The Hacker News

Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement

New research has found that Google Cloud API keys, typically designated as project identifiers for billing purposes, could be abused to authenticate to sensitive Gemini endpoints and access private ...
GitHub

A comprehensive User Management System built with PHP, MySQL, and jQuery. Features role-based access control, user authentication, file management, and employee directory.

ums/ ├── api/ # REST API endpoints │ ├── login.php # Login endpoint │ ├── register.php # User registration │ ├── users.php # User CRUD operations │ ├── employees.php # Employee listing with pagination ...
Geeky Gadgets

Google File Search in Gemini 3.0 API Makes RAG Simple : Build Smarter Apps Today

What if building advanced AI-powered search systems didn’t require a team of engineers or months of development? Imagine uploading a few files, tweaking minimal settings, and instantly allowing your ...
techbooky.com

xAI Adds File Support to Grok API

Elon Musk’s AI startup, xAI, has rolled out file support for its Grok API, allowing developers to upload and analyse multiple file types within their AI applications. The update fulfills a pledge made ...
SecurityWeek

Claude AI APIs Can Be Abused for Data Exfiltration

An attacker can inject indirect prompts to trick the model into harvesting user data and sending it to the attacker’s account. Attackers can use indirect prompt injections to trick Anthropic’s Claude ...
CSOonline

Claude AI vulnerability exposes enterprise data through code interpreter exploit

Security researcher demonstrates how attackers can hijack Anthropic’s file upload API to exfiltrate sensitive information, even with network restrictions enabled. A newly disclosed vulnerability in ...
CSOonline

Cisco warns of critical API vulnerabilities in ISE and ISE-PIC

CSOs are being urged to quickly patch multiple vulnerabilities in Cisco Systems Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) that could allow an unauthenticated, ...
Krebs on Security

xAI Dev Leaks API Key for Private SpaceX, Tesla LLMs

Philippe Caturegli, “chief hacking officer” at the security consultancy Seralys, was the first to publicize the leak of credentials for an x.ai application programming interface (API) exposed in the ...
Wired

DOGE Is Planning a Hackathon at the IRS. It Wants Easier Access to Taxpayer Data

Elon Musk’s so-called Department of Government Efficiency (DOGE) has plans to stage a “hackathon” next week in Washington, DC. The goal is to create a single “mega API”—a bridge that lets software ...
TechCrunch

Mistral adds a new API that turns any PDF document into an AI-ready Markdown file

On Thursday French large language model (LLM) developer Mistral launched a new API for developers who handle complex PDF documents. Mistral OCR is an optical character recognition (OCR) API that can ...