{"id":8019,"date":"2023-12-05T15:15:58","date_gmt":"2023-12-05T15:15:58","guid":{"rendered":"https:\/\/dailyai.com\/?p=8019"},"modified":"2023-12-05T15:15:58","modified_gmt":"2023-12-05T15:15:58","slug":"api-tokens-exposed-on-huggingface-and-github-a-huge-risk","status":"publish","type":"post","link":"https:\/\/dailyai.com\/fr\/2023\/12\/api-tokens-exposed-on-huggingface-and-github-a-huge-risk\/","title":{"rendered":"Les jetons d'API expos\u00e9s sur Huggingface et GitHub pr\u00e9sentent un risque consid\u00e9rable"},"content":{"rendered":"<p><strong>Lasso Security a r\u00e9v\u00e9l\u00e9 des failles de s\u00e9curit\u00e9 sur HuggingFace et GitHub apr\u00e8s avoir d\u00e9couvert 1681 jetons d'API expos\u00e9s cod\u00e9s en dur dans le code stock\u00e9 sur les plateformes.<\/strong><\/p>\n<p>HuggingFace et GitHub sont deux des r\u00e9f\u00e9rentiels les plus populaires o\u00f9 les d\u00e9veloppeurs peuvent donner acc\u00e8s \u00e0 leurs mod\u00e8les d'IA et \u00e0 leur code. Il s'agit de dossiers dans le nuage qui sont g\u00e9r\u00e9s par les organisations qui en sont propri\u00e9taires.<\/p>\n<p>HuggingFace et GitHub permettent aux utilisateurs d'interagir facilement avec des centaines de milliers de mod\u00e8les d'IA et d'ensembles de donn\u00e9es via des API. Ils permettent \u00e9galement aux organisations propri\u00e9taires des mod\u00e8les et des ensembles de donn\u00e9es d'utiliser l'acc\u00e8s API pour lire, cr\u00e9er, modifier et supprimer des r\u00e9f\u00e9rentiels ou des fichiers.<\/p>\n<p>Les autorisations associ\u00e9es \u00e0 votre jeton API d\u00e9terminent le niveau d'acc\u00e8s dont vous disposez. <a href=\"https:\/\/www.lasso.security\/blog\/1500-huggingface-api-tokens-were-exposed-leaving-millions-of-meta-llama-bloom-and-pythia-users-for-supply-chain-attacks\" target=\"_blank\" rel=\"noopener\">Lasso trouv\u00e9<\/a> qu'en creusant un peu, ils ont pu trouver de nombreux jetons dans du code stock\u00e9 dans des d\u00e9p\u00f4ts sur les plateformes.<\/p>\n<p>Sur les 1681 jetons valides trouv\u00e9s, 655 jetons d'utilisateurs avaient des autorisations d'\u00e9criture, dont 77 avaient des autorisations de compte compl\u00e8tes.<\/p>\n<h2>Pourquoi est-ce si important ?<\/h2>\n<p>Consid\u00e9rez un jeton API comme la cl\u00e9 de votre porte d'entr\u00e9e. Il peut \u00eatre pratique de laisser la cl\u00e9 sous le paillasson, mais si quelqu'un la trouve, il a acc\u00e8s \u00e0 votre maison.<\/p>\n<p>Lorsque les d\u00e9veloppeurs \u00e9crivent un morceau de code qui doit interagir avec leur mod\u00e8le d'IA ou leur ensemble de donn\u00e9es, ils deviennent parfois un peu paresseux. Ils peuvent coder en dur les jetons dans leur code au lieu d'utiliser des moyens plus s\u00fbrs pour les g\u00e9rer.<\/p>\n<figure id=\"attachment_8023\" aria-describedby=\"caption-attachment-8023\" style=\"width: 2218px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-8023 size-full\" src=\"https:\/\/dailyai.com\/wp-content\/uploads\/2023\/12\/HuggingFace-Exposed-token.png\" alt=\"\" width=\"2218\" height=\"782\" srcset=\"https:\/\/dailyai.com\/wp-content\/uploads\/2023\/12\/HuggingFace-Exposed-token.png 2218w, https:\/\/dailyai.com\/wp-content\/uploads\/2023\/12\/HuggingFace-Exposed-token-300x106.png 300w, https:\/\/dailyai.com\/wp-content\/uploads\/2023\/12\/HuggingFace-Exposed-token-1024x361.png 1024w, https:\/\/dailyai.com\/wp-content\/uploads\/2023\/12\/HuggingFace-Exposed-token-768x271.png 