency. GitHub reported over 39 million leaked secrets in 2024, a 67% increase from the previous year, and 70% of secrets leaked in 2022 remain active today. Old keys do not die, they linger, a slow burning fuse that attackers can light years later.
The findings land like a wake-up call for an industry that has prized shipping speed over basics. The findings suggest that as AI adoption accelerates, developers and CISOs will need to tighten oversight of development pipelines and secret storage practices.
The scope of exposure points to a glaring DevSecOps gap between AI startups and more mature technology firms, a gap that grows more dangerous as these companies handle sensitive data and deploy models into critical infrastructure.
It is recommended that companies implement mandatory secret scanning for public repositories, establish proper disclosure channels, and consider specialized detection for AI related credentials. Still, this moment demands more than incremental tweaks, it calls for a mindset shift in how AI teams build, share, and secure code during the sprint of collaborative prototyping.
A safer read. Vision AI Companion has officially launched across Samsung’s entire 2025 lineup, turning ordinary televisions into conversational AI assistants.
