The JFrog Security Research team conducted an investigation using their new Secrets Detection feature within the JFrog Advanced Security solution, revealing thousands of publicly exposed, active API tokens. During their analysis, they scanned over eight million artifacts across popular open-source software registries like npm, PyPI, RubyGems, crates.io, and DockerHub to identify and verify leaked API tokens. They discovered that AWS, GCP, and Telegram tokens were the most frequently leaked, with AWS showing a higher rate of token revocation than GCP. While the initial aim was to address false positives, the extent of active secrets found exceeded expectations, prompting a deeper analysis and private disclosure to affected code owners for remediation. The study highlights the risks posed by exposed secrets, such as plaintext API keys and credentials, which can compromise software integrity by allowing unauthorized access to sensitive information. The research emphasizes the importance of securely storing tokens and outlines best practices for doing so in their detailed report on InfoWorld.