ClickUp Data Leak Exposes Enterprise Emails for Over a Year

A hardcoded ClickUp API key exposed hundreds of corporate and government emails for over a year, raising new SaaS security ...

Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...
CoinDesk

Why DeFi isn't dead despite massive exploits and $13 billion investor exodus

A $292 million exploit and $13 billion TVL drop looks catastrophic on the surface, but the data tells a different story.
The Washington Post

FBI obtains voting data from Arizona GOP’s 2020 review that confirmed Trump’s loss

A federal grand jury in Arizona has subpoenaed records from a review that Republican lawmakers conducted of the 2020 presidential results and that confirmed President Donald Trump lost. The subpoena ...
CSOonline

‘Silent’ Google API key change exposed Gemini AI data

Google Cloud API keys, normally used as simple billing identifiers for APIs such as Maps or YouTube, could be scraped from websites to give access to private Gemini AI project data, researchers from ...
Bleeping Computer

Previously harmless Google API keys now expose Gemini AI data

Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI assistant and access private data. Researchers found nearly 3,000 such ...
ZDNet

Copilot quietly grabs your data from other Microsoft products now - here's how to opt out

A Copilot setting lets the AI access data from other Microsoft products. The goal is to help personalize your Copilot conversations. You can disable this if you're worried about your privacy. Like ...
InfoQ

Agoda’s API Agent Converts Any API to MCP with Zero Code and Deployments

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...