Wired

Security News This Week: Discord Sleuths Gained Unauthorized Access to Anthropic’s Mythos

Plus: Spy firms tap into a global telecom weakness to track targets, 500,000 UK health records go up for sale on Alibaba, Apple patches a revealing notification bug, and more. Researchers have finally ...
GitHub

Weblate: Privilege escalation in the user API endpoint

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack vector: More severe the more the remote (logically and ...
CBSSports.com

Braylon Mullins was a natural in the role of hometown hero -- and UConn wrote a perfect script for him

INDIANAPOLIS -- The ultimate hero of UConn's game-clinching sequence in its 71-62 Final Four victory over Illinois on Saturday night inside Lucas Oil Stadium was a familiar one, as freshman phenom ...
IEEE

Endpoint Behavior Modelling from User Interaction Metrics via Unsupervised Deep Learning for Anomaly Detection

Even the most reliable modern authentication methods at endpoints, such as multi-factor authentication, lose their significance after the user session begins. After the first login, active sessions ...
TechSpot

A stolen Gemini API key turned a $180 bill into $82,000 in two days

AI Economy: A team of three developers in Mexico is facing a roughly 455× increase in monthly AI service expenses after an API key associated with their project was allegedly compromised. The key was ...
Infosecurity-magazine.com

Vibe-Coded Moltbook Exposes User Data, API Keys and More

A self-styled social networking platform built for AI agents contained a misconfigured database which allowed full read and write access to all data, security researchers have revealed. Moltbook was ...
CoinTelegraph

Viral AI assistant ‘Clawdbot’ risks leaking private messages, credentials

Misconfigured Clawdbot servers exposed API keys, private chats and credentials, cybersecurity researchers warn after the AI assistant surged in popularity Cybersecurity researchers have raised red ...
CPO Magazine

Third-Party Breach Leaks OpenAI’s API User Data

Artificial intelligence (AI) company OpenAI was impacted by a third-party breach affecting analytics company Mixpanel, exposing “limited” user data. “On November 9, 2025, Mixpanel became aware of an ...
Forbes

OpenAI Data Breach Exposes User Data. Here’s What To Do Immediately

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. A few days ago, on November 26th, right before Thanksgiving, OpenAI, the maker of ChatGPT, ...
Bleeping Computer

OpenAI discloses API customer data breach via Mixpanel vendor hack

OpenAI is notifying some ChatGPT API customers that limited identifying information was exposed following a breach at its third-party analytics provider Mixpanel. Mixpanel offers event analytics that ...
Ars Technica

ClickFix may be the biggest security threat your family has never heard of

Over the past year, scammers have ramped up a new way to infect the computers of unsuspecting people. The increasingly common method, which many potential targets have yet to learn of, is quick, ...