Skip to main content

Tag: api key exposure

3 articles

Smartphone displays AI chatbot interface on a clean, minimalist surface with a laptop in the background.

iOS AI Apps Expose API Keys, Open AI Proxy Access

Nearly two-thirds of AI chatbot apps for iPhone, that's 282 out of 444 tested, are leaking sensitive API keys, leaving users' data vulnerable to exposure through open AI proxy access. This alarming discovery highlights a critical security gap in many popular iOS AI apps.

Analyst 207
WordPress dashboard screen with a highlighted API key field and a warning symbol nearby.

Hackers Exploit Gravity SMTP Plugin Bug to Expose API Keys

Malicious hackers are racing to exploit a vulnerability in the Gravity SMTP plugin, which has been installed on around 100,000 WordPress sites, to get their hands on sensitive API keys. Over 17 million exploit attempts have already been blocked by Wordfence, highlighting the urgent need for site owners to update to version 2.1.5.

Analyst 207
Person in hoodie sits at laptop with chatbot interface, surrounded by papers and shadowy figures, hinting at cyber threat.

GitHub AI Agents Exposed to Credential Theft via Prompt Injection

Security researchers have uncovered a shocking vulnerability in popular GitHub AI agents, demonstrating how a simple prompt injection technique can be exploited to steal sensitive credentials, leaving users alarmingly exposed. The findings highlight a disturbing lack of transparency from vendors, putting automation and service access at risk.

Analyst 207