ClickUp Data Leak Exposes Enterprise Emails for Over a Year

A hardcoded ClickUp API key exposed hundreds of corporate and government emails for over a year, raising new SaaS security ...
Hosted on MSN

Cursor vulnerability raises risks for API key security

A severe vulnerability in the AI-powered development tool Cursor allows installed extensions to access locally stored API keys and session tokens without user action, according to LayerX researchers.
GIGAZINE

The API key that Google had announced as 'OK to publish' is also the Gemini authentication key, so there are a lot of websites that are leaking personal information

Google has stated that API keys for services like Firebase and Google Maps are 'safe to share,' but Truffle Security has discovered that the same keys can be used to access Gemini, the administrator's ...
CIO

‘Silent’ Google API key change exposed Gemini AI data

Google Cloud API keys, normally used as simple billing identifiers for APIs such as Maps or YouTube, could be scraped from websites to give access to private Gemini AI project data, researchers from ...

Hackers are exploiting a critical LiteLLM pre-auth SQLi flaw

Hackers are targeting sensitive information stored in the LiteLLM open-source large-language model (LLM) gateway by ...
Infosecurity-magazine.com

AI Surge Drives Record 1205% Increase in API Vulnerabilities

AI-driven API vulnerabilities have skyrocketed by 1205% in the past year. The figures come from the 2025 API ThreatStats Report by Wallarm, which highlights how AI has become the biggest driver of API ...
CSOonline

What is WebAuthN? Possibly the answer to all web authentication

With strong support from Google, Microsoft and other vendors, WebAuthN is poised to become a true standard for passwordless authentication over the web. For decades we’ve been trying to replace the ...