The Hacker News

OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability

ChatGPT and Codex flaws patched Feb 2026 exposed DNS exfiltration and GitHub tokens, raising enterprise AI security risks.
AppleInsider

How Apple could kill CAPTCHAs with Private Access Tokens

Apple demoed technology at WWDC 2022 called Private Access Tokens — and they could potentially kill CAPTCHAs once and for all. Private Access Tokens (PAT) can prove when an HTTP request is coming from ...
PC World

Developers leak Slack access tokens on GitHub, putting sensitive business data at risk

Developers from hundreds of companies have included access tokens for their Slack accounts in public projects on GitHub, putting their teams’ internal chats and other data at risk. Slack has become ...
WeLiveSecurity

Facebook: No evidence attackers used stolen access tokens on third-party sites

Facebook has announced that it found no evidence that attackers had used stolen account access tokens on other websites or apps that enable users to access their accounts using Facebook Login. This ...
TechCrunch

Okta says hackers stole customer access tokens from support unit

Identity and access giant Okta said a hacker broke into its customer support ticket system and stole sensitive files that can be used to break into the networks of Okta’s customers. Okta chief ...
VentureBeat

Hackers use stolen OAuth access tokens to breach dozens of organization’s internal systems

Join the event trusted by enterprise leaders for nearly two decades. VB Transform brings together the people building real enterprise AI strategy. Learn more Last week, GitHub Security researchers ...
Infosecurity-magazine.com

Stolen Access Tokens Lead to New Internet Archive Breach

Hours after the Internet Archive was reportedly back on its feet following a wave of cyber-attacks, it seems that the world’s largest digital library is in hot water again. On October 20, several ...