研究人员在近1万个网站上发现了1700多个暴露的API凭据. Researchers found over 1,700 exposed API credentials on nearly 10,000 websites.

一项大规模的研究发现, 在近1万个网站上有超过1700个暴露的API凭据, 包括主要银行和科技公司. A large-scale study found over 1,700 exposed API credentials on nearly 10,000 websites, including those of major banks and tech firms. 研究人员发现, 提供访问亚马逊网络服务和OpenAI等服务的敏感密钥嵌入在公共JavaScript文件中. Researchers discovered that sensitive keys, granting access to services like Amazon Web Services and OpenAI, were embedded in public JavaScript files. 这种广泛的暴露使系统在几个月内变得脆弱, 突出了开发者更好的安全实践的必要性. This widespread exposure left systems vulnerable for months, highlighting a critical need for better developer security practices.