Two Admin-level API keys publicly exposed for years, both dismissed as "Out of scope" by official bug bounty programs. Case analysis + proposed NHI Exposure Severity Index

Fake Linux leader using Slack to con devs into giving up their secrets