SecurityWeek

AI Firm Braintrust Prompts API Key Rotation After Data Breach

Braintrust has notified customers that API keys were likely compromised after hackers accessed one of its AWS accounts.
CSOonline

AI programming copilots are worsening code security and leaking more secrets

Copilot-enabled repos are 40% more likely to contain API keys, passwords, or tokens — just one of several issues security leaders must address as AI-generated code proliferates. AI coding assistants ...
Digital Trends

A simple coding mistake is exposing API keys across thousands of websites

After analyzing 10 million webpages, researchers have found thousands of websites accidentally exposing sensitive API credentials, including keys linked to major services like Amazon Web Services, ...
International Business Times

API Key Leak Exposes AWS, Stripe, OpenAI Credentials Across Thousands of Sites

A large-scale cybersecurity study has revealed a serious global web security issue involving exposed API credentials tied to major platforms, including Amazon Web Services, Stripe, and OpenAI. After ...
VentureBeat

Hush Security emerges from stealth to eliminate risks, burdens of static machine authentication keys

How can an enterprise, large or small, ensure that all the software and services it relies upon are communicating securely with one another? The standard for roughly the last quarter century — much of ...
Bleeping Computer

GitHub now supports security keys when using Git over SSH

GitHub has added support for securing SSH Git operations using FIDO2 security keys for added protection from account takeover attempts. Researchers at North Carolina State University (NCSU) found [PDF ...
Bleeping Computer

Over 3,200 apps leak Twitter API keys, some allowing account hijacks

Cybersecurity researchers have uncovered a set of 3,207 mobile apps that are exposing Twitter API keys to the public, potentially enabling a threat actor to take over users' Twitter accounts that are ...