SecurityWeek

Google API Keys in Android Apps Expose Gemini Endpoints to Unauthorized Access

Threat actors can extract Google API keys embedded in Android applications to gain access to Gemini AI endpoints and ...

CPUID hacked to deliver malware via CPU-Z, HWMonitor downloads

Hackers gained access to an API for the CPUID project and changed the download links on the official website to serve ...
SecurityWeek

RCE Bug Lurked in Apache ActiveMQ Classic for 13 Years

RCE vulnerability in Apache ActiveMQ Classic that remained unnoticed for 13 years can be exploited via an Jolokia API.
Dark Reading

Adobe Patches Actively Exploited Zero-Day That Lingered for Months

An attacker has been using maliciously crafted PDF files to exploit a zero-day in Adobe Acrobat and Reader for at least four ...

OpenAI identifies security issue involving third-party tool, says user data was not accessed

April 10 (Reuters) - OpenAI said on Friday it had identified a security issue involving a third-party developer tool called ...

OpenAI warns Apple Mac users of security flaws in its apps, releases fix

OpenAI has urged macOS users to update its four apps after a security issue in its app-signing process, warning that older ...
14ymedio

Gemini 3 Flash API for Health and Wellness Content Teams: Speed, Cost, and Practical Value

Gemini Flash 3 API stands out as a relevant option for teams that care about speed, cost control, and practical editorial ...
The Hacker News

Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access

Docker CVE-2026-34040 enables AuthZ bypass via padded requests, risking host compromise; fixed in version 29.3.1.
Infosecurity Magazine

Google API Keys Quietly Gain Access to Gemini on Android Devices

A flaw in Google's API key system has reportedly exposed mobile applications to unintended access to its Gemini AI platform.

Analyst1 Releases Version 2.14.0, Expanding Automation, Integrations, and Intelligence Workflows

Analyst1 today announced the release of Version 2.14.0 of its threat intelligence platform, introducing new capabilities designed to scale intelligence production, strengthen integrations, unify ...
CSO Online

Claude uncovers a 13‑year‑old ActiveMQ RCE bug within minutes

The decade-old ActiveMQ flaw was uncovered and weaponized in minutes, showing AI’s exploit-building potential amid the Mythos ...

From Pokémon GO to physical AI: Niantic Spatial unveils its global 3D mapping platform

Niantic Spatial, the company spun out of Pokémon GO maker Niantic, is launching a revamped version of its Scaniverse platform ...