SpyCloud report reveals surge in exposed API keys and machine identities
Overview
A recent report from SpyCloud reveals a significant rise in the exposure of non-human identities, specifically API keys and tokens, which reached 18.1 million in 2025. This surge increases the risk for organizations as these exposed credentials can be exploited by attackers to gain unauthorized access to systems. The findings emphasize the need for companies to enhance their security measures around API usage and management, as these keys are often overlooked in traditional security protocols. The report serves as a crucial reminder for businesses to audit their API security practices and monitor for any potential breaches or misuse. Failure to address these vulnerabilities could lead to severe data breaches and operational disruptions.
Key Takeaways
- Affected Systems: API keys, tokens
- Action Required: Companies should implement stricter API key management practices, including regular audits and rotation of keys, to mitigate the risk of exposure.
- Timeline: Newly disclosed
Original Article Summary
The 2026 Identity Exposure Report details a growing attack surface involving non-human identities (NHIs), with 18.1 million exposed API keys and tokens captured in 2025.
Impact
API keys, tokens
Exploitation Status
The exploitation status is currently unknown. Monitor vendor advisories and security bulletins for updates.
Timeline
Newly disclosed
Remediation
Companies should implement stricter API key management practices, including regular audits and rotation of keys, to mitigate the risk of exposure.
Additional Information
This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.
Related Topics: This incident relates to Data Breach.