News

Bleeping Computer4y

Twitter is warning devs that API keys and tokens may have leaked

Twitter is emailing developers stating that their API keys, access tokens, and access token secrets may have been exposed in a browser's cache.
Torque News1d

My Tesla Model Y Was Remotely Unlocked By Thieves Who Compromised My Tessie API Token, Then They Arrived Three Minutes Later To Ransack The Vehicle

Thieves just hacked a Tesla Model Y by compromising a third-party app’s API token, remotely unlocking the car in the middle ...
Bleeping Computer2y

GitHub now can auto-block token and API key leaks for all repos

GitHub is now automatically blocking the leak of sensitive information like API keys and access tokens for all public code repositories.
ZDNet6y

Over 100,000 GitHub repos have leaked API or cryptographic keys

NCSU team scanned for API tokens from 11 companies Inside this gigantic pile of files, researchers looked for text strings that were in the format of particular API tokens or cryptographic keys.
ZDNet4y

Twitter warns of possible API keys leak - ZDNET

Incorrect server settings on the Twitter Developer portal led to browsers caching API keys, account access token and secret.
Threat Post4y

Twitter Warns Developers of API Bug That Exposed App Keys, Tokens

Twitter has fixed a caching issue that could have exposed developers' API keys and tokens.
SC Media4y

Twitter bug may have exposed API keys, access tokens

Twitter warned developers that a bug could have exposed their API keys and access tokens in their browser’s cache. The social media platform told developers it doesn’t believe the apps and ...
InfoWorld2y

Public package repos expose thousands of API security tokens—and they ...

JFrog’s new Xray Secrets Detection uncovered active access tokens in popular open-source software registries including Docker, npm, and PyPI. Here are our findings and takeaways.