Minting admin API keys with an unauth POST request is a wild bug to have

Critical Account Takeover via Unauthenticated API Key Creation in better-auth (CVE-2025-61928) - ZeroPath Blog

ZeroPath uncovered an unauthenticated API key creation flaw in better-auth's API keys plugin that enables attackers to mint privileged credentials ...

Catalin Cimpanu 2 months ago

The Everest ransomware group claimed the attack on Collins Aerospace, which crippled airports all over Europe A UK man was arrested for this, most likely an affiliate

Load More → Loading...