发布日期:2026-06-18 | 话题:AI 编程工具 | 适用人群:开发者、AI 工程师OpenAI Codex 在 0.138~0.141 系 ...
For years, Google told developers that Google API keys, used for Maps, Firebase ar other services, were not secrets. Yet later, those same keys were given access to a new Gemini API, exposing users to ...
Security researchers have uncovered a coordinated campaign designed to steal developers’ AI-related API keys via malicious plugins. Aikido Security found at least 15 integrated development environment ...
At least 15 malicious plugins found on the JetBrains Marketplace were designed to steal AI API keys from developers. The campaign, discovered by Aikido Security, includes plugins that act as AI coding ...
MCP Server(Model Context Protocol 服务器)是让 AI 模型调用外部工具与数据的标准化接口,由 Anthropic 于 2024 年底开源后迅速成为行业标准。截至 2026 年 4 月,Python SDK 在 PyPI 的月下载量已突破 1.64 亿次,公开目录收录的 MCP 服务器超过 20,000 个,OpenAI、Google、Microsoft 相继采纳同 ...
Google API keys aren't completely inactive after users delete them, giving attackers a small but significant window to continue abusing them. Joe Leon, researcher at Belgian startup Aikido Security, ...
Web infrastructure provider Vercel disclosed a security breach that may have exposed customer API keys, prompting crypto projects to rotate credentials and review their code. Vercel traced the ...
A flaw in Google's API key system has reportedly exposed mobile applications to unintended access to its Gemini AI platform. According to a CloudSEK advisory published on April 8, the issue affects ...
A large-scale cybersecurity study has revealed a serious global web security issue involving exposed API credentials tied to major platforms, including Amazon Web Services, Stripe, and OpenAI. After ...
After analyzing 10 million webpages, researchers have found thousands of websites accidentally exposing sensitive API credentials, including keys linked to major services like Amazon Web Services, ...
AI Economy: A team of three developers in Mexico is facing a roughly 455× increase in monthly AI service expenses after an API key associated with their project was allegedly compromised. The key was ...