News

Torque News5h

My Tesla Model Y Was Remotely Unlocked By Thieves Who Compromised My Tessie API Token, Then They Arrived Three Minutes Later To Ransack The Vehicle

Thieves just hacked a Tesla Model Y by compromising a third-party app’s API token, remotely unlocking the car in the middle ...

Max severity Argo CD API flaw leaks repository credentials

An Argo CD vulnerability allows API tokens with even low project-level get permissions to access API endpoints and retrieve ...
ZDNet6y

Over 100,000 GitHub repos have leaked API or cryptographic keys

A scan of billions of files from 13 percent of all GitHub public repositories over a period of six months has revealed that over 100,000 repos have leaked API tokens and cryptographic keys, with ...
Bleeping Computer4y

Twitter is warning devs that API keys and tokens may have leaked

Twitter is emailing developers stating that their API keys, access tokens, and access token secrets may have been exposed in a browser's cache.
InfoWorld2y

Public package repos expose thousands of API security tokens—and they ...

JFrog’s new Xray Secrets Detection uncovered active access tokens in popular open-source software registries including Docker, npm, and PyPI. Here are our findings and takeaways.