A large-scale study has revealed that websites are unintentionally exposing API keys tied to services like AWS, Stripe, and OpenAI, with most leaks traced back to publicly accessible JavaScript files.

Researchers found thousands of exposed API keys across 10 million webpages, including AWS, Stripe, and OpenAI credentials left vulnerable in public code.

Today’s attack surface is shifting from the endpoint to the API, and AI and third-party SaaS are worsening the issue. CISOs offer advice for API defense.

Akamai’s 2026 State of the Internet report shows a surge in Layer 7 DDoS and API attacks, with attacakers combining AI, ...

X has launched a new pay-per-use pricing model for its developer application programming interface (API), replacing the earlier pricing model that required developers to pay fixed monthly fees of up ...

Security researchers at BeyondTrust Phantom Labs discovered a critical flaw in OpenAI's Codex coding agent that allowed an ...

It has been a rough start to the year for password security. A massive database containing 149 million stolen logins and passwords was found publicly exposed online. The data included credentials tied ...

AI-driven development fueled a surge in developer secrets leaks last year, with nearly 29m credentials discovered on public GitHub repos.

In a sweeping analysis conducted in late 2025, Flare researchers uncovered more than 10,000 Docker Hub container images leaking secrets (including production API keys, cloud tokens, CI/CD credentials, ...

Spectating this Apex Legends cheater is unreal. They are using RPG style super grenade hacks with aimbot like accuracy, deleting squads with hits that should never be possible. From perfect grenade ...

Researchers from three universities have found that nearly 10,000 webpages are publicly exposing API credentials, leaving ...