#api-security

[ follow ]
#cybersecurity #artificial-intelligence #data-exposure #application-security #credential-exposure
Information security
fromTechzine Global
1 week ago

Misused Gemini API key results in sky-high AI costs for startup

A stolen Google Gemini API key resulted in an $82,000 bill for a small startup in two days, revealing significant financial risks when access credentials are compromised.
Information security
fromTheregister
1 week ago

Dev stunned by $82K Gemini API key bill after theft

A developer's stolen Google Gemini API key resulted in $82,314 in unauthorized charges within 48 hours, while Google refused to waive costs citing shared responsibility, threatening the startup's survival.
fromThe Hacker News
1 week ago

Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement

With a valid key, an attacker can access uploaded files, cached data, and charge LLM-usage to your account. The keys now also authenticate to Gemini even though they were never intended for it. The problem occurs when users enable the Gemini API on a Google Cloud project, causing existing API keys to gain surreptitious access to Gemini endpoints without any warning or notice.
Information security
fromInfoWorld
1 week ago

'Silent' Google API key change exposed Gemini AI data

For more than a decade, Google's developer documentation has described these keys, identified by the prefix 'Aiza', as a mechanism used to identify a project for billing purposes. Developers generated a key and then pasted it into their client-side HTML code in full public view.
Miscellaneous
Information security
fromThe Hacker News
2 weeks ago

How Exposed Endpoints Increase Risk Across LLM Infrastructure

Exposed LLM endpoints with excessive permissions and long-lived credentials create a critical attack surface enabling cybercriminals to access systems, identities, and secrets.
Information security
fromTechCrunch
3 weeks ago

Indian pharmacy chain giant exposed customer data and internal systems | TechCrunch

A security lapse allowed outsiders full administrative control of DavaIndia Pharmacy's platform, exposing customer orders and sensitive drug-control functions.
Information security
fromDevOps.com
1 month ago

Survey Surfaces More Focus on Software Security Testing and API Security - DevOps.com

Many enterprises plan to increase spending on software security testing, API security, and application security as AI-driven code growth strains DevSecOps capacity.
#ucp
fromInfoWorld
1 month ago
Information security

Google's Universal Commerce Protocol aims to simplify life for shopping bots... and devs

fromInfoWorld
1 month ago
Information security

Google's Universal Commerce Protocol aims to simplify life for shopping bots... and devs

more#ucp
Information security
fromMedium
4 months ago

Why API Security Testing is Critical for Modern Applications

Continuous API security testing is essential to prevent data exposure, authentication failures, privilege escalation, and service disruption in modern applications.
Software development
fromMedium
5 months ago

OWASP Top 10 for Appliction Programming Interfaces

APIs enable modular, scalable software but exposed endpoints and misconfigurations create critical vulnerabilities like broken authorization and authentication leading to data breaches.
Information security
fromTechzine Global
5 months ago

API attacks are skyrocketing: 40,000 incidents in six months

API attacks surged to over 40,000 incidents in H1 2025, with financial services and application-layer DDoS experiencing heavy, targeted automation and bot activity.
#cybersecurity
fromChannelPro
6 months ago
Privacy technologies

LevelBlue and Akamai are teaming up to launch a managed web application and API protection service

fromHackernoon
8 months ago
Privacy professionals

Meet the Writer: Hacker Noon's Contributor Igboanugo David Ugochukwu, Cybersecurity and Tech Writer | HackerNoon

Privacy technologies
fromCSO Online
9 months ago

If you use OneDrive to upload files to ChatGPT or Zoom, don't

Web app vendors face security risks as they may unintentionally expose sensitive user data, requiring attention from cybersecurity teams.
Tech industry
fromIT Pro
10 months ago

Criminals target APIs as web attacks skyrocket globally

API attacks surged in 2024, representing a major security threat with 311 billion web attacks noted globally.
fromChannelPro
6 months ago
Privacy technologies

LevelBlue and Akamai are teaming up to launch a managed web application and API protection service

fromHackernoon
8 months ago
Privacy professionals

Meet the Writer: Hacker Noon's Contributor Igboanugo David Ugochukwu, Cybersecurity and Tech Writer | HackerNoon

Tech industry
fromIT Pro
10 months ago

Criminals target APIs as web attacks skyrocket globally

API attacks surged in 2024, representing a major security threat with 311 billion web attacks noted globally.
more#cybersecurity
DevOps
fromDevOps.com
7 months ago

Why API Security is Now a DevOps Problem, Not Just an AppSec Concern - DevOps.com

API security should be integrated into DevOps processes to mitigate potential vulnerabilities effectively.
Privacy professionals
fromTechCrunch
7 months ago

DOGE staffer with access to Americans' personal data leaked private xAI API key | TechCrunch

A DOGE staffer exposed a private API key for Elon Musk's xAI chatbot, raising concerns about security measures for sensitive information.
fromInfoWorld
8 months ago

How to use route constraints in ASP.NET Core minimal APIs

A route constraint in ASP.NET Core is a guardrail for the URL. It determines whether an incoming request matches predefined criteria and should be processed.
Ruby on Rails
Privacy technologies
fromCSO Online
9 months ago

Chrome extension privacy promises undone by hardcoded secrets, leaky HTTP

Chrome extensions can leak sensitive information through unguarded HTTP transmissions and hardcoded credentials, posing serious risks to users.
DevOps
fromDevOps.com
9 months ago

Shift-Left API Security Testing: A Strategic Move for Agile Enterprises - DevOps.com

Shift-left API security testing integrates security earlier in the development lifecycle, improving safety and efficiency.
#application-security
more#application-security
[ Load more ]