{"data":{"id":"4bf87090-c88c-42dc-8801-fb4d6b56de7d","title":"AI coding is fueling a secrets-sprawl crisis few CISOs are containing","summary":"AI-assisted coding is causing a rapid increase in leaked secrets (authentication credentials and API keys), with AI-related secrets exposed jumping 81% in 2025 alone, because developers prioritize speed and functionality over security reviews. When secrets are discovered, organizations should treat them as security incidents, immediately revoking or disabling the exposed credential, generating a new one, investigating system impact, performing cleanup, and hardening systems, followed by post-mortems to improve processes.","solution":"When a leaked secret is detected, organizations should: (1) activate their incident response process immediately; (2) revoke or disable the secret and generate a new one; (3) have the incident response team and R&D investigate the impact across systems and data; (4) perform cleanup and hardening; and (5) conduct post-mortems and implement necessary updates to systems or policies based on lessons learned. The source notes that the CISO office typically coordinates incidents while the R&D team owns actual revocation and cleanup.","labels":["security","industry"],"sourceUrl":"https://www.csoonline.com/article/4171954/ai-coding-is-fueling-a-secrets-sprawl-crisis-few-cisos-are-containing.html","publishedAt":"2026-05-18T09:00:00.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"info","attackType":[],"issueType":"news","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["Moltbook","Supabase","GitGuardian","WithSecure","Wiz"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-05-18T09:00:00.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["confidentiality","integrity"],"aiComponentTargeted":null,"llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}