The State of Secrets Sprawl 2025 report by GitGuardian reveals a concerning increase in the exposure of sensitive credentials, with 23.8 million secrets leaked on public GitHub repositories in 2024, marking a 25% rise from the previous year. Despite efforts by GitHub Push Protection to mitigate the issue, secrets sprawl continues to worsen, particularly with generic secrets, which comprise 58% of all leaked credentials. Alarmingly, 70% of secrets leaked in 2022 are still active, expanding the attack surface for malicious actors, as demonstrated by a breach in the U.S. Treasury Department traced back to a leaked API key. The report highlights that private repositories are not immune, with 35% containing plaintext secrets, posing significant risks. It further emphasizes that secrets exposure extends across the entire software development lifecycle, affecting collaboration tools and container environments. GitGuardian urges organizations to adopt comprehensive secrets management strategies, including real-time monitoring, centralized detection, and improved security practices, to prevent and remediate credential leaks effectively.