As the global race to build smarter, faster artificial intelligence intensifies, a new report by cybersecurity firm Wiz warns that many leading AI companies are neglecting basic security hygiene—putting valuable systems, data, and intellectual property at risk.
According to Wiz’s analysis of the top 50 AI firms, 65% had exposed sensitive information such as API keys, tokens, or other credentials on GitHub—often in repositories overlooked by conventional security tools. These leaks, the report says, could grant attackers direct access to private models, training data, and internal systems.
Glyn Morgan, Country Manager for the UK & Ireland at Salt Security, called such oversights “a preventable and basic error.” He added, “When AI firms accidentally expose their API keys, they hand attackers a golden ticket to systems and data—bypassing the usual defenses.”
Hidden Risks Beneath the Surface
Wiz found that the problem goes deeper than simple misconfigurations. The company described the situation as an “iceberg”, where visible risks represent only a fraction of the total threat. To uncover what lies beneath, Wiz used a new three-dimensional scanning approach they call “Depth, Perimeter, and Coverage”:
- Depth: Scanning the full commit history, forks, and deleted repositories—areas most scanners ignore.
- Perimeter: Extending analysis to organization members and contributors who might accidentally upload company secrets to personal repositories.
- Coverage: Searching for AI-specific secret types, such as credentials for Weights & Biases, HuggingFace, or Perplexity, that traditional tools often miss.
Among the incidents highlighted:
- LangChain reportedly leaked multiple LangSmith API keys, some with high-level permissions.
- A plaintext file revealed an enterprise-tier API key for ElevenLabs.
- One unnamed company exposed a HuggingFace token that unlocked around 1,000 private models, along with Weights & Biases keys linked to sensitive training data.
Collectively, the companies with verified leaks have a combined market valuation exceeding $400 billion—underscoring the scale of the risk.
Supply Chain Security Under Pressure
The report also warns that as large enterprises increasingly partner with AI startups, they may inherit their partners’ security flaws. In some cases, leaked credentials could expose not only internal assets but also the systems of downstream clients and collaborators.
Even more concerning, Wiz researchers said nearly half of their disclosure attempts failed—either because companies lacked a proper vulnerability reporting process or never responded.
How AI Firms Can Close the Gaps
Wiz recommends that security leaders take three immediate actions to manage internal and third-party risks:
- Treat employees as part of the attack surface. Enforce version control policies during onboarding, require multi-factor authentication, and keep personal and professional coding activity strictly separate.
- Go beyond basic repository scans. Adopt deep, perimeter, and coverage-level secret scanning to detect hidden exposures.
- Assess AI vendors rigorously. Demand transparency on how partners handle secrets management and vulnerability disclosure before integration.
The Bottom Line
The message from Wiz is clear: AI innovation cannot come at the cost of security. As companies rush to deploy generative AI tools and platforms, overlooking foundational safeguards could expose not only their own data—but the entire ecosystem that depends on it.
For both developers and enterprises, the race for AI dominance must now include a sprint toward better governance and stronger security practices.
