I didn't always take online security seriously. I made basic mistakes, like using the same password for all my accounts, logging onto public WiFI networks without a VPN and giving out my email and ...

Researchers with Truffle Security are warning that old and seemingly benign Google API keys might now be weaponized by threat actors after gaining Gemini AI authorization permissions, in a destructive ...

Anthropic has officially banned users from extracting OAuth tokens from their Claude consumer subscriptions (Free, Pro, and Max plans) to use in third-party tools and applications. The move, which the ...

AI Economy: A team of three developers in Mexico is facing a roughly 455× increase in monthly AI service expenses after an API key associated with their project was allegedly compromised. The key was ...

Google Cloud API keys, normally used as simple billing identifiers for APIs such as Maps or YouTube, could be scraped from websites to give access to private Gemini AI project data, researchers from ...

Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI assistant and access private data. Researchers found nearly 3,000 such ...

Developers using third-party AI tools tied to Claude subscription credentials face immediate disruption in the week of February 19, 2026. Anthropic says OAuth tokens from Free, Pro, and Max plans are ...

W3C proposal backed by Google and Microsoft allows developers to expose client-side JavaScript tools to AI agents, enabling collaborative workflows between users and agents within the same web ...

Viral social network “Moltbook” built entirely by artificial intelligence leaked authentication tokens, private messages and user emails through missing security controls in production environment.

A self-styled social networking platform built for AI agents contained a misconfigured database which allowed full read and write access to all data, security researchers have revealed. Moltbook was ...

A Chrome extension posing as an AI assistant exposed more than 10,000 users, secretly harvesting OpenAI API keys and sending data to attacker-controlled servers. Researchers say at least 459 API keys ...