Microsoft

Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk

A severe Android intent‑redirection vulnerability in a widely deployed SDK exposed sensitive user data across millions of ...
InfoQ

OpenAI Extends the Responses API to Serve as a Foundation for Autonomous Agents

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Madelyn Olson discusses the evolution of ...

Why Your AI Girlfriend is a Privacy Time Bomb: 150M Users at Risk

Over 150 million people have installed AI companion apps, but new reports show they are a privacy nightmare due to its ...
Engadget

Meta is testing clickable links in Instagram captions for verified subscribers

Instagram has long limited users' ability to share links, restricting link-sharing to Stories, Reels and user profiles. But that might now be changing. The company has started to test clickable links ...
TechSpot

A stolen Gemini API key turned a $180 bill into $82,000 in two days

AI Economy: A team of three developers in Mexico is facing a roughly 455× increase in monthly AI service expenses after an API key associated with their project was allegedly compromised. The key was ...
The Hacker News

Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement

New research has found that Google Cloud API keys, typically designated as project identifiers for billing purposes, could be abused to authenticate to sensitive Gemini endpoints and access private ...
CSOonline

‘Silent’ Google API key change exposed Gemini AI data

Google Cloud API keys, normally used as simple billing identifiers for APIs such as Maps or YouTube, could be scraped from websites to give access to private Gemini AI project data, researchers from ...
Engadget

The iFi GO Link 2 is eight percent smaller than its predecessor and only costs $59.

Audio company iFi just introduced a new DAC (digital-to-analogue converter) that's both smaller and lighter than its previous model, and only costs $59. The iFi GO Link 2 connects to a smartphone or ...
Bleeping Computer

What 5 Million Apps Revealed About Secrets in JavaScript

Leaked API keys are nothing new, but the scale of the problem in front-end code has been largely a mystery - until now. Intruder’s research team built a new secrets detection method and scanned 5 ...
InfoQ

Chrome 144 Ships Temporal API: Advancing JavaScript Date/Time Standardisation

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Soroosh Khodami discusses why we aren't ready ...
Bleeping Computer

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into executing malicious JavaScript in their browser, allowing attackers to ...