A self-styled social networking platform built for AI agents contained a misconfigured database which allowed full read and write access to all data, security researchers have revealed. Moltbook was ...

Obsidian Bases adds offline tables, galleries, and map views that switch layouts instantly, helping you organize notes in ...

In a sweeping analysis conducted in late 2025, Flare researchers uncovered more than 10,000 Docker Hub container images leaking secrets (including production API keys, cloud tokens, CI/CD credentials, ...

VectorCertain's analysis of the autonomous agent threat surface reveals that financial services are structurally unable to ...

Research reveals 2,863 public Google API keys can access Gemini endpoints, enabling data exposure and massive billing abuse.

Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 releases.

Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI ...

Gartner's ransomware playbook lists three credential reset steps — all human, all Active Directory. Machine identities, which outnumber human ones 82 to 1, aren't mentioned.

Spotify is changing how its APIs work in Developer Mode, its layer that lets developers test their third-party applications using the audio platform’s APIs. The changes include a mandatory premium ...

API key exploitation is more than hypothetical. In a different context, a student who reportedly exposed a GCP API key on GitHub last June was left nursing a $55,444 bill (later waived by Google) ...

Emily Long is a freelance writer based in Salt Lake City. After graduating from Duke University, she spent several years reporting on the federal workforce for Government Executive, a publication of ...

To some, METR’s “time horizon plot” indicates that AI utopia—or apocalypse—is close at hand. The truth is more complicated. MIT Technology Review Explains: Let our writers untangle the complex, messy ...