Over 2,800 exposed Google API keys may allow unauthorized Gemini AI access, risking data leaks and massive API charges.

Researchers with Truffle Security are warning that old and seemingly benign Google API keys might now be weaponized by threat actors after gaining Gemini AI authorization permissions, in a destructive ...

Exposed Google API keys previously not considered secrets can now inadvertently grant attackers access to sensitive Gemini API endpoints.

This high-severity Chrome Gemini vulnerability lets malicious extensions spy on your PC ...

Let me tell you how I came within steps of becoming a victim in an elaborate social engineering scheme designed to exploit something so routine and apparently harmless as a Microsoft Teams call ...

Threat actors increasingly integrated artificial intelligence into cyber operations in the final quarter of 2025, ...

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach reports, expert analysis, and actionable insights for infosec professionals and ...

A silent 2025 SaaS breach shows how dormant tokens enable access and authorization drift in AI systems, pushing durable, short-lived credentials with real-time checks.

Earlier this month, the now viral social network Moltbook exposed 1.5 million API authentication tokens and 35,000 email addresses within days of launch. The cause: a single misconfigured database ...

A software engineer wired his vacuum to his video game controller, but he could soon see inside thousands of living rooms.

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases.

Server hardware and software co-design for a secure, efficient cloud.