IFRAME: [1]https://www.googletagmanager.com/ns.html?id=GTM-T52Z3Z3 informa informa [2]The Edge [3]DR Tech Sections Close Back Sections Featured Sections [4]The Edge [5]Dark Reading Technology [6]Attacks / Breaches [7]Cloud [8]ICS/OT [9]Remote Workforce [10]Perimeter [11]Analytics [12]Security Monitoring [13]Security Monitoring [14]App Sec [15]Database Security [16]Database Security [17]Risk [18]Compliance [19]Compliance [20]Threat Intelligence [21]Endpoint [22]Authentication[23]Mobile Security[24]Privacy [25]Authentication[26]Mobile Security[27]Privacy [28]Vulnerabilities / Threats [29]Advanced Threats[30]Insider Threats[31]Vulnerability Management [32]Advanced Threats[33]Insider Threats[34]Vulnerability Management [35]Operations [36]Identity & Access Management[37]Careers & People [38]Identity & Access Management[39]Careers & People [40]Physical Security [41]IoT [42]DR Global [43]Middle East & Africa [44]Middle East & Africa [45]Black Hat news [46]Omdia Research [47]Security Now Events Close Back Events [48]Events * [49]SecTor - Canada's IT Security Conference Oct 23-26 - Learn More * [50]Anatomy of a Data Breach - A Dark Reading June 22 Event [51]Webinars * [52]Here's What Zero Trust Really Means Jun 13, 2023 * [53]Mastering Endpoint Security: The Power of Least Privilege Jun 20, 2023 Resources Close Back Resources [54]Dark Reading Library > [55]Webinars > [56]Reports > [57]Slideshows > [58]White Papers > [59]Partner Perspectives: Microsoft [60]Tech Library > [61]Newsletter Sign-Up [62]The Edge [63]DR Tech Sections Close Back Sections Featured Sections [64]The Edge [65]Dark Reading Technology [66]Attacks / Breaches [67]Cloud [68]ICS/OT [69]Remote Workforce [70]Perimeter [71]Analytics [72]Security Monitoring [73]Security Monitoring [74]App Sec [75]Database Security [76]Database Security [77]Risk [78]Compliance [79]Compliance [80]Threat Intelligence [81]Endpoint [82]Authentication[83]Mobile Security[84]Privacy [85]Authentication[86]Mobile Security[87]Privacy [88]Vulnerabilities / Threats [89]Advanced Threats[90]Insider Threats[91]Vulnerability Management [92]Advanced Threats[93]Insider Threats[94]Vulnerability Management [95]Operations [96]Identity & Access Management[97]Careers & People [98]Identity & Access Management[99]Careers & People [100]Physical Security [101]IoT [102]DR Global [103]Middle East & Africa [104]Middle East & Africa [105]Black Hat news [106]Omdia Research [107]Security Now Events Close Back Events [108]Events * [109]SecTor - Canada's IT Security Conference Oct 23-26 - Learn More * [110]Anatomy of a Data Breach - A Dark Reading June 22 Event [111]Webinars * [112]Here's What Zero Trust Really Means Jun 13, 2023 * [113]Mastering Endpoint Security: The Power of Least Privilege Jun 20, 2023 Resources Close Back Resources [114]Dark Reading Library > [115]Webinars > [116]Reports > [117]Slideshows > [118]White Papers > [119]Partner Perspectives: Microsoft [120]Tech Library > [121]The Edge [122]DR Tech Sections Close Back Sections Featured Sections [123]The Edge [124]Dark Reading Technology [125]Attacks / Breaches [126]Cloud [127]ICS/OT [128]Remote Workforce [129]Perimeter [130]Analytics [131]Security Monitoring [132]Security Monitoring [133]App Sec [134]Database Security [135]Database Security [136]Risk [137]Compliance [138]Compliance [139]Threat Intelligence [140]Endpoint [141]Authentication[142]Mobile Security[143]Privacy [144]Authentication[145]Mobile Security[146]Privacy [147]Vulnerabilities / Threats [148]Advanced Threats[149]Insider Threats[150]Vulnerability Management [151]Advanced Threats[152]Insider Threats[153]Vulnerability Management [154]Operations [155]Identity & Access Management[156]Careers & People [157]Identity & Access Management[158]Careers & People [159]Physical Security [160]IoT [161]DR Global [162]Middle East & Africa [163]Middle East & Africa [164]Black Hat news [165]Omdia Research [166]Security Now Events Close Back Events [167]Events * [168]SecTor - Canada's IT Security Conference Oct 23-26 - Learn More * [169]Anatomy of a Data Breach - A Dark Reading June 22 Event [170]Webinars * [171]Here's What Zero Trust Really Means Jun 13, 2023 * [172]Mastering Endpoint Security: The Power of Least Privilege Jun 20, 2023 Resources Close Back Resources [173]Dark Reading Library > [174]Webinars > [175]Reports > [176]Slideshows > [177]White Papers > [178]Partner Perspectives: Microsoft [179]Tech Library > __________________________________________________________________ [180]Newsletter Sign-Up ____________________ SEARCH A minimum of 3 characters are required to be typed in the search bar in order to perform a search. Announcements 1. 