Cloud Security Alliance

Token Sprawl in the Age of AI

Explore how AI accelerates token sprawl, why legacy IAM struggles, and practical steps to shrink non-human identity risk.
Stark Insider

7 Ways to Stop Bleeding Money on AI API Calls

AI API calls are expensive. After our always-on bot burned through tokens, we found seven optimization levers that cut costs ...
CSOonline

AI programming copilots are worsening code security and leaking more secrets

Copilot-enabled repos are 40% more likely to contain API keys, passwords, or tokens — just one of several issues security leaders must address as AI-generated code proliferates. AI coding assistants ...

What 5 Million Apps Revealed About Secrets in JavaScript

Leaked API keys are nothing new, but the scale of the problem in front-end code has been largely a mystery - until now. Intruder's research team built a new secrets detection method and scanned 5 ...
WinBuzzer

Anthropic Bans Claude Subscription OAuth in Third-Party Apps

Anthropic has officially banned using Claude subscription OAuth in third-party tools, forcing developers to switch to API ...
Bleeping Computer

Max severity Argo CD API flaw leaks repository credentials

An Argo CD vulnerability allows API tokens with even low project-level get permissions to access API endpoints and retrieve all repository credentials associated with the project. The flaw, tracked ...