"Nearly half of the exposed images contained five or more secrets each. Flare's November 2025 scan of Docker Hub found 10,456 container images with exposed keys across 205 distinct namespaces. After filtering for high and critical severity findings, researchers successfully identified 101 companies behind the leaks. The exposed credentials ranged from AI model access tokens to cloud infrastructure keys and database passwords."
"AI API keys emerged as the most frequently leaked credentials, with almost 4,000 exposed. This reflects how rapidly AI adoption has outpaced security controls in many organizations. Cloud provider credentials (AWS, Azure, GCP) appeared in 127 accounts, while database credentials surfaced in 89 accounts. What makes these exposures particularly dangerous is their scale. 42 percent of leaked images contained five or more secrets each. A single compromised container could potentially unlock an entire cloud environment, CI/CD pipeline and database infrastructure."
Flare's November 2025 scan of Docker Hub found 10,456 container images with exposed keys across 205 distinct namespaces. After filtering for high and critical severity findings, 101 companies were identified as affected. Exposed credentials included AI model access tokens, cloud provider keys (AWS, Azure, GCP), database passwords, and CI/CD secrets. AI API keys were the most frequently leaked, with almost 4,000 exposed. Cloud provider credentials appeared in 127 accounts and database credentials in 89 accounts. Forty-two percent of leaked images contained five or more secrets. Many exposures originated from shadow IT and personal Docker Hub accounts, leaving organizations unaware until contacted.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]