The Next Web

Redpine raises €6.8M led by NordicNinja to build a licensed data API for AI agents

M for its API that lets AI agents access licensed premium datasets in real time; the 'Spotify model' for AI training data.
SecurityWeek

Google API Keys in Android Apps Expose Gemini Endpoints to Unauthorized Access

Dozens of such keys can be extracted from apps’ decompiled code to gain access to all Gemini endpoints. Threat actors can extract Google API keys embedded in Android applications to gain access to ...
Infosecurity-magazine.com

Google API Keys Quietly Gain Access to Gemini on Android Devices

A flaw in Google's API key system has reportedly exposed mobile applications to unintended access to its Gemini AI platform. According to a CloudSEK advisory published on April 8, the issue affects ...
CSOonline

APIs are the new perimeter: Here’s how CISOs are securing them

Today’s attack surface is shifting from the endpoint to the API, and AI and third-party SaaS are worsening the issue. CISOs offer advice for API defense. Recent breaches suggest attackers are shifting ...
techtimes

API Key Leak Exposes AWS, Stripe, OpenAI Credentials Across Thousands of Sites

A large-scale cybersecurity study has revealed a serious global web security issue involving exposed API credentials tied to major platforms, including Amazon Web Services, Stripe, and OpenAI. After ...
Digital Trends

A simple coding mistake is exposing API keys across thousands of websites

After analyzing 10 million webpages, researchers have found thousands of websites accidentally exposing sensitive API credentials, including keys linked to major services like Amazon Web Services, ...
Bleeping Computer

CISA: New Langflow flaw actively exploited to hijack AI workflows

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical vulnerability identified as CVE-2026-33017, which affects the Langflow framework ...
New Scientist

Security credentials inadvertently leaked on thousands of websites

Critical security credentials are inadvertently being exposed on thousands of websites – including those run by some banks and healthcare providers. The leaked details could have given snoopers access ...
financefeeds

Alpaca Integrates BridgeWise AI Engine to Deliver Investment Analysis Across Broker API Network

Alpaca has partnered with BridgeWise to integrate artificial intelligence investment analysis into its brokerage infrastructure platform used by financial institutions worldwide. The collaboration ...
GitHub

One-time secret sharing for humans & agents.

Humans and agents need to exchange secrets — API keys, database passwords, tokens — without exposing them in chat logs, terminal history, or Slack threads. The exchange goes both ways: a human sends ...
blockchain

GitHub Adds 28 Secret Detectors Including Snowflake and Vercel API Keys

GitHub's March 2026 secret scanning update adds 28 new detectors from 15 providers, enables push protection for 39 patterns, and adds validity checks for DeepSeek and npm tokens. GitHub expanded its ...
TechSpot

A stolen Gemini API key turned a $180 bill into $82,000 in two days

AI Economy: A team of three developers in Mexico is facing a roughly 455× increase in monthly AI service expenses after an API key associated with their project was allegedly compromised. The key was ...