Internal repos are 6x more likely to contain hardcoded secrets than public ones.

Leaks outside of the codebase are 13% more likely to be categorized as critical than secrets discovered inside the code.

Secrets found in self‐hosted, private GitLab instances and Docker registries were 3 to 4 times more likely to be valid.

28% of incidents originate entirely outside repositories—in Slack, Jira, Confluence, and similar tools.

Eight of the ten types of leaked secrets showing the sharpest increase year over year are tied to AI services.

LLM infrastructure (orchestration, retrieval augmented generation (RAG), vector storage) is leaking 5x faster than core model providers.

Developers who rely on Claude Code to produce code and co‐author commits leak secrets at 2x the baseline rate.

MCP servers exposed 24,000+ secrets in their first full year of adoption.