Bleeping Computer

The Double-Edged Sword of Non-Human Identities

In a sweeping analysis conducted in late 2025, Flare researchers uncovered more than 10,000 Docker Hub container images leaking secrets (including production API keys, cloud tokens, CI/CD credentials, ...
InfoWorld

Sensitive access tokens and keys found in hundreds of Android apps

Many developers still embed sensitive access tokens and API keys into their mobile applications, putting data and other assets stored on various third-party services at risk. A new study performed by ...
CSOonline

AI programming copilots are worsening code security and leaking more secrets

Copilot-enabled repos are 40% more likely to contain API keys, passwords, or tokens — just one of several issues security leaders must address as AI-generated code proliferates. AI coding assistants ...
Infosecurity Magazine

Cursor Extension Flaw Exposes Developer API Keys

Cursor flaw lets extensions steal API keys and session tokens without user interaction, according to researchers at LayerX ...
FintechNewsSG

Agnes AI Opens Zenmux API Access, Launches Token Plans for Developers

Agnes AI expands Zenmux API access and launches low-cost token plans, advancing its integrated multimodal AI platform.
Security Boulevard

How a Long-Lived API Credential Let an AI Agent Delete Production Data

What began as a routine staging task for a SaaS startup ended in a disaster that  would have been unthinkable just months ago: an AI agent operating as a super insider threat and triggering a ...