Public Google API keys can be used to expose Gemini AI data

Google Maps/Cloud API Application Programming Interface keys that used to be safe to publish can now, in many cases, be used as real Gemini AI credentials. This means that any key sitting in public JavaScript or application code may now let attackers connect to Gemini through its API, access data...

PT-2026-1586

Name of the Vulnerable Software and Affected Versions ShareThis Dashboard for Google Analytics plugin for WordPress versions through 3.2.4 Description The plugin is susceptible to Sensitive Information Exposure. The Google Analytics client ID and client secret are stored in plaintext within the...

EUVD-2025-180319

Malicious code in array-public-code-async-decompress npm...

Malicious code in cold-short-phi-public-code (npm)

The package cold-short-phi-public-code was found to contain malicious code...

MAL-2025-17278 Malicious code in cold-short-phi-public-code (npm)

The package cold-short-phi-public-code was found to contain malicious code...

CVE-2023-36817 The King's Temple Church website Leaked Stripe API Key in Public Code Repository

tktchurch/website contains the codebase for The King's Temple Church website. In version 0.1.0, a Stripe API key was found in the public code repository of the church's project. This sensitive information was unintentionally committed and subsequently exposed in the codebase. If an unauthorized...

Drcat 0.5.0-beta (drcatd) Remote Root Exploit

No description provided by source. / Proof of Concept DRCATD Remote exploit by Taif Test: root@localhost drcat ./drcat -d 127.0.0.1 -u taif -p test Public code by Taif drcat-0.5.0-beta 'remote r00t' proof Bug found by Khan Shirani host: +-+-+-+-+-+-+-+ 127.0.0.1 |C|L|U|P|C|S|R| user:...