Search results for API key | Breaking Cybersecurity News | The Hacker News

Cybersecurity researchers have flagged several popular Google Chrome extensions that have been found to transmit data in HTTP and hard-code secrets in their code, exposing users to privacy and security risks. "Several widely used extensions [...] unintentionally transmit sensitive data over simple HTTP," Yuanjing Guo, a security researcher in the Symantec's Security Technology and Response team, said . "By doing so, they expose browsing domains, machine IDs, operating system details, usage analytics, and even uninstall information, in plaintext." The fact that the network traffic is unencrypted also means that they are susceptible to adversary-in-the-middle (AitM) attacks, allowing malicious actors on the same network such as a public Wi-Fi to intercept and, even worse, modify this data, which could lead to far more serious consequences. The list of identified extensions are below - SEMRush Rank (extension ID: idbhoeaiokcojcgappfigpifhpkjgmab) and P...

BeyondTrust has revealed it completed an investigation into a recent cybersecurity incident that targeted some of the company's Remote Support SaaS instances by making use of a compromised API key. The company said the breach involved 17 Remote Support SaaS customers and that the API key was used to enable unauthorized access by resetting local application passwords. The breach was first flagged on December 5, 2024. "The investigation determined that a zero-day vulnerability of a third-party application was used to gain access to an online asset in a BeyondTrust AWS account," the company said this week. "Access to that asset then allowed the threat actor to obtain an infrastructure API key that could then be leveraged against a separate AWS account which operated Remote Support infrastructure." The American access management company did not name the application that was exploited to obtain the API key, but said the probe uncovered two separate flaws in it...

Zero Trust helps organizations shrink their attack surface and respond to threats faster, but many still struggle to implement it because their security tools don’t share signals reliably. 88% of organizations admit they’ve suffered significant challenges in trying to implement such approaches, according to Accenture . When products can’t communicate, real-time access decisions break down. The Shared Signals Framework (SSF) aims to fix this with a standardized way to exchange security events. Yet adoption is uneven. For example, Kolide Device Trust doesn’t currently support SSF.  Scott Bean, Senior IAM and Security Engineer at MongoDB, proposed a way to solve the problem, giving teams an easy and intuitive way to operationalize SSF across their environment. In this guide, we'll share an overview of the workflow , plus step-by-step instructions for getting it up and running. The problem – IAM tools don’t support SSF A core requirement of Zero Trust is continuous, reliable sig...

Cybersecurity researchers have disclosed details of a malicious Google Chrome extension that's capable of stealing API keys associated with MEXC, a centralized cryptocurrency exchange (CEX) available in over 170 countries , while masquerading as a tool to automate trading on the platform. The extension, named MEXC API Automator (ID: pppdfgkfdemgfknfnhpkibbkabhghhfh), has 29 downloads and is still available on the Chrome Web Store as of writing. It was first published on September 1, 2025, by a developer named "jorjortan142." "The extension programmatically creates new MEXC API keys, enables withdrawal permissions, hides that permission in the user interface (UI), and exfiltrates the resulting API key and secret to a hardcoded Telegram bot controlled by the threat actor," Socket security researcher Kirill Boychenko said in an analysis. According to the Chrome Web Store listing, the web browser add-on is described as an extension that "simplifies connecti...

New research has found that Google Cloud API keys, typically designated as project identifiers for billing purposes, could be abused to authenticate to sensitive Gemini endpoints and access private data. The findings come from Truffle Security, which discovered nearly 3,000 Google API keys (identified by the prefix "AIza") embedded in client-side code to provide Google-related services like embedded maps on websites. "With a valid key, an attacker can access uploaded files, cached data, and charge LLM-usage to your account," security researcher Joe Leon said , adding the keys "now also authenticate to Gemini even though they were never intended for it." The problem occurs when users enable the Gemini API on a Google Cloud project (i.e., Generative Language API), causing the existing API keys in that project, including those accessible via the website JavaScript code, to gain surreptitious access to Gemini endpoints without any warning or notice. Th...

API attacks are on the rise. One of their major targets is eCommerce firms like yours.  APIs are a vital part of how eCommerce businesses are accelerating their growth in the digital world.  ECommerce platforms use APIs at all customer touchpoints, from displaying products to handling shipping. Owing to their increased use, APIs are attractive targets for hackers, as the following numbers expose:  API attack traffic increased by  681% in 2021    77% of retail respondents experienced API security incidents in 2021– according to  Noname security If left unaddressed, API abuse can damage your reputation, harm consumers, and affect the bottom line. Hence  API security  is worthy of consideration for eCommerce stakeholders. Why do eCommerce companies need APIs? API makes it easy for retailers and eCommerce platforms to handle product listings and orders. It transformed the static website into a completely customizable headless store. Ret...

As digital transformation takes hold and businesses become increasingly reliant on digital services, it has become more important than ever to secure applications and APIs (Application Programming Interfaces). With that said, application security and API security are two critical components of a comprehensive security strategy. By utilizing these practices, organizations can protect themselves from malicious attacks and security threats, and most importantly, ensure their data remains secure. Interestingly enough, despite the clear advantages these disciplines provide, businesses are struggling to understand which security approach is best for their needs. So in this article, we'll discuss the differences between application and API security, best practices that you should consider, and ultimately make the case for why you need both.  What is Application Security Application security, better known as AppSec, is a critical aspect of any organization's cybersecurity strategy....