2. 3. [181]Event [182]How to Launch a Threat Hunting Program | Webinar [183]Event [184]How to Accelerate XDR Outcomes: Bridging the Gap Between Network and Endpoint | Webinar [185]Report [186]Black Hat USA 2022 Attendee Report | Supply Chain & Cloud Security Risks Are Top of Mind | [187]Previous[188]Next [189]Application Security 4 MIN READ News Cybercrooks Scrape OpenAI API Keys to Pirate GPT-4 With more than 50,000 publicly leaked OpenAI keys on GitHub alone, OpenAI developer accounts are the third-most exposed in the world. [190]Nate Nelson [191]Contributing Writer, Dark Reading June 08, 2023 Image with the words GPT and OpenAI Source: SOPA Images Limited via Alamy Stock Photo (BUTTON) (BUTTON) (BUTTON) (BUTTON) (BUTTON) PDF (BUTTON) Yesterday, moderators of the r/ChatGPT Discord channel banned a script kiddie who was freely sharing stolen OpenAI API keys with hundreds of other users. API keys allow developers to integrate OpenAI's technologies — particularly its latest language model, GPT-4 — into their own applications. Often, however, developers [192]forget their keys in their code, making account theft a matter of just a few clicks. Since at least March, a user by the name "Discodtehe" has been scraping API keys from source code published to the software collaboration platform Replit. The person shared free access to the booty on r/ChimeraGPT, where a community of more than 800 members began racking up usage charges to the stolen accounts. OpenAI_keys1.PNG r/ChatGPT users coyly discussing the dangers of leaked API keys Following [193]Vice reporting on June 7, Discodtehe can no longer be found on Discord or Reddit. But the story isn't over, experts emphasize: Tens of thousands of exposed API keys are still out in the wild. "The core of the story is: Don't put credentials in your source code," says Chris Anley, chief scientist at NCC Group. "And certainly don't then publish that source code." OpenAI Keys Are Everywhere As [194]ChatGPT exploded in popularity, its keys began proliferating on the open Web. In [195]The State of the Secrets Sprawl 2023 report, published March 8, GitGuardian observed thousands of exposed OpenAI keys in public repositories, rising in proportion to the newfound popularity ChatGPT. As of this writing, GitGuardian tells Dark Reading there are more than 50,000 publicly leaked OpenAI keys on GitHub alone. That makes OpenAI developer accounts the third most exposed in the world, behind only MongoDB and Google. With vulnerability has come exploitation: cybercriminals have been trafficking stolen OpenAI keys ever since, often [196]out in the open on social platforms. Individuals can use the stolen keys to use the associated accounts, accruing large bills for the owner and possibly [197]accessing sensitive business data along the way. What enables this market isn't just developers' lack of due diligence, but also the ease with which anybody can find this information in public forums. Back in March, according to Vice, Discodtehe bragged how "the other day I scraped repl.it and found over 1000 working openai api keys," adding that, "I didn't even do a full scrape, I only looked at about half of the results." They probably weren't exaggerating. On a Zoom call, Dwayne McDaniel, security developer advocate at GitGuardian, demonstrated how easy it would've been. "I signed up for a Replit account a couple of minutes ago, and it took me less than two minutes to find OpenAI keys," he