A simple coding mistake is exposing API keys across thousands of websites

A large-scale study has revealed that websites are unintentionally exposing API keys tied to services like AWS, Stripe, and OpenAI, with most leaks traced back to publicly accessible JavaScript files.

File read flaw in Smart Slider plugin impacts 500K WordPress sites

A vulnerability in the Smart Slider 3 WordPress plugin, active on more than 800,000 websites, can be exploited to allow subscriber-level users access to arbitrary files on the server.
Hackaday

Hackaday Links: March 29, 2026

Whether it’s a new couch or a rare piece of hardware picked up on eBay, we all know what it feels like to eagerly await a delivery truck. But the CERN researchers involved in a delivery ...

Nepal: Ex-energy minister arrested in money laundering case

A day after the arrest of the former prime minister, Nepalese police also arrested the country's former energy minister. Investigators said he was detained as part of an ongoing probe into money ...

India: Modi inaugurates new international airport in Noida

The new international airport in Jewar, Uttar Pradesh, which will service New Delhi, will see up to 70 million passengers a year once fully operational. DW has the latest information.