OpenAI

2 minute read

15 Malicious JetBrains Plugins Caught Stealing DeepSeek, OpenAI API Keys

Hackers are using 15 malicious JetBrains plugins posing as AI coding assistants to steal DeepSeek, OpenAI, and other developer API keys.

byDeeba Ahmed

June 17, 2026

2 minute read

27,000-Download Codex UI Tool Secretly Stole OpenAI Refresh Tokens

A malicious Codex UI npm package with 27,000 weekly downloads was caught exfiltrating OpenAI refresh tokens, exposing developers to account takeover risks.

byDeeba Ahmed

May 31, 2026

3 minute read

OpenAI Launches GPT-5.4-Cyber to Boost Defensive Cybersecurity

OpenAI unveils GPT-5.4-Cyber, a cybersecurity-focused model built to help defenders analyze malware and fix software bugs. The company is also expanding its Trusted Access for Cyber (TAC) program to thousands of verified experts.

byDeeba Ahmed

April 16, 2026

2 minute read

OpenAI Rotates macOS Certificates Following Axios Supply Chain Breach

OpenAI rotates macOS certificates after downloading a compromised Axios version, urging users to update apps before revoked certificates are blocked in May 2026.

byDeeba Ahmed

April 13, 2026

2 minute read

Hacker Used Claude Code, GPT-4.1 to Exfiltrate Hundreds of Millions of Mexican Records

A lone hacker used Claude Code and GPT-4.1 to exfiltrate hundreds of millions of Mexican citizen records from 9 government agencies.

byDeeba Ahmed

April 12, 2026

2 minute read

Fake ChatGPT Ad Blocker Chrome Extension Caught Spying on Users

A fake Chrome browser extension called 'ChatGPT Ad Blocker' was harvesting conversations of ChatGPT users in the name of offering an ad-free experience.

byDeeba Ahmed

April 3, 2026

OpenAI Codex Vulnerability Allowed Attackers to Steal GitHub Tokens

2 minute read

Security

OpenAI Codex Vulnerability Allowed Attackers to Steal GitHub Tokens

OpenAI Codex vulnerability allowed attackers to steal GitHub tokens via malicious branch names using hidden Unicode command injection flaw.

byDeeba Ahmed

March 30, 2026

3 minute read

Firebase Misconfiguration Exposes 300M Messages From Chat & Ask AI Users

A technical mistake in the popular Chat & Ask AI app has left 300 million private messages from 25 million users exposed online. Discover what happened and how you can protect your personal data when using AI chatbots.

byDeeba Ahmed

February 18, 2026

2 minute read

OpenAI API User Data Exposed in Mixpanel Breach, ChatGPT Unaffected

OpenAI confirmed a third-party data breach via Mixpanel, exposing limited API user metadata like names, emails and browser…

byWaqas

November 27, 2025

2 minute read

Mindgard Finds Sora 2 Vulnerability Leaking Hidden System Prompt via Audio

AI security firm Mindgard discovered a flaw in OpenAI’s Sora 2 model, forcing the video generator to leak…

byDeeba Ahmed

November 12, 2025

The Latest

MDR Provider Comparison: Time to Discover and Respond to Threats

Meteor 3.0 Migration Helped Rocket.Chat Move Off End-of-Life Node.js Runtime

Gcore Helps Ucom Safeguard Public Live Broadcast Infrastructure During Armenia’s Parliamentary Elections

Nintendo America Employee Data Exposed After Shadowbyt3$ Targets TinyPulse

OpenAI

15 Malicious JetBrains Plugins Caught Stealing DeepSeek, OpenAI API Keys

27,000-Download Codex UI Tool Secretly Stole OpenAI Refresh Tokens

OpenAI Launches GPT-5.4-Cyber to Boost Defensive Cybersecurity

OpenAI Rotates macOS Certificates Following Axios Supply Chain Breach

Hacker Used Claude Code, GPT-4.1 to Exfiltrate Hundreds of Millions of Mexican Records

Fake ChatGPT Ad Blocker Chrome Extension Caught Spying on Users

OpenAI Codex Vulnerability Allowed Attackers to Steal GitHub Tokens

Firebase Misconfiguration Exposes 300M Messages From Chat & Ask AI Users

OpenAI API User Data Exposed in Mixpanel Breach, ChatGPT Unaffected

Mindgard Finds Sora 2 Vulnerability Leaking Hidden System Prompt via Audio

Gcore Helps Ucom Safeguard Public Live Broadcast Infrastructure During Armenia’s Parliamentary Elections

eFAQ Publishes Investigation Into Alleged Scam Activity and Coordinated Reputation Attacks

SpyCloud Report Finds Phishing Attacks Surge as Employee Data Is Exposed at 86% of Fortune 100 Companies

Heimdal Survey: Executives Four Times More Confident About AI Risk Than the Teams Managing It

Aembit Extends IAM for Agentic AI to Microsoft Copilot Studio