Secret leaks in open source and proprietary code repositories are becoming increasingly common, with over 10 million secrets leaked across GitHub repositories in 2022 alone. Malicious actors are using bots to automatically crawl repositories, making it easy for them to discover exposed credentials, tokens, and API keys. To prevent this, software development teams can use tools for secret scanning and prevention, such as pre-commit hooks that block commits with hardcoded secrets, or continuous monitoring systems that notify developers of leaks. It's also essential to rotate exposed secrets immediately and manage them responsibly moving forward, by promoting developer best practices, establishing end-to-end security, and adopting a holistic secret management solution.