Bleeping Computer

GitHub can now auto-block commits containing API keys, auth tokens

GitHub has announced on Monday that it expanded its code hosting platform's secrets scanning capabilities for GitHub Advanced Security customers to block secret leaks automatically. Secret scanning is ...
Bleeping Computer

Latest API Key news

Close to 12,000 valid secrets that include API keys and passwords have been found in the Common Crawl dataset used for training multiple artificial intelligence models. Microsoft has introduced an ...
Threat Post

Twitter Warns Developers of API Bug That Exposed App Keys, Tokens

Twitter has fixed a caching issue that could have exposed developers’ API keys and tokens. Twitter developers are being warned of a security bug that may have exposed their applications’ credential ...
ZDNet

Twitter warns of possible API keys leak

The smartest companies now approach cybersecurity with a risk management strategy. Learn how to make policies to protect your most important digital assets. Read now Twitter is notifying developers ...
VentureBeat

Why enterprises can’t afford to overlook API security in 2023

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More Application and API security is vital for protecting modern enterprise ...
Ars Technica

Microsoft Teams stores cleartext auth tokens, won’t be quickly patched

This is a known issue with OAuth and is how basically any electron app works. The tl;dr is if you're able to steal files "as the user" it's already game over. This is no different than stealing ...