{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/api-key/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":7.5,"id":"CVE-2026-33710"}],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["cve-2026-33710","chamilo","api-key","brute-force","webserver"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eChamilo LMS, a popular learning management system, contains a vulnerability in versions prior to 1.11.38 and 2.0.0-RC.3 related to the generation of REST API keys (CVE-2026-33710). The API keys are generated using a flawed algorithm: \u003ccode\u003emd5(time() + (user_id * 5) - rand(10000, 10000))\u003c/code\u003e. Due to \u003ccode\u003erand(10000, 10000)\u003c/code\u003e always returning 10000, the formula simplifies to \u003ccode\u003emd5(timestamp + user_id*5 - 10000)\u003c/code\u003e. An attacker knowing a valid username and a rough estimate of when the API key was generated can brute-force the key due to the limited entropy. This vulnerability allows unauthorized access to the Chamilo LMS REST API. The vulnerability was reported and patched in versions 1.11.38 and 2.0.0-RC.3. This poses a significant threat to educational institutions and organizations using vulnerable versions of Chamilo LMS.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker identifies a target Chamilo LMS instance running a vulnerable version (prior to 1.11.38 or 2.0.0-RC.3).\u003c/li\u003e\n\u003cli\u003eAttacker obtains a valid username on the target Chamilo LMS instance through OSINT or credential stuffing.\u003c/li\u003e\n\u003cli\u003eAttacker estimates the API key creation time. This might be inferred from user activity or system logs.\u003c/li\u003e\n\u003cli\u003eAttacker crafts a script to generate potential API keys based on the predictable formula \u003ccode\u003emd5(timestamp + user_id*5 - 10000)\u003c/code\u003e using the known username and estimated timestamp.\u003c/li\u003e\n\u003cli\u003eThe script iterates through a range of timestamps around the estimated creation time, generating corresponding MD5 hashes.\u003c/li\u003e\n\u003cli\u003eAttacker sends API requests with the generated API keys to the Chamilo LMS server.\u003c/li\u003e\n\u003cli\u003eThe server validates the API key against the user.\u003c/li\u003e\n\u003cli\u003eUpon successful validation, the attacker gains unauthorized access to the Chamilo LMS REST API, potentially allowing them to modify course content, access user data, or perform other malicious actions.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-33710 can lead to unauthorized access to sensitive data within the Chamilo LMS, including user information, course materials, and grades. This could result in data breaches, academic fraud, and reputational damage for affected organizations. The vulnerability affects all organizations running vulnerable versions of Chamilo LMS; the number of victims is correlated to the number of vulnerable deployments.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade Chamilo LMS installations to version 1.11.38 or 2.0.0-RC.3 or later to patch CVE-2026-33710.\u003c/li\u003e\n\u003cli\u003eMonitor web server logs for unusual API requests originating from unexpected IP addresses, especially those containing potentially valid API keys by deploying the provided Sigma rule.\u003c/li\u003e\n\u003cli\u003eImplement rate limiting on API endpoints to mitigate brute-force attempts.\u003c/li\u003e\n\u003cli\u003eIf upgrading is not immediately feasible, consider temporarily disabling the REST API.\u003c/li\u003e\n\u003cli\u003eReview and audit user permissions within Chamilo LMS to minimize the impact of potential unauthorized access.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-11T12:00:00Z","date_published":"2026-04-11T12:00:00Z","id":"/briefs/2026-04-chamilo-api-key-bruteforce/","summary":"Chamilo LMS versions prior to 1.11.38 and 2.0.0-RC.3 generate predictable REST API keys, allowing attackers with knowledge of a username and approximate key creation time to brute-force access.","title":"Chamilo LMS REST API Key Brute-Force Vulnerability (CVE-2026-33710)","url":"https://feed.craftedsignal.io/briefs/2026-04-chamilo-api-key-bruteforce/"},{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["ai-agent","api-key","authorization","credential-theft"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eA recent audit of 30 popular AI agent frameworks, including OpenClaw, AutoGen, CrewAI, LangGraph, MetaGPT, and AutoGPT, reveals a widespread lack of robust authorization mechanisms. The report, published in March 2026, highlights that 93% of these frameworks rely solely on unscoped API keys for authentication. This means that any agent with access to the API key has full privileges, creating significant security risks. Furthermore, none of the frameworks provide per-agent cryptographic identity or revocation capabilities. In multi-agent systems, child agents inherit the full credentials of their parent agents, with no option for scope narrowing. This lack of granular control and isolation can lead to significant security breaches, including credential exposure and privilege escalation, as demonstrated by the 21,000 exposed OpenClaw instances leaking credentials and the 1.5 million API tokens exposed in the Moltbook breach.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker gains access to an unscoped API key, either through exposed instances like the 21,000 OpenClaw instances or breaches like the Moltbook incident affecting 1.5 million tokens.\u003c/li\u003e\n\u003cli\u003eThe attacker leverages the unscoped API key to authenticate to the AI agent framework.\u003c/li\u003e\n\u003cli\u003eThe attacker uses the API key to control an AI agent, potentially injecting malicious goals or code.\u003c/li\u003e\n\u003cli\u003eIn multi-agent systems, the attacker exploits the inherited privileges of child agents to gain broader access.\u003c/li\u003e\n\u003cli\u003eThe attacker leverages the agent\u0026rsquo;s capabilities to access sensitive data or perform unauthorized actions.\u003c/li\u003e\n\u003cli\u003eThe attacker escalates privileges by exploiting vulnerabilities within the agent framework or underlying system.\u003c/li\u003e\n\u003cli\u003eThe attacker uses the compromised agent to move laterally within the system or network.\u003c/li\u003e\n\u003cli\u003eThe attacker achieves their objective, which could include data theft, system disruption, or further compromise of the environment.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThe widespread use of unscoped API keys and lack of proper authorization in AI agent frameworks creates a significant security risk. Successful exploitation can lead to data breaches, system compromise, and reputational damage. The report cites real-world incidents, including 21,000 exposed OpenClaw instances leaking credentials and 1.5 million API tokens exposed in the Moltbook breach, demonstrating the potential for widespread impact. The lack of per-agent revocation means that if one agent is compromised, the API key for all agents must be rotated, causing significant disruption.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImplement network monitoring to detect unusual traffic patterns originating from AI agent servers. Analyze outbound connections for connections to unusual or malicious domains (grantex.dev).\u003c/li\u003e\n\u003cli\u003eAudit the configuration of AI agent frameworks to identify instances using unscoped API keys. Prioritize upgrading or replacing frameworks that lack proper authorization controls.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule for detecting API key usage in command-line arguments or environment variables to identify potential credential exposure.\u003c/li\u003e\n\u003cli\u003eMonitor for access to sensitive data or resources by AI agents and implement least-privilege access controls.\u003c/li\u003e\n\u003cli\u003eImplement regular security audits and penetration testing of AI agent frameworks to identify and address vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-03-16T12:00:00Z","date_published":"2026-03-16T12:00:00Z","id":"/briefs/2026-03-ai-agent-auth/","summary":"A research report auditing popular AI agent projects found that 93% rely on unscoped API keys as the only authentication mechanism, leading to potential credential exposure, privilege escalation, and lateral movement within multi-agent systems.","title":"Unscoped API Keys in AI Agent Frameworks","url":"https://feed.craftedsignal.io/briefs/2026-03-ai-agent-auth/"}],"language":"en","title":"CraftedSignal Threat Feed — Api-Key","version":"https://jsonfeed.org/version/1.1"}