Tootfinder

Googles ungeschützte API-Keys wegen Gemini-KI ein Sicherheits- und Kostenrisiko
Sicherheitsforscher haben fast 3000 öffentlich sichtbare API-Keys von Google gefunden, die Gemini autorisieren. Das ermöglicht missbräuchlichen Zugriff.

Israel-based Fig Security, which makes tools for companies to monitor their security stack, raised $38M in seed and Series A funding (Ram Iyer/TechCrunch)
https://techcrunch.com/2026/03/03/fig-security-emerges-from-stealth…

Fig Security emerges from stealth with $38M to help security teams deal with change | TechCrunch
Fig traces data flows in the security stack and then alerts security teams when changes at any point affect detection or response capabilities.

from my link log —
Why every organization should make it easy to report security flaws.
https://this.weekinsecurity.com/why-every-organization-should-make-it-easy-to-report-security-flaws/
saved 2026-05-05

Why every organization should make it easy to report security flaws
Companies make it too challenging to report security bugs and data leaks. Having a dedicated security email address could save your company from a damaging hack.

Mac- und iPhone-Sicherheit: Objective-See-Konferenz kommt nach Berlin
Patrick Wardle gehört zu den renommiertesten Sicherheitsforschern im Apple-Bereich. Seine Non-Profit-Organisation Objective-See macht in Deutschland Station.

Mac- und iPhone-Sicherheit: Objective-See-Konferenz kommt nach Berlin
Patrick Wardle gehört zu den renommiertesten Sicherheitsforschern im Apple-Bereich. Seine Non-Profit-Organisation Objective-See macht in Deutschland Station.

Open source registries don't have enough money to implement basic security: Free beer is great. Securing the keg costs money.
Open source registries are in financial peril, a co-founder of an open source security foundation warned after inspecting their books. And it's not just the bandwidth costs that are killing them.
🫴

Open source registries don't have enough money to implement basic security
fosdem 2026: Free beer is great. Securing the keg costs money

Kristi Noem thanked Donald Trump for her new role as
special envoy for the
“Shield of the Americas”
while acknowledging her ouster as Department of Homeland Security (DHS) secretary.
Noem said she looks forward to working with secretary of state Marco Rubio and defense secretary Pete Hegseth to
“dismantle cartels”
as part of the president’s initiative that he’ll announce on Saturday.

US-Regierung stoppt Windprojekte wegen Gefährdung der nationalen Sicherheit
Die US-Regierung setzt ihren Kampf gegen Windenergie fort. Das Verteidigungsministerium will über 160 Onshore-Projekte nicht genehmigen.

US-Regierung stoppt Windprojekte wegen Gefährdung der nationalen Sicherheit
Die US-Regierung setzt ihren Kampf gegen Windenergie fort. Das Verteidigungsministerium will über 160 Onshore-Projekte nicht genehmigen.

Instructure reported a data breach on April 30; ShinyHunters added Instructure to its victims list and claims it has 3.65TB of data from ~9K institutions (Ionut Arghire/SecurityWeek)
https://www.securityweek.com/edtech-firm-instructure-discloses-data-breach/

Edtech Firm Instructure Discloses Data Breach Amid Hacker Leak Threats
Edtech company Instructure says names, email addresses, ID numbers, and messages were stolen in a cyberattack.

Reclaim Security, which uses AI-driven automation to remediate threat exposures, raised a $20M Series A led by Acrew Capital and a $6M seed (Chris Metinko/Axios)
https://www.axios.com/pro/enterprise-software-deals/2026/03/04/reclaim-se…

Exclusive: Reclaim Security raises $26M to find risk exposures
The new money includes a $20M Series A led by Acrew Capital

Former Trump and Biden AI advisers Dean Ball and Ben Buchanan urge bipartisan action on AI security risks, including tighter export controls and safety audits (New York Times)
https://www.nytimes.com/2026/05/04/opinion

Opinion | A.I. Is a National Security Risk. We Aren’t Doing Nearly Enough.
Both parties can agree to do a whole lot on A.I., but they have to move faster.