The Register on MSN

AI companies keep publishing private API keys to GitHub

Security biz Wiz says 65% of top AI businesses leak keys and tokens Leading AI companies turn out to be no better at keeping ...
Dark Reading

How Do I Protect My API Keys From Appearing in Search Results?

Question: How do I keep my API keys from becoming part of someone else's GitHub search? Answer: Storing API keys directly in your code is generally not recommended due to the potential security risks.
Krebs on Security

xAI Dev Leaks API Key for Private SpaceX, Tesla LLMs

Philippe Caturegli, “chief hacking officer” at the security consultancy Seralys, was the first to publicize the leak of credentials for an x.ai application programming interface (API) exposed in the ...
Bleeping Computer

Starbucks Devs Leave API Key in GitHub Public Repo

One misstep from developers at Starbucks left exposed an API key that could be used by an attacker to access internal systems and manipulate the list of authorized users. The severity rating of the ...
TechCrunch

DOGE staffer with access to Americans’ personal data leaked private xAI API key

A DOGE staffer with access to the private information on millions of Americans held by the U.S. government reportedly exposed a private API key used for interacting with Elon Musk’s xAI chatbot.
CoinTelegraph

3Commas CEO confirms API key leak following warning from CZ

The Binance CEO was less than receptive to claims of losses due to a 3Comma API key leak earlier this month; now he recommends disabling 3Comma API keys. Binance CEO Changpeng Zhao (CZ) warned his 8 ...

Microsoft warns a key OpenAI API is being exploited to launch cyberattacks

"Instead of relying on more traditional methods, the threat actor behind this backdoor abuses OpenAI as a C2 channel as a way ...
NPR

NPR's API Rights Management

One of the things that I am most commonly asked about regarding the NPR API is rights management. Because we are distributing content to unknown destinations, it is critical to make sure the API ...