Leading AI companies keep leaking their own information on GitHub

Quick summary

- Researchers find 65% of the Forbes top 50 AI companies are leaking secrets

- These come in the form of tokens, API keys, and sensitive credentials

- Wiz used a '‘Depth, Perimeter, and Coverage' approach to spot leaks

According to Forbes, top 50 leading AI companies as a benchmark, the experts uncovered nearly two-thirds (65%) of these top AI firms were leaking verified secrets on GitHub. These tokens, sensitive credentials, and API keys were found buried deep in places most researchers and scanners would never encounter, like deleted forks, developer repos, and gists.