The Hacker News

⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More

Phishing surge, LinkedIn tracking claims, spyware use, and rising stealers expose growing abuse of trusted systems.

Claude Code leak used to push infostealer malware on GitHub

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar ...
腾讯网

1次操作莫名背上10.6万元账单、Gemini API密钥被盗、项目濒临崩溃 ...

整理 | 屠敏出品 | CSDN(ID:CSDNnews)一次看似普通的测试操作,却引来 1.54 万美元(约 10.6 万元)的账单。这对一个刚起步的独立开发者来说,几乎是致命打击。近日,24 岁独立开发者 vatcode 在社交媒体平台 ...
Morning Overview on MSN

Study finds thousands of sites exposed API keys and other credentials

Researchers scanning 10 million webpages have found that nearly 10,000 pages contained live API credentials left in plain ...

Cloudflare’s new Dynamic Workers ditch containers to run AI agent code 100x faster

Cloudflare says dynamically loaded Workers are priced at $0.002 per unique Worker loaded per day, in addition to standard CPU ...
heise online

Google's unprotected API keys a security and cost risk due to Gemini AI

Google is working to fix a problem with its API keys after security researchers pointed out possible misuse. This is because the keys for accessing Google's cloud services, such as Maps or Firebase, ...
Cfr.org

A Guide to Trump’s Section 232 Tariffs, in Maps

President Donald Trump has launched a wave of Section 232 tariffs and investigations, seeking to protect U.S. national security. These graphics show the scale and structure of U.S. reliance on foreign ...
Bleeping Computer

Previously harmless Google API keys now expose Gemini AI data

Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI assistant and access private data. Researchers found nearly 3,000 such ...