A significant security breach at Elon Musk’s xAI occurred when a developer leaked a private API key on GitHub, granting unauthorized access to internal language models. The key remained active for nearly two months before being addressed. This incident underscores vulnerabilities in credential management, highlighting the need for improved security practices at technology companies.
New Campaign Targets HR Departments With False Resumes
A campaign by Venom Spider, a financially-motivated threat group, is employing spear-phishing emails to target hiring managers.
