On April 29, 2026, someone slipped malicious code into four widely used SAP software packages. Within days, the infection had ...

Over 170 TanStack, Mistral AI, OpenSearch, UiPath, and other packages were affected in a new Mini Shai-Hulud supply chain ...

Be honest with me. How many of your passwords are still some version of your pet’s name followed by a number? Studies have shown that roughly 80% of data breaches involve weak or reused passwords.

Dive into The Register's online archive of incisive tech news reporting, features, and analysis dating back to 1998 ...

A single line of Python code was all it took. Developers who ran import lightning after installing versions 2.6.2 or 2.6.3 of ...

A threat group planted a malicious npm package in a crypto trading project through an AI-generated commit by Anthropic's ...

A hardcoded API key embedded in ClickUp’s public website exposed 959 corporate and government email addresses and more than 3 ...

The biggest mistake people make when trying to get their ChatGPT API key is that they use the wrong URL. The key can't be found at chatgpt.com. Instead, point your browser to the OpenAI developer ...

A breach at web infrastructure provider Vercel is forcing crypto teams to rotate API keys and do a deep inspection of their underlying code. In a bulletin, Vercel said the hacker was able to grab ...

Dozens of such keys can be extracted from apps’ decompiled code to gain access to all Gemini endpoints. Threat actors can extract Google API keys embedded in Android applications to gain access to ...

A flaw in Google's API key system has reportedly exposed mobile applications to unintended access to its Gemini AI platform. According to a CloudSEK advisory published on April 8, the issue affects ...

Meta has paused all its work with the data contracting firm Mercor while it investigates a major security breach that impacted the startup, two sources confirmed to WIRED. The pause is indefinite, the ...