This page collects WhisperX intelligence signals tagged #data_leak. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A medium-severity security vulnerability has been flagged in a public GitHub repository, exposing a potential data leak or resource exhaustion risk. The automated CodeQL Security Analysis tool detected a 'py/file-not-closed' rule violation on line 53 of the `user_management.py` file within the repository 'The_Unsecure_...
A critical security misconfiguration in the Claude desktop application exposes user data to any other user on the same machine. The application creates an SQLite database file, `~/.claude-peers.db`, with insecure default file permissions, allowing any local user account to read its contents. This database contains peer...
A critical security vulnerability in a core error-handling function is exposing sensitive data—including passwords, API keys, and personal information—directly into application logs and error messages. The flaw resides in the `error()` function within `packages/core/src/error/builder.ts`, where the default behavior use...
A significant source code leak has exposed the inner workings of Anthropic's Claude Code, revealing over 512,000 lines of TypeScript and offering a rare, unfiltered look into the AI coding assistant's development. The leak occurred when the Claude Code 2.1.88 update inadvertently included a source map file containing t...
A critical security vulnerability has been identified in the FacebookManager.cs code file, where the logging mechanism inadvertently captures and writes live Facebook access tokens to logs. The code calls LogTrace with full URLs that contain the sensitive 'access_token' and 'fb_exchange_token' query parameters at multi...
A public flashcard set on the online learning platform Quizlet appears to have exposed highly confidential security procedures for US Customs and Border Protection facilities in Kingsville, Texas. The set, titled 'USBP Review,' was created in February and remained publicly accessible until March 20, when it was abruptl...
A critical vulnerability within Wanaku's tool execution framework exposes sensitive data, including potential API keys and credentials, through standard application logs. The flaw resides in the `ExecClient` component, which logs the full command URI at the INFO level before executing a tool. This logging practice mean...
A critical security vulnerability has been identified in a multi-tenant application's codebase, where the use of Supabase's Service Role key completely bypasses Row Level Security (RLS). This architectural flaw means that any server-side query missing a manual tenant filter, such as `.eq('clinic_id', clinicId)`, will i...
Logixlysia, a software platform, is exposing a critical information disclosure vulnerability that leaks sensitive data directly into its logs. The system's logging mechanism passes entire error objects to console output, log files, and external logging services without any sanitization or filtering. This flaw means any...
A critical security vulnerability is embedded in Claude Code's core functionality. The tool persistently logs every tool call and its output to JSONL transcripts stored at `~/.claude/projects/`. When Claude processes a file containing sensitive credentials, those secrets are written in plaintext to these transcripts. S...
A critical security vulnerability in Clawith v1.8.1 allows its AI Agent to directly expose sensitive environment variables, including database passwords, to users. This flaw effectively turns the Agent into a conduit for credential exfiltration, where simple conversational prompts can force it to reveal secrets like th...
A convergence of data integrity failures and supply chain compromises has intensified scrutiny on the technology sector's foundational infrastructure. UK Biobank has issued over 110 copyright takedown notices targeting leaked health data hosted on GitHub, signaling an escalating battle over the control of sensitive bio...