SecurityWeek

Google API Keys in Android Apps Expose Gemini Endpoints to Unauthorized Access

Threat actors can extract Google API keys embedded in Android applications to gain access to Gemini AI endpoints and ...

OpenAI identifies security issue involving third-party tool, says user data was not accessed

The ChatGPT maker said it found no evidence that its user data was accessed or that its systems or intellectual property were ...
CSO Online

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

A single unauthenticated connection gives attackers a full shell; credential theft observed in under three minutes on honeypot servers.