Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...

The Accessibility Tree Is How AI Agents Read Your Site & It’s Breaking

The accessibility tree decides whether an AI agent can read and act on your page. The 2026 data says the web is getting ...
NBC News

Bot web traffic has overtaken human web traffic, data shows

Website traffic from AI agents and bots has eclipsed its human-generated counterpart for the first time, according to Cloudflare, an earlier-than-expected milestone that speaks to AI’s rapid advance ...
Dark Reading

Google API Keys Remain Active After Deletion

Google API keys aren't completely inactive after users delete them, giving attackers a small but significant window to continue abusing them. Joe Leon, researcher at Belgian startup Aikido Security, ...
makeuseof

Excel already has a built-in web scraper, this is what I use it for

In 2021, after catching the tech bug as a kid and earning a degree in communications, Ada got into tech writing by editing crypto guides. Ada's expertise now spans Windows, Android (especially Samsung ...
Nature

Open data is key to genomics research — if the information can be kept safe

Shuhua Xu is a human population geneticist at the State Key Laboratory of Genetics and Development of Complex Phenotypes, School of Life Sciences, Fudan University, Shanghai, China. In April, ...
Wired

Thousands of Vibe-Coded Apps Expose Corporate and Personal Data on the Open Web

Companies like Lovable, Base44, Replit, and Netlify use AI to let anyone build a web app in seconds—and in thousands of cases, spill highly sensitive data onto the public internet. Security researcher ...
The Conversation

Facial recognition data is a key to your identity – if stolen, you can’t just change the locks

A woman strolls into a grocery store, thinking about grabbing some apples. Before she even reaches the produce aisle, a security camera has scanned her face. Whether the system is checking for ...
TheServerSide

How to get an OpenAI API key for ChatGPT

The biggest mistake people make when trying to get their ChatGPT API key is that they use the wrong URL. The key can't be found at chatgpt.com. Instead, point your browser to the OpenAI developer ...
CoinDesk

Hack at Vercel sends crypto developers scrambling to lock down API keys

Web infrastructure provider Vercel disclosed a security breach that may have exposed customer API keys, prompting crypto projects to rotate credentials and review their code. Vercel traced the ...
Infosecurity-magazine.com

Google API Keys Quietly Gain Access to Gemini on Android Devices

A flaw in Google's API key system has reportedly exposed mobile applications to unintended access to its Gemini AI platform. According to a CloudSEK advisory published on April 8, the issue affects ...
techtimes

API Key Leak Exposes AWS, Stripe, OpenAI Credentials Across Thousands of Sites

A large-scale cybersecurity study has revealed a serious global web security issue involving exposed API credentials tied to major platforms, including Amazon Web Services, Stripe, and OpenAI. After ...