Bleeping Computer

Trello API abused to link email addresses to 15 million accounts

An exposed Trello API allows linking private email addresses with Trello accounts, enabling the creation of millions of data profiles containing both public and private information. Trello is an ...
The Hacker News

OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps

CVE-2025-59363 "allowed attackers with valid API credentials to enumerate and retrieve client secrets for all OIDC ...
Bleeping Computer

Email addresses of 15 million Trello users leaked on hacking forum

A threat actor has released over 15 million email addresses associated with Trello accounts that were collected using an unsecured API in January. Trello is an online project management tool owned by ...

A Security Leader’s Response Guide To A Third-Party SaaS Breach

AT&T will soon be paying $149 million to current and former customers whose data was compromised following the 2024 hack ...
TheServerSide

How to get an OpenAI API key for ChatGPT

The biggest mistake people make when trying to get their ChatGPT API key is that they use the wrong URL. The key can't be found at chatgpt.com. Instead, point your browser to the OpenAI developer ...
Krebs on Security

xAI Dev Leaks API Key for Private SpaceX, Tesla LLMs

Philippe Caturegli, “chief hacking officer” at the security consultancy Seralys, was the first to publicize the leak of credentials for an x.ai application programming interface (API) exposed in the ...
The Verge

A group of R1 jailbreakers found a massive security flaw in Rabbit’s code

The company behind the R1 is under fire once again, this time for failing to keep sensitive API keys secure. The company behind the R1 is under fire once again, this time for failing to keep sensitive ...
Krebs on Security

DOGE Denizen Marko Elez Leaked API Key for xAI

Marko Elez, a 25-year-old employee at Elon Musk’s Department of Government Efficiency (DOGE), has been granted access to sensitive databases at the U.S. Social Security Administration, the Treasury ...
WATE 6 On Your Side

Salt Security Addresses Critical OAuth Vulnerabilities By Enhancing API Security Platform with OAuth Protection Package

Organisations that demonstrate a commitment to robust security practices foster user confidence and enhance brand reputation, leading to stronger customer relationships and a competitive edge.” — ...
Geeky Gadgets

Creating GPT Custom Actions using an OpenAI API Key

If you have been playing around creating a few OpenAI custom GPTs in the new ChatGPT Explore section, which is now available to ChatGPT Plus and Enterprise users. You may have seen a section where you ...
InfoWorld

How to use API keys to secure web APIs in ASP.NET Core

Take advantage of API key authentication to control the access of applications and services to your Web APIs in ASP.NET Core. There are several ways to secure your APIs in ASP.NET Core 7. You can use ...