What began as a routine staging task for a SaaS startup ended in a disaster that  would have been unthinkable just months ago: an AI agent operating as a super insider threat and triggering a ...

Researchers from three universities have found that nearly 10,000 webpages are publicly exposing API credentials, leaving sensitive services wide open to potential abuse. The team scanned 10 million ...

After analyzing 10 million webpages, researchers have found thousands of websites accidentally exposing sensitive API credentials, including keys linked to major services like Amazon Web Services, ...

A hardcoded ClickUp API key exposed hundreds of corporate and government emails for over a year, raising new SaaS security ...

Researchers discovered thousands of exposed API credentials across nearly 10,000 webpages, including those tied to major services like AWS, Stripe, and OpenAI. Many of these keys were left in publicly ...

In a sweeping analysis conducted in late 2025, Flare researchers uncovered more than 10,000 Docker Hub container images leaking secrets (including production API keys, cloud tokens, CI/CD credentials, ...

Data breach indexing site Have I Been Pwnd has just added a new data set of almost 71 million stolen user credentials from the Naz.API data set that includes 25 million previously unknown leaks. The ...

Hackers rushed to target a critical LiteLLM SQL injection flaw to steal keys, credentials, and environment-variable ...

As enterprises accelerate their shift to the cloud, cybersecurity risks are evolving in ways for which many organizations are unprepared. One of the most overlooked vulnerabilities is secrets ...