CSO Online

Azure SRE Agent flaw lets outsiders silently eavesdrop on enterprise cloud operations

A multi-tenant authentication gap in Microsoft’s AI operations agent exposed live command streams, internal reasoning, and ...
CSO Online

Microsoft issues out-of-band patch for critical security flaw in update to ASP.NET Core

Patching is not enough: applications embedding the insecure library will need to be rebuilt, and affected tokens and cookies ...

A Claude code plugin in an afternoon: What I learned

Plugins for AI coding tools sound like complex infrastructure. In practice, Markdown files and an HTTP API are sufficient.
CPO Magazine

Data Breach Hits GTA V and Red Dead Redemption 2 Maker Rockstar Games

Red Dead Redemption 2 and GTA 5 game maker Rockstar Games confirms a data breach stemming from a third-party cloud provider ...

Vercel security breach explained: How a third-party AI tool exposed internal systems and what it means for developers

Vercel confirmed a security incident involving unauthorized access to internal systems, stemming from a compromised ...

Google Ads API to require multi-factor authentication

Google’s new MFA requirement for the Ads API strengthens security but may require advertisers to adjust authentication ...

New npm supply-chain attack self-spreads to steal auth tokens

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.
TheServerSide

How to get an OpenAI API key for ChatGPT

The biggest mistake people make when trying to get their ChatGPT API key is that they use the wrong URL. The key can't be found at chatgpt.com. Instead, point your browser to the OpenAI developer ...
Decrypt

Claude Opus 4.7 Is Here: Anthropic’s Latest Model Delivers, But It’s a Token Eating Machine

Anthropic's new flagship model Claude Opus 4.7 beat every benchmark we threw at it, and eats tokens like a hungry teenager.