A Security Leader’s Response Guide To A Third-Party SaaS Breach

AT&T will soon be paying $149 million to current and former customers whose data was compromised following the 2024 hack ...
The Hacker News

OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps

CVE-2025-59363 "allowed attackers with valid API credentials to enumerate and retrieve client secrets for all OIDC ...
SlashGear

What Is The ChatGPT API Key And Where Do You Find It?

As ChatGPT rises in both complexity — not to mention popularity — more apps, websites, and services are starting to make use of its features. Certain websites allow you to ping ChatGPT's servers with ...
Krebs on Security

xAI Dev Leaks API Key for Private SpaceX, Tesla LLMs

Philippe Caturegli, “chief hacking officer” at the security consultancy Seralys, was the first to publicize the leak of credentials for an x.ai application programming interface (API) exposed in the ...
Bleeping Computer

JumpCloud resets admin API keys amid ‘ongoing incident’

JumpCloud, a US-based enterprise software firm is notifying several customers of an "ongoing incident." As a caution, the company has invalidated existing admin API keys to protect its customer ...
WOOD-TV

Salt Security Addresses Critical OAuth Vulnerabilities By Enhancing API Security Platform with OAuth Protection Package

Organisations that demonstrate a commitment to robust security practices foster user confidence and enhance brand reputation, leading to stronger customer relationships and a competitive edge.” — ...
CoinTelegraph

Kronos Research halts trading amid $25M API key hack investigation

A hacker has walked away with $25 million from quantitative trading firm Kronos Research after accessing its compromised API keys. On Nov. 19, Kronos Research revealed that an unauthorized entity ...