768w, https:\/\/dailyai.com\/wp-content\/uploads\/2023\/12\/HuggingFace-Exposed-token-1536x542.png 1536w, https:\/\/dailyai.com\/wp-content\/uploads\/2023\/12\/HuggingFace-Exposed-token-2048x722.png 2048w, https:\/\/dailyai.com\/wp-content\/uploads\/2023\/12\/HuggingFace-Exposed-token-370x130.png 370w, https:\/\/dailyai.com\/wp-content\/uploads\/2023\/12\/HuggingFace-Exposed-token-800x282.png 800w, https:\/\/dailyai.com\/wp-content\/uploads\/2023\/12\/HuggingFace-Exposed-token-740x261.png 740w, https:\/\/dailyai.com\/wp-content\/uploads\/2023\/12\/HuggingFace-Exposed-token-20x7.png 20w, https:\/\/dailyai.com\/wp-content\/uploads\/2023\/12\/HuggingFace-Exposed-token-1600x564.png 1600w, https:\/\/dailyai.com\/wp-content\/uploads\/2023\/12\/HuggingFace-Exposed-token-1320x465.png 1320w, https:\/\/dailyai.com\/wp-content\/uploads\/2023\/12\/HuggingFace-Exposed-token-136x48.png 136w\" sizes=\"auto, (max-width: 2218px) 100vw, 2218px\" \/><figcaption id=\"caption-attachment-8023\" class=\"wp-caption-text\">Un jeton d'API cod\u00e9 en dur dans le code. Source : Lasso Security<\/figcaption><\/figure>\n<p>Certains des jetons trouv\u00e9s par Lasso leur donnaient toutes les permissions de lecture et d'\u00e9criture sur le site de Meta. <a href=\"https:\/\/dailyai.com\/fr\/2023\/07\/meta-and-microsoft-release-advanced-ai-llama-2-for-free\/\">Lama 2<\/a>BigScience Workshop et EleutherAI. Ces organisations disposent toutes de mod\u00e8les d'IA qui ont \u00e9t\u00e9 t\u00e9l\u00e9charg\u00e9s des millions de fois.<\/p>\n<p>Si Lasso \u00e9tait le m\u00e9chant, il aurait pu modifier les mod\u00e8les ou les ensembles de donn\u00e9es dans les r\u00e9f\u00e9rentiels expos\u00e9s. Imaginez que quelqu'un ait ajout\u00e9 un code sournois dans le d\u00e9p\u00f4t de Meta et que des millions de personnes l'aient ensuite t\u00e9l\u00e9charg\u00e9.<\/p>\n<p>Lorsque Meta, Google, Microsoft et d'autres ont entendu parler des jetons d'API expos\u00e9s, ils les ont rapidement r\u00e9voqu\u00e9s.<\/p>\n<p>Le vol de mod\u00e8les, l'empoisonnement des donn\u00e9es d'entra\u00eenement et la combinaison d'ensembles de donn\u00e9es de tiers et de mod\u00e8les pr\u00e9-entra\u00een\u00e9s sont autant de risques importants pour les entreprises d'IA. Les d\u00e9veloppeurs qui laissent les jetons d'API expos\u00e9s dans le code ne font que faciliter l'exploitation de ces jetons par des acteurs malveillants.<\/p>\n<p>On peut se demander si les ing\u00e9nieurs de Lasso ont \u00e9t\u00e9 les premiers \u00e0 d\u00e9couvrir ces vuln\u00e9rabilit\u00e9s.<\/p>\n<p>Si <a href=\"https:\/\/dailyai.com\/fr\/2023\/11\/googles-cybersecurity-forecast-sees-ai-playing-a-big-role\/\">cybercriminels<\/a> En effet, s'ils avaient trouv\u00e9 ces jetons, ils auraient certainement gard\u00e9 le silence pendant qu'ils ouvraient la porte d'entr\u00e9e.<\/p>","protected":false},"excerpt":{"rendered":"<p>Lasso Security a r\u00e9v\u00e9l\u00e9 des failles de s\u00e9curit\u00e9 sur HuggingFace et GitHub apr\u00e8s avoir trouv\u00e9 1681 jetons d'API expos\u00e9s cod\u00e9s en dur dans le code stock\u00e9 sur les plateformes. HuggingFace et GitHub sont deux des r\u00e9f\u00e9rentiels les plus populaires o\u00f9 les d\u00e9veloppeurs peuvent donner acc\u00e8s \u00e0 leurs mod\u00e8les d'IA et \u00e0 leur code. Il s'agit de dossiers dans le nuage qui sont g\u00e9r\u00e9s par les organisations qui