There are several myths and misconceptions about API security. These myths about securing APIs are crushing your business.  Why so? Because these myths are widening your security gaps. This is making it easier for attackers to abuse APIs. And API attacks are costly. Of course, you will have to bear financial losses. But there are other consequences too:  Reputational damage  Customer attrition  Loss of customer trust  Difficulty in acquiring new customers Legal costs  Massive fines and penalties for non-compliance In this article, we will debunk the top 5 myths about  securing APIs   Secure APIs Better: Top 5 API Security Myths Demystified  Myth 1: API Gateways, Existing IAM Tools, and WAFs are Enough to Secure API Reality:   These aren’t enough to secure your APIs. They are layers in API security. They need to be part of a larger security solution.  API gateways monitor endpoints. They provide visibility into API usa...

The famous URL shortening service is facing a data breach . The very popular URL shortening service Bitly, has issued an urgent security warning saying that its users’ account credentials may have been compromised, according to a blog post published yesterday. " We have reason to believe that Bitly account credentials have been compromised; specifically, users' email addresses, encrypted passwords, API keys and OAuth tokens ," Bitly CEO Mark Josephson wrote in a blog post . At this point, however, there is no indication that hackers have broken into any user accounts, he said. Bitly was founded in 2008, allows users to shorten links and making it to share on other sites easier for users. It is privately held and based in New York City. Bitly shortens more than one billion links per month and powers over 10,000 custom short URLs and offers an enterprise analytics platform that helps web publishers and brands grow their social media traffic. Bitly users’ acc...

The United States Treasury Department said it suffered a "major cybersecurity incident" that allowed suspected Chinese threat actors to remotely access some computers and unclassified documents.  "On December 8, 2024, Treasury was notified by a third-party software service provider, BeyondTrust, that a threat actor had gained access to a key used by the vendor to secure a cloud-based service used to remotely provide technical support for Treasury Departmental Offices (DO) end users," the department said in a letter informing the Senate Committee on Banking, Housing, and Urban Affairs. "With access to the stolen key, the threat actor was able to override the service's security, remotely access certain Treasury DO user workstations, and access certain unclassified documents maintained by those users." The federal agency said it has been working with the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (...

With the growth in digital transformation, the API management market is set to grow  by more than 30%   by the year 2025 as more businesses build web APIs and consumers grow to rely on them for everything from mobile apps to customized digital services. As part of strategic business planning, an API helps generate revenue by allowing customers access to the functionality of a website or computer program through custom applications. As more and more businesses are implementing APIs, the risk of API attacks increases. By 2022, Gartner predicted that API (Application Programming Interface) attacks would become the most common attack vector for enterprise web applications. Cybercriminals are targeting APIs more aggressively than ever before, and businesses must take a proactive approach to  API security  to combat this new aggression. API and The Business World With integrating APIs into modern IT environments, businesses are becoming increasingly data-driven...

APIs, more formally known as application programming interfaces, empower apps and microservices to communicate and share data. However, this level of connectivity doesn't come without major risks. Hackers can exploit vulnerabilities in APIs to gain unauthorized access to sensitive data or even take control of the entire system. Therefore, it's essential to have a robust API security posture to protect your organization from potential threats. What is API posture management? API posture management refers to the process of monitoring and managing the security posture of your APIs. It involves identifying potential vulnerabilities and misconfigurations that could be exploited by attackers, and taking the necessary steps to remediate them. Posture management also helps organizations classify sensitive data and ensure that it's compliant with the leading data compliance regulations such as GDPR, HIPAA, and PCI DSS.  As mentioned above, APIs are a popular target for attackers...

A widespread data theft campaign has allowed hackers to breach sales automation platform Salesloft to steal OAuth and refresh tokens associated with the Drift artificial intelligence (AI) chat agent. The activity, assessed to be opportunistic in nature, has been attributed to a threat actor tracked by Google Threat Intelligence Group (GTIG) and Mandiant, tracked as UNC6395. GTIG told The Hacker News that it's aware of over 700 potentially impacted organizations. "Beginning as early as August 8, 2025, through at least August 18, 2025, the actor targeted Salesforce customer instances through compromised OAuth tokens associated with the Salesloft Drift third-party application," researchers Austin Larsen, Matt Lin, Tyler McLellan, and Omar ElAhdan said . In these attacks, the threat actors have been observed exporting large volumes of data from numerous corporate Salesforce instances, with the likely aim of harvesting credentials that could be then used to compromise vic...

This article was written by Peter Gerdenitsch, Group CISO at Raiffeisen Bank International, and is based on a presentation given during Imvision's Executive Education Program, a series of events focused on how enterprises are taking charge of the API security lifecycle. Launching the "Security in Agile" program Headquartered in Vienna, Raiffeisen Bank International (RBI) operates across 14 countries in Central and Eastern Europe with around 45,000 employees. Our focus is on providing universal banking solutions to customers, as well as developing digital banking products for the retail and corporate markets. Accordingly, RBI has a substantial R&D division, making for a very large community of IT and engineering professionals all over Europe. Back in 2019, we began shifting to a product-led agile setup for RBI, introducing various security roles contributing and collaborating to achieve our strategic goals. As part of this journey, we established the security champ...