said. "In any repository management system — be it GitHub, Replit, what have you — there's a search function. And search functions have only gotten better over time. So I looked for 'openapi.key', 'openai.api.key', and so on, and it brought back search results," he explained. How Developers Can Protect Their API Secrets Enterprises' problem with hard-coded secrets doesn't always end with low-level hackers and Discord users. OpenAI_keys2.PNG Source: GitGuardian As Anley explains: "One of the reasons why it's so serious when people put credentials in code is that even in relatively placid times, tech industry turnover runs around 20% per annum. So if all of your most sensitive secrets are hard coded in your private corporate repositories, that means that, every year, 20% of your developers are walking out with administrative credentials to your systems in their back pocket. And that's without any breach happening!" Current and former employees can divulge corporate goodies [198]by accident, [199]or with malicious intent. But keeping secrets doesn't have to be hard. OpenAI even provides [200]a handy guide to it, recommending that organizations assign unique keys to each individual user, [201]use environmental variables and a key management service, rotate keys, and, of course, never include keys in code. McDaniel echoes all of the same points. "The proper thing would be to put your keys in a vault," he says, and to "rotate often. Do it on a regular basis — every day, if you're very sensitive, and you know that you've been targeted before. Third-party tools can help that 24-hour rotation." At the end of the day, he concludes, "the best secrets you can ever have are ones that either just don't exist, or that you never actually know yourself because they're rotated automatically." [202]Vulnerabilities/Threats[203]Operations Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox. [204]Subscribe More Insights White Papers * [205]ESG Report: Automated Application Security Testing for Faster Development * [206]Welcome to Modern Web App Security [207]More White Papers Webinars * [208]Here's What Zero Trust Really Means * [209]Mastering Endpoint Security: The Power of Least Privilege [210]More Webinars Reports * [211]Everything You Need to Know About DNS Attacks * [212]Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks [213]More Reports Editors' Choice [214]Mass Exploitation of Zero-Day Bug in MOVEit File Transfer Underway Jai Vijayan, Contributing Writer, Dark Reading [215]'Picture-in-Picture' Obfuscation Spoofs Delta, Kohl's for Credential Harvesting Nathan Eddy, Contributing Writer, Dark Reading [216]Dark Reading Launches Inaugural CISO Advisory Board Kelly Jackson Higgins 2, Editor-in-Chief, Dark Reading [217]'Volt Typhoon' China-Backed APT Infiltrates US Critical Infrastructure Orgs Tara Seals, Managing Editor, News, Dark Reading Webinars * [218]Here's What Zero Trust Really Means * [219]Mastering Endpoint Security: The Power of Least Privilege * [220]The Future is CNAPP: Cloud Security From Prevention To Threat Detection * [221]Secrets to a Successful Managed Security Service Provider Relationship * [222]How to Use Threat Intelligence to Mitigate Third Party Risk [223]More Webinars Reports * [224]Everything You Need to Know About DNS Attacks * [225]Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks * [226]The 10 Most Impactful Types of Vulnerabilities for Enterprises Today * [227]Shoring Up the Software Supply Chain Across Enterprise Applications * [228]The Promise and Reality of Cloud Security [229]More Reports White Papers * [230]ESG Report: Automated Application Security Testing for Faster Development * [231]Welcome to Modern Web App Security * [232]A Buyer's Guide to Securing Privileged Access * [233]2023 Gartner Market Guide for Cloud-Native Application Protection Platforms (CNAPP) * [234]Top Ten Tips: Securing Multi-Cloud with Modern CSPM [235]More White Papers Events * [236]SecTor - Canada's IT Security Conference Oct 23-26 - Learn More * [237]Anatomy of a Data