The Register on MSN

OpenAI API moonlights as malware HQ in Microsoft’s latest discovery

Redmond uncovers SesameOp, a backdoor hiding its tracks by using OpenAI’s Assistants API as a command channel Hackers have ...

Microsoft warns a key OpenAI API is being exploited to launch cyberattacks

"Instead of relying on more traditional methods, the threat actor behind this backdoor abuses OpenAI as a C2 channel as a way ...
Krebs on Security

xAI Dev Leaks API Key for Private SpaceX, Tesla LLMs

Philippe Caturegli, “chief hacking officer” at the security consultancy Seralys, was the first to publicize the leak of credentials for an x.ai application programming interface (API) exposed in the ...
TechCrunch

DOGE staffer with access to Americans’ personal data leaked private xAI API key

A DOGE staffer with access to the private information on millions of Americans held by the U.S. government reportedly exposed a private API key used for interacting with Elon Musk’s xAI chatbot.
Bleeping Computer

Starbucks Devs Leave API Key in GitHub Public Repo

One misstep from developers at Starbucks left exposed an API key that could be used by an attacker to access internal systems and manipulate the list of authorized users. The severity rating of the ...
NPR

NPR's API Rights Management

One of the things that I am most commonly asked about regarding the NPR API is rights management. Because we are distributing content to unknown destinations, it is critical to make sure the API ...
The Next Web

Twitter’s API keys and secrets for its official apps surface; what should we do with them?

It appears that Twitter’s API keys and secrets for its official apps have surfaced, and are currently being shared on GitHub. Note: The combination of API keys and secrets are used to authorize and ...