The Hacker News

OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps

A high-severity security flaw has been disclosed in the One Identity OneLogin Identity and Access Management (IAM) solution that, if successfully exploited, could expose sensitive OpenID Connect (OIDC ...
CoinDesk

U.S. Government Starts Pushing Economic Data Onto Blockchains as 'Proof of Concept'

The U.S. government has begun using blockchains to disseminate key economic data, starting with the U.S. Department of Commerce's release of gross-domestic product (GDP) numbers on Thursday, which was ...
Reuters

What API and EIA data reveal about crude oil markets

Both API and EIA reports can influence crude oil prices, though the API is often used as a preliminary indicator. The EIA report includes crucial refinery utilization data, providing deeper insights ...
Bleeping Computer

Colt Telecom attack claimed by WarLock ransomware, data up for sale

UK-based telecommunications company Colt Technology Services is dealing with a cyberattack that has caused a multi-day outage of some of the company's operations, including hosting and porting ...
TechSpot

ChatGPT vulnerability allows hidden prompts to steal Google Drive cloud data

TL;DR: Chatbots and other AI services are increasingly making life easier for cybercriminals. A recently disclosed attack demonstrates how ChatGPT can be exploited to steal API keys and other ...
TechCrunch

DOGE staffer with access to Americans’ personal data leaked private xAI API key

A DOGE staffer with access to the private information on millions of Americans held by the U.S. government reportedly exposed a private API key used for interacting with Elon Musk’s xAI chatbot.
Krebs on Security

DOGE Denizen Marko Elez Leaked API Key for xAI

Marko Elez, a 25-year-old employee at Elon Musk’s Department of Government Efficiency (DOGE), has been granted access to sensitive databases at the U.S. Social Security Administration, the Treasury ...
The Next Platform

How Multi-Agent Systems Revolutionize Data Workflows

The biggest challenge to AI initiatives is the data they rely on. More powerful computing and higher-capacity storage at lower cost has created a flood of information, and not all of it is clean. It ...
Computerworld

Salesforce changes Slack API terms to block bulk data access for LLMs

Salesforce’s Slack platform has changed its API terms of service to stop organizations from using Large Language Models (LLMs) to ingest the platform’s data as ...
The Hacker News

Popular Chrome Extensions Leak API Keys, User Data via HTTP and Hard-Coded Credentials

Cybersecurity researchers have flagged several popular Google Chrome extensions that have been found to transmit data in HTTP and hard-code secrets in their code, exposing users to privacy and ...
InfoQ

JEP 505 Delivers Fifth Preview of Java's Structured Concurrency with Key API Refinements

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
Krebs on Security

xAI Dev Leaks API Key for Private SpaceX, Tesla LLMs

Philippe Caturegli, “chief hacking officer” at the security consultancy Seralys, was the first to publicize the leak of credentials for an x.ai application programming interface (API) exposed in the ...