A simple coding mistake is exposing API keys across thousands of websites

A large-scale study has revealed that websites are unintentionally exposing API keys tied to services like AWS, Stripe, and OpenAI, with most leaks traced back to publicly accessible JavaScript files.
Tech Times

API Key Leak Exposes AWS, Stripe, OpenAI Credentials Across Thousands of Sites

Researchers found thousands of exposed API keys across 10 million webpages, including AWS, Stripe, and OpenAI credentials left vulnerable in public code.
Hosted on MSN

Microsoft warns a key OpenAI API is being exploited to launch cyberattacks

SesameOp malware uses OpenAI’s Assistants API as a covert command-and-control channel It enables persistent access, runs commands, and exfiltrates data via encrypted API traffic Microsoft urges ...
Rolling Out

OpenAI admits third party breach leaked user info

Third party analytics provider Mixpanel exposed developer account information, though ChatGPT conversations and payment data remained secure The artificial intelligence industry faced another ...