CoinDesk

Here's what next as Anthropic's most powerful AI model leaked via unsecured data cache

A draft blog post left in an unsecured data cache revealed a new model tier called Capybara that Anthropic says is more capable than anything it has built, with the company flagging "unprecedented" ...

A simple coding mistake is exposing API keys across thousands of websites

A large-scale study has revealed that websites are unintentionally exposing API keys tied to services like AWS, Stripe, and OpenAI, with most leaks traced back to publicly accessible JavaScript files.
The Hacker News

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

Claude extension flaw enabled silent prompt injection via XSS and weak allowlist, risking data theft and impersonation until ...