Identity

SpyCloud report reveals surge in exposed API keys and machine identities

(Adobe Stock)

A new report from SpyCloud highlights a significant increase in exposed API keys, session tokens, and machine identities. The analysis, which examined data from the criminal underground, found a 23% rise in recaptured identity records, now totaling 65.7 billion. Attackers are increasingly targeting non-human identities alongside traditional credentials, with further coverage provided by HackRead.

The 2026 Identity Exposure Report details a growing attack surface involving non-human identities (NHIs), with 18.1 million exposed API keys and tokens captured in 2025. These NHIs, often lacking multi-factor authentication and possessing broad permissions, provide attackers with persistent access to critical systems and supply chains. Phishing remains a major enterprise threat, with nearly half of the 28.6 million phished identity records belonging to corporate users.

The report also notes the continued prevalence of session theft and multi-factor authentication bypass techniques, with 8.6 billion stolen cookies and session artifacts recovered. Infostealer malware also continues to be a significant source of identity exposure, with over 642.4 million credentials recovered from 13.2 million infections.

Source: HackRead

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds