News

Torque News2d

My Tesla Model Y Was Remotely Unlocked By Thieves Who Compromised My Tessie API Token, Then They Arrived Three Minutes Later To Ransack The Vehicle

Thieves just hacked a Tesla Model Y by compromising a third-party app’s API token, remotely unlocking the car in the middle ...
Bleeping Computer4y

Twitter is warning devs that API keys and tokens may have leaked

Twitter is emailing developers stating that their API keys, access tokens, and access token secrets may have been exposed in a browser's cache. In an email seen by BleepingComputer, Twitter explains ...

Max severity Argo CD API flaw leaks repository credentials

An Argo CD vulnerability allows API tokens with even low project-level get permissions to access API endpoints and retrieve all repository credentials associated with the project.
ZDNet6y

Over 100,000 GitHub repos have leaked API or cryptographic keys

A scan of billions of files from 13 percent of all GitHub public repositories over a period of six months has revealed that over 100,000 repos have leaked API tokens and cryptographic keys, with ...
InfoWorld2y

Public package repos expose thousands of API security tokens—and they’re active

JFrog’s new Xray Secrets Detection uncovered active access tokens in popular open-source software registries including Docker, npm, and PyPI. Here are our findings and takeaways. As part of the ...