Submit #802416: SourceCodester Pizzafy Ecommerce System 1.0 SQL Injection [Accepted]
Submit #802416 / VDB-359828
You must login to view this content
You must login to view this content
A publicly accessible JavaScript file on ClickUp’s homepage has been silently leaking nearly a thousand corporate and government email addresses, including employees from Fortinet, Home Depot, Tenable, Mayo Clinic, and U.S. state government workers, through a hardcoded third-party API key that was first reported in January 2025 and remains unrotated as of April 2026. The […]
The post ClickUp’s Hardcoded API Key Exposes 959 Emails from Fortune 500 Giants appeared first on Cyber Security News.