Breach - A Dark Reading June 22 Event * [238]Black Hat USA - August 5-10 - Learn More [239]More Events More Insights White Papers * [240]ESG Report: Automated Application Security Testing for Faster Development * [241]Welcome to Modern Web App Security [242]More White Papers Webinars * [243]Here's What Zero Trust Really Means * [244]Mastering Endpoint Security: The Power of Least Privilege [245]More Webinars Reports * [246]Everything You Need to Know About DNS Attacks * [247]Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks [248]More Reports Discover More From Informa Tech * [249]Interop * [250]InformationWeek * [251]Network Computing * [252]ITPro Today * [253]Data Center Knowledge * [254]Black Hat * [255]Omdia Working With Us * [256]About Us * [257]Advertise * [258]Reprints Follow Dark Reading On Social * * * * * * * [259]Home * [260]Cookies * [261]Privacy * [262]Terms Logo Copyright © 2023 Informa PLC Informa UK Limited is a company registered in England and Wales with company number 1072954 whose registered office is 5 Howick Place, London, SW1P 1WG. References Visible links 1. https://www.googletagmanager.com/ns.html?id=GTM-T52Z3Z3 2. https://www.darkreading.com/edge 3. https://www.darkreading.com/dr-tech 4. https://www.darkreading.com/edge 5. https://www.darkreading.com/dr-tech 6. https://www.darkreading.com/attacks-breaches 7. https://www.darkreading.com/cloud 8. https://www.darkreading.com/ics-ot 9. https://www.darkreading.com/remote-workforce 10. https://www.darkreading.com/perimeter 11. https://www.darkreading.com/analytics 12. https://www.darkreading.com/security-monitoring 13. https://www.darkreading.com/security-monitoring 14. https://www.darkreading.com/application-security 15. https://www.darkreading.com/database-security 16. https://www.darkreading.com/database-security 17. https://www.darkreading.com/risk 18. https://www.darkreading.com/compliance 19. https://www.darkreading.com/compliance 20. https://www.darkreading.com/threat-intelligence 21. https://www.darkreading.com/endpoint 22. https://www.darkreading.com/authentication 23. https://www.darkreading.com/mobile 24. https://www.darkreading.com/privacy 25. https://www.darkreading.com/authentication 26. https://www.darkreading.com/mobile 27. https://www.darkreading.com/privacy 28. https://www.darkreading.com/vulnerabilities-threats 29. https://www.darkreading.com/advanced-threats 30. https://www.darkreading.com/insider-threats 31. https://www.darkreading.com/vulnerability-management 32. https://www.darkreading.com/advanced-threats 33. https://www.darkreading.com/insider-threats 34. https://www.darkreading.com/vulnerability-management 35. https://www.darkreading.com/operations 36. https://www.darkreading.com/identity-and-access-management 37. https://www.darkreading.com/careers-and-people 38. https://www.darkreading.com/identity-and-access-management 39. https://www.darkreading.com/careers-and-people 40. https://www.darkreading.com/physical-security 41. https://www.darkreading.com/iot 42. https://www.darkreading.com/dr-global 43. https://www.darkreading.com/middle-east-and-africa 44. https://www.darkreading.com/middle-east-and-africa 45. https://www.darkreading.com/black-hat 46. https://www.darkreading.com/omdia 47. https://www.darkreading.com/security-now.asp 48. https://www.darkreading.com/upcoming-events 49. https://sector.ca/?cid=smartbox_techweb_session_16.500299&_mc=smartbox_techweb_session_16.500299 50. https://ve.informaengage.com/virtual-events/dr-anatomy-of-a-data-breach-and-what-to-do-if-it-happens-to-you/?kcode=sbx&cid=smartbox_techweb_session_16.500296&_mc=smartbox_techweb_session_16.500296 51. https://www.darkreading.com/upcoming-webinars 52. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa4449&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001304&_mc=smartbox_techweb_upcoming_webinars_8.500001304 53. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa4474&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001306&_mc=smartbox_techweb_upcoming_webinars_8.500001306 54. https://www.darkreading.com/resources 55. https://www.darkreading.com/upcoming-webinars 56. https://www.darkreading.com/must-reads 57. https://www.darkreading.com/latest/slideshow 58. https://www.informationweek.com/whitepaper/Security 59. https://www.darkreading.com/microsoft 60. https://www.informationweek.com/whitepaper 61. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa3135&ch=dr_header 62. https://www.darkreading.com/edge 63. https://www.darkreading.com/dr-tech 64. https://www.darkreading.com/edge 65. https://www.darkreading.com/dr-tech 66. https://www.darkreading.com/attacks-breaches 67. https://www.darkreading.com/cloud 68. https://www.darkreading.com/ics-ot 69. https://www.darkreading.com/remote-workforce 70. https://www.darkreading.com/perimeter 71. https://www.darkreading.com/analytics 72. https://www.darkreading.com/security-monitoring 73. https://www.darkreading.com/security-monitoring 74. https://www.darkreading.com/application-security 75. https://www.darkreading.com/database-security 76. https://www.darkreading.com/database-security 77. https://www.darkreading.com/risk 78. https://www.darkreading.com/compliance 79. https://www.darkreading.com/compliance 80. https://www.darkreading.com/threat-intelligence 81. https://www.darkreading.com/endpoint 82. https://www.darkreading.com/authentication 83. https://www.darkreading.com/mobile 84. https://www.darkreading.com/privacy 85. https://www.darkreading.com/authentication 86. https://www.darkreading.com/mobile 87. https://www.darkreading.com/privacy 88. https://www.darkreading.com/vulnerabilities-threats 89. https://www.darkreading.com/advanced-threats 90. https://www.darkreading.com/insider-threats 91. https://www.darkreading.com/vulnerability-management 92. https://www.darkreading.com/advanced-threats 93. https://www.darkreading.com/insider-threats 94. https://www.darkreading.com/vulnerability-management 95. https://www.darkreading.com/operations 96. https://www.darkreading.com/identity-and-access-management 97. https://www.darkreading.com/careers-and-people 98. https://www.darkreading.com/identity-and-access-management 99. https://www.darkreading.com/careers-and-people 100. https://www.darkreading.com/physical-security 101. https://www.darkreading.com/iot 102. https://www.darkreading.com/dr-global 103. https://www.darkreading.com/middle-east-and-africa 104. https://www.darkreading.com/middle-east-and-africa 105. https://www.darkreading.com/black-hat 106. https://www.darkreading.com/omdia 107. https://www.darkreading.com/security-now.asp 108. https://www.darkreading.com/upcoming-events 109. https://sector.ca/?cid=smartbox_techweb_session_16.500299&_mc=smartbox_techweb_session_16.500299 110. https://ve.informaengage.com/virtual-events/dr-anatomy-of-a-data-breach-and-what-to-do-if-it-happens-to-you/?kcode=sbx&cid=smartbox_techweb_session_16.500296&_mc=smartbox_techweb_session_16.500296 111. https://www.darkreading.com/upcoming-webinars 112. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa4449&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001304&_mc=smartbox_techweb_upcoming_webinars_8.500001304 113. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa4474&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001306&_mc=smartbox_techweb_upcoming_webinars_8.500001306 114. https://www.darkreading.com/resources 115. https://www.darkreading.com/upcoming-webinars 116. https://www.darkreading.com/must-reads 117. https://www.darkreading.com/latest/slideshow 118. https://www.informationweek.com/whitepaper/Security 119. https://www.darkreading.com/microsoft 120. https://www.informationweek.com/whitepaper 121. https://www.darkreading.com/edge 122. https://www.darkreading.com/dr-tech 123. https://www.darkreading.com/edge 124. https://www.darkreading.com/dr-tech 125. https://www.darkreading.com/attacks-breaches 126. https://www.darkreading.com/cloud 127. https://www.darkreading.com/ics-ot 128. https://www.darkreading.com/remote-workforce 129. https://www.darkreading.com/perimeter 130. https://www.darkreading.com/analytics 