Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it

A prompt injection attack hit Claude Code, Gemini CLI, and Copilot simultaneously. Here's what all three system cards reveal ...
Krebs on Security

xAI Dev Leaks API Key for Private SpaceX, Tesla LLMs

Philippe Caturegli, “chief hacking officer” at the security consultancy Seralys, was the first to publicize the leak of credentials for an x.ai application programming interface (API) exposed in the ...
Techzine Europe

AI agents on GitHub leak API keys via prompt injection

Three popular AI agents on GitHub Actions are vulnerable to so-called "Comment and Control" attacks. These are Claude Code ...
ZDNet

Over 100,000 GitHub repos have leaked API or cryptographic keys

Roku TV vs Fire Stick Galaxy Buds 3 Pro vs Apple AirPods Pro 3 M5 MacBook Pro vs M4 MacBook Air Linux Mint vs Zorin OS 4 quick steps to make your Android phone run like new again How much RAM does ...

Agents hooked into GitHub can steal creds – but Anthropic, Google, and Microsoft haven't warned users

Exclusive: Researchers who found the flaws scored beer money bounties and warn the problem is probably pervasive ...
Krebs on Security

DOGE Denizen Marko Elez Leaked API Key for xAI

Marko Elez, a 25-year-old employee at Elon Musk’s Department of Government Efficiency (DOGE), has been granted access to sensitive databases at the U.S. Social Security Administration, the Treasury ...
Bleeping Computer

Over 12 million auth secrets and keys leaked on GitHub in 2023

GitHub users accidentally exposed 12.8 million authentication and sensitive secrets in over 3 million public repositories during 2023, with the vast majority remaining valid after five days. This is ...