A stolen Gemini API key turned a $180 bill into $82,000 in two days

One of the affected developers shared the incident on Reddit. According to the post, the Google Cloud API key was compromised between February 11 and February ...
CPO Magazine

Google Disrupted Chinese GRIDTIDE Cyber Espionage Operation Active Since 2017

A long-term Chinese cyber espionage operation that has been active since at least 2017 and has a count of at least 53 victims ...
SecurityWeek

OpenClaw Vulnerability Allowed Websites to Hijack AI Agents

An OpenClaw vulnerability allowed malicious websites to take over AI agents, exposing sensitive information and enabling data ...

Fake Google Security site uses PWA app to steal credentials, MFA codes

A phishing campaign is using a fake Google Account security page to deliver a web-based app capable of stealing one-time ...
SecurityWeek

Vulnerability Allowed Hijacking Chrome’s Gemini Live AI Assistant

A Chrome vulnerability allowed malicious extensions to hijack the browser’s Gemini Live assistant to spy on users and ...

Rolling out AI? 5 security tactics your business can't get wrong - and why

Rolling out AI? 5 security tactics your business can't get wrong - and why ...
Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users from legitimate sign‑in pages to attacker‑controlled infrastructure.

What is Aliro? Everything you need to know about the new smart home standard for locks

A digital key standard from the folks that brought you Matter, Aliro introduces a universal system for smart locks. Here's how it will change your smart home.