Previously harmless Google API keys now expose Gemini AI data

Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI ...
The Hacker News

Malicious StripeApi NuGet Package Mimicked Official Library and Stole API Tokens

Malicious StripeApi.Net package on NuGet mimicked Stripe.net, logged 180,000 downloads, and stole Stripe API tokens before removal.

LLMs can unmask pseudonymous users at scale with surprising accuracy

If LLMs’ success in deanonymizing people improves, the researchers warn, governments could use the techniques to unmask ...
SecurityWeek

Vulnerability in MS-Agent AI Framework Can Allow Full System Compromise

A ModelScope MS-Agent vulnerability allows attackers to feed malicious commands to AI agents and modify system files or steal ...
Microsoft

Signed malware impersonating workplace apps deploys RMM backdoors

Signed malware backed by a stolen EV certificate deployed legitimate RMM tools to gain persistent access inside enterprise ...
Decrypt

The Best AI Tools That Actually Respect Your Privacy

Big Tech AI tools treat your data like a buffet. Here are nine alternatives that don't—and which one wins for your specific threat model.
CNBC

Best identity theft protection services of March 2026

Whether it's a stolen Social Security number or credit card, dealing with identity theft is a headache. But a good identity theft protection service will alert you to potential fraud early on and help ...