131. https://www.darkreading.com/security-monitoring 132. https://www.darkreading.com/security-monitoring 133. https://www.darkreading.com/application-security 134. https://www.darkreading.com/database-security 135. https://www.darkreading.com/database-security 136. https://www.darkreading.com/risk 137. https://www.darkreading.com/compliance 138. https://www.darkreading.com/compliance 139. https://www.darkreading.com/threat-intelligence 140. https://www.darkreading.com/endpoint 141. https://www.darkreading.com/authentication 142. https://www.darkreading.com/mobile 143. https://www.darkreading.com/privacy 144. https://www.darkreading.com/authentication 145. https://www.darkreading.com/mobile 146. https://www.darkreading.com/privacy 147. https://www.darkreading.com/vulnerabilities-threats 148. https://www.darkreading.com/advanced-threats 149. https://www.darkreading.com/insider-threats 150. https://www.darkreading.com/vulnerability-management 151. https://www.darkreading.com/advanced-threats 152. https://www.darkreading.com/insider-threats 153. https://www.darkreading.com/vulnerability-management 154. https://www.darkreading.com/operations 155. https://www.darkreading.com/identity-and-access-management 156. https://www.darkreading.com/careers-and-people 157. https://www.darkreading.com/identity-and-access-management 158. https://www.darkreading.com/careers-and-people 159. https://www.darkreading.com/physical-security 160. https://www.darkreading.com/iot 161. https://www.darkreading.com/dr-global 162. https://www.darkreading.com/middle-east-and-africa 163. https://www.darkreading.com/middle-east-and-africa 164. https://www.darkreading.com/black-hat 165. https://www.darkreading.com/omdia 166. https://www.darkreading.com/security-now.asp 167. https://www.darkreading.com/upcoming-events 168. https://sector.ca/?cid=smartbox_techweb_session_16.500299&_mc=smartbox_techweb_session_16.500299 169. https://ve.informaengage.com/virtual-events/dr-anatomy-of-a-data-breach-and-what-to-do-if-it-happens-to-you/?kcode=sbx&cid=smartbox_techweb_session_16.500296&_mc=smartbox_techweb_session_16.500296 170. https://www.darkreading.com/upcoming-webinars 171. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa4449&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001304&_mc=smartbox_techweb_upcoming_webinars_8.500001304 172. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa4474&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001306&_mc=smartbox_techweb_upcoming_webinars_8.500001306 173. https://www.darkreading.com/resources 174. https://www.darkreading.com/upcoming-webinars 175. https://www.darkreading.com/must-reads 176. https://www.darkreading.com/latest/slideshow 177. https://www.informationweek.com/whitepaper/Security 178. https://www.darkreading.com/microsoft 179. https://www.informationweek.com/whitepaper 180. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa3135&ch=dr_header 181. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_manf45&ch=drsitebell 182. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_manf45&ch=drsitebell 183. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa4076&ch=drsitebell 184. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa4076&ch=drsitebell 185. https://messages.blackhat.com/2022-attendee-report-2022?kcode=drsite 186. https://messages.blackhat.com/2022-attendee-report-2022?kcode=drsite 187. https://www.darkreading.com/application-security/cybercrooks-scrape-openai-keys-pirate-gpt-4 188. https://www.darkreading.com/application-security/cybercrooks-scrape-openai-keys-pirate-gpt-4 189. https://www.darkreading.com/application-security 190. https://www.darkreading.com/author/nate-nelson 191. https://www.darkreading.com/author/nate-nelson 192. https://www.darkreading.com/dr-tech/how-to-reduce-code-risk-using-pipelineless-security 193. https://www.vice.com/en/article/93kkky/people-pirating-gpt4-scraping-openai-api-keys 194. https://www.darkreading.com/attacks-breaches/researcher-tricks-chatgpt-undetectable-steganography-malware 