The Register on MSN

OpenAI API moonlights as malware HQ in Microsoft’s latest discovery

Redmond uncovers SesameOp, a backdoor hiding its tracks by using OpenAI’s Assistants API as a command channel Hackers have ...

Microsoft warns a key OpenAI API is being exploited to launch cyberattacks

Recently, security researchers from Microsoft discovered a new piece of malware that uses a creative way of hiding this ...

Microsoft warns that an OpenAI API is being abused as a backdoor for 'espionage'

Microsoft researchers say that an OpenAI API is being abused by bad actors for long-term 'espionage' operations.
Microsoft

SesameOp: Novel backdoor uses OpenAI Assistants API for command and control

Microsoft Incident Response – Detection and Response Team (DART) researchers uncovered a new backdoor that is notable for its novel use of the OpenAI Assistants Application Programming Interface (API) ...
TheServerSide

How to get an OpenAI API key for ChatGPT

The biggest mistake people make when trying to get their ChatGPT API key is that they use the wrong URL. The key can't be found at chatgpt.com. Instead, point your browser to the OpenAI developer ...
Krebs on Security

xAI Dev Leaks API Key for Private SpaceX, Tesla LLMs

Philippe Caturegli, “chief hacking officer” at the security consultancy Seralys, was the first to publicize the leak of credentials for an x.ai application programming interface (API) exposed in the ...
Krebs on Security

DOGE Denizen Marko Elez Leaked API Key for xAI

Marko Elez, a 25-year-old employee at Elon Musk’s Department of Government Efficiency (DOGE), has been granted access to sensitive databases at the U.S. Social Security Administration, the Treasury ...
CSOonline

AI programming copilots are worsening code security and leaking more secrets

Copilot-enabled repos are 40% more likely to contain API keys, passwords, or tokens — just one of several issues security leaders must address as AI-generated code proliferates. AI coding assistants ...