SecurityWeek

Google API Keys in Android Apps Expose Gemini Endpoints to Unauthorized Access

Threat actors can extract Google API keys embedded in Android applications to gain access to Gemini AI endpoints and ...
Infosecurity Magazine

Google API Keys Quietly Gain Access to Gemini on Android Devices

A flaw in Google's API key system has reportedly exposed mobile applications to unintended access to its Gemini AI platform.
Security Boulevard

The Complete Guide to Passwordless Authentication in 2026: How It Works, Why It Matters, and How to Implement It

Passwords are responsible for 80% of data breaches. Passwordless authentication eliminates the attack surface entirely. Here ...
Security Boulevard

7 Identity and API Security Tools Modern SaaS Teams Should Evaluate in 2026

Discover 7 essential identity and API security tools for modern SaaS teams. Expert comparison of SSO, DAST, MCP security, and passwordless authentication tools ...

Claude Code Can Now Control Your Desktop : Here’s What It Can Do

Anthropic’s Claude Code now controls macOS apps with mouse, keyboard, and screenshots, plus remote actions via the new ...

Fiverr Denies ‘Major Security Lapse’ Despite Private User Data Appearing in Google Search

A researcher flagged the vulnerability 40 days ago with no response from Fiverr. Now tax returns, driver's licenses, and ...

How Antigravity’s AI Subagents Are Reshaping Engineering Teams With Arcade

Antigravity Mission Control paired with Arcade.dev MCP runtime forms an autonomous AI engineering team that can execute tasks ...
Microsoft

Inside an AI‑enabled device code phishing campaign

A new wave of device code phishing shows how threat actors are scaling account compromise using AI and end‑to‑end automation.

OpenAI rotates macOS certs after Axios attack hit code-signing workflow

OpenAI is rotating potentially exposed macOS code-signing certificates after a GitHub Actions workflow executed a malicious ...

Claude Code's source code appears to have leaked: here's what we know

The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...

Appknox Launches KnoxIQ, an AI Co-Pilot to Prioritize Real-World Exploitability in Application Security

As AI-assisted development increases the volume and complexity of vulnerabilities, the harder problem for security teams has become identifying which ones represent real risk (and resolving them ...

ESET Previews New AI Security Features to Secure Chatbot Communications and AI Workflows

Showcased at RSAC 2026, ESET’s upcoming AI security features will protect the full AI conversation flow by scanning both prompts and responses to ...