The Hacker News

Malicious StripeApi NuGet Package Mimicked Official Library and Stole API Tokens

Malicious StripeApi.Net package on NuGet mimicked Stripe.net, logged 180,000 downloads, and stole Stripe API tokens before removal.
Analytics Insight

GPT-5.2 API vs Gemini 3 Pro API: A Pricing and Performance Analysis on Kie.ai

As more companies integrate large language models into customer support, analytics, and internal automation, the main concern is no longer “Which model is the m ...
The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...

0x Launches Cross-Chain API Beta to Power Agentic Swaps Across Blockchains

The 0x Cross-Chain API aggregates liquidity and routes through multiple bridge providers, automatically optimizing for best price or faster execution based on developer preferences. It enables "bridge ...
Bleeping Computer

Twitter is warning devs that API keys and tokens may have leaked

Twitter is emailing developers stating that their API keys, access tokens, and access token secrets may have been exposed in a browser's cache. In an email seen by BleepingComputer, Twitter explains ...
Cloud Security Alliance

Token Sprawl in the Age of AI

Explore how AI accelerates token sprawl, why legacy IAM struggles, and practical steps to shrink non-human identity risk.
ZDNet

Rust programming language: Crates package API tokens revoked over serious security flaw

The project behind popular programming language Rust has revoked all API keys from its crates.io package web app. The key revocation addresses a serious vulnerability affecting Rust's package system ...