The Persistence Problem: Why Exposed Credentials Remain Unfixed—and How to Change That thehackernews.com/2025/05/t…

Detecting leaked credentials is only half the battle. The real challenge—and often the neglected half of the equation—is what happens after detection. New research from GitGuardian’s State of Secrets Sprawl 2025 report reveals a disturbing trend: the vast majority of exposed company secrets discovered in public repositories remain valid for years after detection, creating an expanding attack surface that many organizations are failing to address.

According to GitGuardian’s analysis of exposed secrets across public GitHub repositories, an alarming percentage of credentials detected as far back as 2022 remain valid today.

This persistent validity suggests two troubling possibilities: either organizations are unaware their credentials have been exposed (a security visibility problem), or they lack the resources, processes, or urgency to properly remediate them (a security operations problem). In both cases, a concerning observation is that those secrets are not even routinely revoked, neither automatically from default expiration, nor manually as part of regular rotation procedures.