Cybernews

Researchers find hundreds of exposed API keys providing access to AWS, GitHub, Stripe, and OpenAI

The exposed keys belonged to major service providers such as AWS, Stripe, and GitHub, and the potential damage ranged from ...
Infosecurity-magazine.com

Vibe-Coded Moltbook Exposes User Data, API Keys and More

A self-styled social networking platform built for AI agents contained a misconfigured database which allowed full read and write access to all data, security researchers have revealed. Moltbook was ...
Bleeping Computer

Previously harmless Google API keys now expose Gemini AI data

Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI assistant and access private data. Researchers found nearly 3,000 such ...
Dark Reading

Cybercrooks Scrape OpenAI API Keys to Pirate GPT-4

Yesterday, moderators of the r/ChatGPT Discord channel banned a script kiddie who was freely sharing stolen OpenAI API keys with hundreds of other users. API keys allow developers to integrate ...
CSOonline

Chrome extension privacy promises undone by hardcoded secrets, leaky HTTP

Chrome extensions were spotted leaking sensitive browser data like API keys, secrets, and tokens via unguarded HTTP transmissions and hardcoded spills. Seemingly harmless Chrome extensions aimed at ...
Forbes

How Attackers Are Using APIs To Target Your Business

In January 2023, a large telecommunications company suffered a breach, compromising over 37 million customer accounts. The criminals responsible gained access to an array of personally identifiable ...
InfoWorld

How to improve API security in ASP.NET Core

Take advantage of authentication and authorization, API keys, rate limiting, CORS, API versioning, and other recommended practices to build secure and robust APIs in ASP.NET Core. Because our APIs ...