A report from RedHunt Labs reveals the magnitude of the problem with thousands of exposed credentials and misconfigurations in the cloud.
Cybersecurity is facing a significant issue that does not require sophisticated attacks or zero-day vulnerabilities: sensitive data is already exposed on the Internet. A recent report from RedHunt Labs highlights how millions of digital assets are left vulnerable every day due to misconfigurations in the cloud, leaked credentials, and public code repositories.
The most alarming findings
The study conducted by RedHunt Labs over the last 24 hours reveals concerning figures about the amount of information accessible to the public without its owners’ knowledge:
- 11.5 million public repositories on DockerHub with incorrect configurations.
- 287,900 exposed Postman environments, revealing errors in APIAn API, short for “Application Programming Interface” configurations.
- Thousands of unprotected storage buckets and cloud databases.
- 28 million new subdomains detected, expanding the attack surface.
- 3,288 leaked credentials, including API keys, cloud credentials, and authentication tokens.
- 750,000 corporate code commits containing business email addresses, many with sensitive data.
- Billions of IP addresses mapped daily, revealing unprotected infrastructures.
These numbers reflect a security crisis that is expanding in real-time, exposing assets that can be exploited by cybercriminals without the need for launching complex attacks.
A silent and constantly evolving attack
The report highlights a concerning fact: attackers have changed their strategy. Instead of resorting to sophisticated intrusion techniques, they focus on collecting exposed credentials, unprotected cloud storage, and services that companies have forgotten to monitor. This change in approach reduces the necessity of exploiting vulnerabilities, as the information is already available without restrictions.
Companies continue to invest billions in securing their internal networks, but their reliance on SaaS platforms and cloud services leaves cracks that endanger critical business data.
Unlearned lessons: GitHub and GitLab remain a danger
Despite large-scale security incidents in recent years, mistakes persist:
- 141 million commits on GitHub in the last 30 days, many containing exposed secrets.
- 665.2 million commits on GitLab and 413,000 on BitBucket, confirming that source code remains a source of leaks.
These numbers indicate that companies have yet to take effective measures to prevent confidential information from ending up in public repositories, creating a latent risk of data theft and credential exploitation.
Real-time tracking of the attack surface
To address this crisis, RedHunt Labs has developed the Internet Attack Surface Dashboard, a real-time monitoring system that allows the identification of exposed assets before they are exploited by malicious actors. Such tools have become essential for security teams looking to mitigate the impact of these leaks before they escalate into massive data breaches.
A call to action for the cybersecurity community
The report concludes with a warning from Shubham Mittal, CEO of RedHunt Labs:
“Companies focus on preventing external attacks, but they fail to realize that they are already leaking sensitive data. The next big breach won’t come from an advanced vulnerability, but from exposed credentials, unprotected APIs, and forgotten cloud assets.”
This landscape demands closer collaboration among security researchers, companies, and regulatory bodies to mitigate these risks. RedHunt Labs encourages the cybersecurity community to engage in analyzing these exposures and help organizations become aware of the magnitude of the problem.
Highlighted cases
Some recent examples of discovered leaks include:
- Exposure of a GitHub token from Mercedes-Benz, detected by RedHunt Labs.
- Leak of the DeepSeek database, uncovered by the cybersecurity firm Wiz.
Conclusion
Security in the cloud and the exposure of credentials continue to be weak points in corporate cybersecurity. The research from RedHunt Labs emphasizes the need for continuous vigilance and the adoption of stricter practices to protect critical information in a world where data leaks have become a daily issue.
For more information about the full study and recommended actions, the complete report can be accessed at RedHunt Labs or by contacting their research team.