Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI ...

One of the affected developers shared the incident on Reddit. According to the post, the Google Cloud API key was compromised between February 11 and February ...

API key exploitation is more than hypothetical. In a different context, a student who reportedly exposed a GCP API key on GitHub last June was left nursing a $55,444 bill (later waived by Google) ...

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach reports, expert analysis, and actionable insights for infosec professionals and ...

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...

A silent 2025 SaaS breach shows how dormant tokens enable access and authorization drift in AI systems, pushing durable, short-lived credentials with real-time checks.

With the massive adoption of the OpenClaw agentic AI assistant, information-stealing malware has been spotted stealing files associated with the framework that contain API keys, authentication tokens, ...

LONDON, February 03, 2026--(BUSINESS WIRE)--Intruder, a leader in exposure management, today released new security research detailing vulnerabilities in Moltbot, formerly known as Clawdbot, an ...

Intruder, a leader in exposure management, today released new security research detailing vulnerabilities in Moltbot, formerly known as Clawdbot, an open-source, self-hosted AI assistant. The research ...

Claude Code is the new AI coding assistant that many users are using in their workflows. Here's everything you need to know ...

Research reveals 2,863 public Google API keys can access Gemini endpoints, enabling data exposure and massive billing abuse.