Tech Times

Fake Claude Code Installers on 32 Live Sites Steal Developer API Keys via Google Ads

Fake Claude Code installer malware used Google Ads to place spoofed AI tool pages above real documentation since March 2026.
SiliconANGLE

Twitter warns developers of potentially exposed API keys and access tokens

Twitter Inc. is warning developers that their application programming interface key, user access tokens and token secrets for their own Twitter accounts may have been exposed in browser caches. In a ...
Dark Reading

Cybercrooks Scrape OpenAI API Keys to Pirate GPT-4

Yesterday, moderators of the r/ChatGPT Discord channel banned a script kiddie who was freely sharing stolen OpenAI API keys with hundreds of other users. API keys allow developers to integrate ...
USA Today

Visualping Launches Self-Serve API Keys, Giving Developers Instant Access to Website Monitoring Data

Visualping, the world’s leading website change detection platform used by teams at 85% of Fortune 500 companies, has launched self-serve API key management for Business plan subscribers. VANCOUVER, ...
Hosted on MSN

Binance founder warns developers to rotate API keys after GitHub internal repository exposure

Changpeng Zhao has asked developers to examine and rotate any API keys in code immediately after GitHub revealed on May 20 that hackers had gained unauthorized access to its internal repositories. The ...
Infosecurity-magazine.com

Cursor Extension Flaw Exposes Developer API Keys

A high-severity vulnerability in the AI-powered development tool Cursor allows installed extensions to access sensitive credentials, exposing API keys and session tokens without any user interaction.
TechSpot

A stolen Gemini API key turned a $180 bill into $82,000 in two days

AI Economy: A team of three developers in Mexico is facing a roughly 455× increase in monthly AI service expenses after an API key associated with their project was allegedly compromised. The key was ...
International Business Times

API Key Leak Exposes AWS, Stripe, OpenAI Credentials Across Thousands of Sites

A large-scale cybersecurity study has revealed a serious global web security issue involving exposed API credentials tied to major platforms, including Amazon Web Services, Stripe, and OpenAI. After ...
Bleeping Computer

Over 3,200 apps leak Twitter API keys, some allowing account hijacks

Cybersecurity researchers have uncovered a set of 3,207 mobile apps that are exposing Twitter API keys to the public, potentially enabling a threat actor to take over users' Twitter accounts that are ...

Security Researcher: WordPress 7.0 Could Trigger Rush To Steal AI API Keys

WordPress 7.0 exposes AI API keys. Security researcher says there "will be an absolute rush by hackers to steal API keys" ...
CoinDesk

Hack at Vercel sends crypto developers scrambling to lock down API keys

A breach at web infrastructure provider Vercel is forcing crypto teams to rotate API keys and do a deep inspection of their underlying code. In a bulletin, Vercel said the hacker was able to grab ...