A stolen Gemini API key turned a $180 bill into $82,000 in two days

One of the affected developers shared the incident on Reddit. According to the post, the Google Cloud API key was compromised between February 11 and February ...
InfoWorld

‘Silent’ Google API key change exposed Gemini AI data

API key exploitation is more than hypothetical. In a different context, a student who reportedly exposed a GCP API key on GitHub last June was left nursing a $55,444 bill (later waived by Google) ...
The Hacker News

Identity Prioritization isn't a Backlog Problem - It's a Risk Math Problem

Identity risk escalates when control gaps, hygiene failures, impact, and intent align, forming toxic combinations that drive real breaches ...
GitHub

SMTP relay for sending emails via the Microsoft Graph API

This is not a proxy. Email data is parsed and converted into JSON so it can be sent using the Microsoft Graph API. Not all email RFC standards are supported, but efforts have been made in this project ...

Silent Push Links Sophisticated Vishing Campaign Targeting Okta and Other SSO Platform Accounts to SLSH Threat Group

Preemptive cyber defense team releases list of 100+ high-value targets We expect the targeting list to evolve rapidly ...
IEEE

ELAS-FG: Efficient Lightweight Authentication Scheme in Factor Graph-based Communication for VANET

Abstract: Vehicular Ad-Hoc Networks (VANETs) enable secure, real-time communication among vehicles and roadside infrastructure, improving traffic safety and system efficiency. However, VANETs face ...
IEEE

Heterogeneous Graph Contrastive Learning With Augmentation Graph

Abstract: Heterogeneous graph neural networks (HGNNs) have demonstrated promising capabilities in addressing various problems defined on heterogeneous graphs containing multiple types of nodes or ...
thecyberexpress

AI-Coded Moltbook Platform Exposes 1.5 Mn API Keys Through Database Misconfiguration

Viral social network “Moltbook” built entirely by artificial intelligence leaked authentication tokens, private messages and user emails through missing security controls in production environment.