The Hacker News

Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration

Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 ...
The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
Dark Reading

Cybercrooks Scrape OpenAI API Keys to Pirate GPT-4

Yesterday, moderators of the r/ChatGPT Discord channel banned a script kiddie who was freely sharing stolen OpenAI API keys with hundreds of other users. API keys allow developers to integrate ...
TechCrunch

Sumo Logic urges customers to reset API keys following security breach

Sumo Logic, a U.S.-based cloud data analytics and log analysis company, is urging users to reset API keys after discovering a security breach. In a security notice published this week, Sumo Logic ...
CSOonline

Chrome extension privacy promises undone by hardcoded secrets, leaky HTTP

Chrome extensions were spotted leaking sensitive browser data like API keys, secrets, and tokens via unguarded HTTP transmissions and hardcoded spills. Seemingly harmless Chrome extensions aimed at ...
CoinTelegraph

3Commas CEO confirms API key leak following warning from CZ

The Binance CEO was less than receptive to claims of losses due to a 3Comma API key leak earlier this month; now he recommends disabling 3Comma API keys. Binance CEO Changpeng Zhao (CZ) warned his 8 ...
Forbes

How Attackers Are Using APIs To Target Your Business

In January 2023, a large telecommunications company suffered a breach, compromising over 37 million customer accounts. The criminals responsible gained access to an array of personally identifiable ...
InfoWorld

How to improve API security in ASP.NET Core

Take advantage of authentication and authorization, API keys, rate limiting, CORS, API versioning, and other recommended practices to build secure and robust APIs in ASP.NET Core. Because our APIs ...