195. https://www.gitguardian.com/files/the-state-of-secrets-sprawl-report-2023 196. https://www.reddit.com/user/Falcoace/ 197. https://www.darkreading.com/risk/employees-feeding-sensitive-business-data-chatgpt-raising-security-fears 198. https://www.darkreading.com/dr-tech/insider-threats-are-more-than-just-malicious-employees 199. https://www.darkreading.com/vulnerabilities-threats/are-meta-and-twitter-ushering-in-a-new-age-of-insider-threats- 200. https://help.openai.com/en/articles/5112595-best-practices-for-api-key-safety 201. https://www.darkreading.com/operations/going-passwordless-here-s-6-steps-to-get-started 202. https://www.darkreading.com/vulnerabilities-threats 203. https://www.darkreading.com/operations 204. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa3135&ch=dr_eoa 205. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_invj39&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005381&_mc=smartbox_techweb_whitepaper_14.500005381 206. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_invj40&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005380&_mc=smartbox_techweb_whitepaper_14.500005380 207. https://www.informationweek.com/whitepaper/Security 208. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa4449&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001304&_mc=smartbox_techweb_upcoming_webinars_8.500001304 209. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa4474&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001306&_mc=smartbox_techweb_upcoming_webinars_8.500001306 210. https://www.darkreading.com/upcoming-webinars 211. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_ingg120&ch=sbx&cid=smartbox_techweb_analytics_7.300005989&_mc=smartbox_techweb_analytics_7.300005989 212. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_forq211&ch=sbx&cid=smartbox_techweb_analytics_7.300005988&_mc=smartbox_techweb_analytics_7.300005988 213. https://www.darkreading.com/must-reads 214. https://www.darkreading.com/application-security/mass-exploitation-0-day-bug-imoveit-file-transfer-underway 215. https://www.darkreading.com/endpoint/picture-in-picture-obfuscation-spoofs-delta-kohls-credential-harvesting 216. https://www.darkreading.com/operations/dark-reading-launches-inaugural-ciso-advisory-board 217. https://www.darkreading.com/endpoint/-volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure 218. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa4449&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001304&_mc=smartbox_techweb_upcoming_webinars_8.500001304 219. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa4474&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001306&_mc=smartbox_techweb_upcoming_webinars_8.500001306 220. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_wiza11&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001308&_mc=smartbox_techweb_upcoming_webinars_8.500001308 221. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_soph133&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001307&_mc=smartbox_techweb_upcoming_webinars_8.500001307 222. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_manf56&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001309&_mc=smartbox_techweb_upcoming_webinars_8.500001309 223. https://www.darkreading.com/upcoming-webinars 224. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_ingg120&ch=sbx&cid=smartbox_techweb_analytics_7.300005989&_mc=smartbox_techweb_analytics_7.300005989 225. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_forq211&ch=sbx&cid=smartbox_techweb_analytics_7.300005988&_mc=smartbox_techweb_analytics_7.300005988 226. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_defa3977&ch=sbx&cid=smartbox_techweb_analytics_7.300005981&_mc=smartbox_techweb_analytics_7.300005981 227. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_defa3940&ch=sbx&cid=smartbox_techweb_analytics_7.300005980&_mc=smartbox_techweb_analytics_7.300005980 228. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_darl08&ch=sbx&cid=smartbox_techweb_analytics_7.300005973&_mc=smartbox_techweb_analytics_7.300005973 229. https://www.darkreading.com/must-reads 230. