this post was submitted on 26 Mar 2026
6 points (100.0% liked)

Security

2030 readers
4 users here now

A community for discussion about cybersecurity, hacking, cybersecurity news, exploits, bounties etc.

Rules :

  1. All instance-wide rules apply.
  2. Keep it totally legal.
  3. Remember the human, be civil.
  4. Be helpful, don't be rude.

Icon base by Delapouite under CC BY 3.0 with modifications to add a gradient

founded 2 years ago
MODERATORS
Vacant@programming.dev
6
Thousands of websites are accidentally broadcasting sensitive data (techxplore.com)
submitted 3 days ago by Innerworld@lemmy.world to c/security@programming.dev
2 comments fedilink hide all child comments
top 2 comments
sorted by: hot top controversial new old
[โ€“] undefined@lemmy.hogru.ch 2 points 3 days ago (1 children)

The researchers found 1,748 active, verified credentials from major service providers (including Amazon Web Services, Stripe and OpenAI). These credentials were found publicly accessible within the live code of websites.

I mean, what else is new?

[โ€“] towerful@programming.dev 2 points 3 days ago

Yeh, but it's serverless! Where else do the private API keys go, other than in the web page?
\s