Cursor flaw lets extensions steal API keys and session tokens without user interaction, according to researchers at LayerX ...
SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.
A hardcoded ClickUp API key exposed hundreds of corporate and government emails for over a year, raising new SaaS security ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results