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_invj39&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005381&_mc=smartbox_techweb_whitepaper_14.500005381 231. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_invj40&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005380&_mc=smartbox_techweb_whitepaper_14.500005380 232. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa4021&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005376&_mc=smartbox_techweb_whitepaper_14.500005376 233. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_wiza05&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005364&_mc=smartbox_techweb_whitepaper_14.500005364 234. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_wiza01&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005361&_mc=smartbox_techweb_whitepaper_14.500005361 235. https://www.informationweek.com/whitepaper/Security 236. https://sector.ca/?cid=smartbox_techweb_session_16.500299&_mc=smartbox_techweb_session_16.500299 237. https://ve.informaengage.com/virtual-events/dr-anatomy-of-a-data-breach-and-what-to-do-if-it-happens-to-you/?kcode=sbx&cid=smartbox_techweb_session_16.500296&_mc=smartbox_techweb_session_16.500296 238. https://www.blackhat.com/?cid=smartbox_techweb_session_16.500287&_mc=smartbox_techweb_session_16.500287 239. https://www.darkreading.com/upcoming-events 240. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_invj39&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005381&_mc=smartbox_techweb_whitepaper_14.500005381 241. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_invj40&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005380&_mc=smartbox_techweb_whitepaper_14.500005380 242. https://www.informationweek.com/whitepaper/Security 243. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa4449&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001304&_mc=smartbox_techweb_upcoming_webinars_8.500001304 244. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa4474&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001306&_mc=smartbox_techweb_upcoming_webinars_8.500001306 245. https://www.darkreading.com/upcoming-webinars 246. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_ingg120&ch=sbx&cid=smartbox_techweb_analytics_7.300005989&_mc=smartbox_techweb_analytics_7.300005989 247. https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_forq211&ch=sbx&cid=smartbox_techweb_analytics_7.300005988&_mc=smartbox_techweb_analytics_7.300005988 248. https://www.darkreading.com/must-reads 249. https://www.interop.com/ 250. https://www.informationweek.com/ 251. https://www.networkcomputing.com/ 252. https://www.itprotoday.com/ 253. https://www.datacenterknowledge.com/ 254. https://www.blackhat.com/ 255. http://www.omdia.com/ 256. https://www.darkreading.com/about-us 257. https://www.darkreading.com/advertise 258. https://info.wrightsmedia.com/informa-licensing-reprints-request 259. https://tech.informa.com/ 260. https://tech.informa.com/cookie-policy 261. https://tech.informa.com/privacy-policy 262. https://tech.informa.com/terms-and-conditions Hidden links: 264. https://www.darkreading.com/ 265. https://www.darkreading.com/ 266. https://www.darkreading.com/author/nate-nelson 267. https://www.darkreading.com/application-security/mass-exploitation-0-day-bug-imoveit-file-transfer-underway 268. https://www.darkreading.com/endpoint/picture-in-picture-obfuscation-spoofs-delta-kohls-credential-harvesting 269. https://www.darkreading.com/operations/dark-reading-launches-inaugural-ciso-advisory-board 270. https://www.darkreading.com/endpoint/-volt-typhoon-china-backed-apt-infiltrates-us-critical-infrastructure 271. https://www.darkreading.com/rss.xml 272. https://twitter.com/DarkReading 273. https://www.linkedin.com/company/dark-reading/ 274. https://www.facebook.com/darkreadingcom 275. https://www.youtube.com/@DarkReadingOfficialYT 276. https://news.google.com/publications/CAAqBwgKMKmknwswtq63Aw?ceid=US:en&oc=3