en sont propri\u00e9taires. HuggingFace et GitHub permettent aux utilisateurs d'interagir facilement avec des centaines de milliers de mod\u00e8les d'IA et d'ensembles de donn\u00e9es via des API. Ils permettent \u00e9galement aux organisations propri\u00e9taires des mod\u00e8les et des ensembles de donn\u00e9es d'utiliser l'acc\u00e8s API pour lire, cr\u00e9er et modifier,<\/p>","protected":false},"author":6,"featured_media":8022,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[84],"tags":[163,118],"class_list":["post-8019","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-industry","tag-ai-risks","tag-llms"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>API tokens exposed on Huggingface and GitHub a huge risk | DailyAI<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/dailyai.com\/fr\/2023\/12\/api-tokens-exposed-on-huggingface-and-github-a-huge-risk\/\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"API tokens exposed on Huggingface and GitHub a huge risk | DailyAI\" \/>\n<meta property=\"og:description\" content=\"Lasso Security exposed security vulnerabilities on HuggingFace and GitHub after finding 1681 exposed API tokens hardcoded into code stored on the platforms. HuggingFace and GitHub are two of the most popular repositories where developers can provide access to their AI models and code. Think of these as folders in the cloud that are managed by the organizations that own them. HuggingFace and GitHub make it easy for users to interact with hundreds of thousands of AI models and datasets via APIs. It also allows organizations that own the models and datasets to use the API access to read, create, modify,\" \/>\n<meta property=\"og:url\" content=\"https:\/\/dailyai.com\/fr\/2023\/12\/api-tokens-exposed-on-huggingface-and-github-a-huge-risk\/\" \/>\n<meta property=\"og:site_name\" content=\"DailyAI\" \/>\n<meta property=\"article:published_time\" content=\"2023-12-05T15:15:58+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/dailyai.com\/wp-content\/uploads\/2023\/12\/HuggingFace.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1000\" \/>\n\t<meta property=\"og:image:height\" content=\"563\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Eugene van der Watt\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@DailyAIOfficial\" \/>\n<meta name=\"twitter:site\" content=\"@DailyAIOfficial\" \/>\n<meta name=\"twitter:label1\" content=\"\u00c9crit par\" \/>\n\t<meta name=\"twitter:data1\" content=\"Eugene van der Watt\" \/>\n\t<meta name=\"twitter:label2\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"NewsArticle\",\"@id\":\"https:\\\/\\\/dailyai.com\\\/2023\\\/12\\\/api-tokens-exposed-on-huggingface-and-github-a-huge-risk\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/dailyai.com\\\/2023\\\/12\\\/api-tokens-exposed-on-huggingface-and-github-a-huge-risk\\\/\"},\"author\":{\"name\":\"Eugene van der Watt\",\"@id\":\"https:\\\/\\\/dailyai.com\\\/#\\\/schema\\\/person\\\/7ce525c6d0c79838b7cc7cde96993cfa\"},\"headline\":\"API tokens exposed on Huggingface and GitHub a huge risk\",\"datePublished\":\"2023-12-05T15:15:58+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/dailyai.com\\\/2023\\\/12\\\/api-tokens-exposed-on-huggingface-and-github-a-huge-risk\\\/\"},\"wordCount\":427,\"publisher\":{\"@id\":\"https:\\\/\\\/dailyai.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/dailyai.com\\\/2023\\\/12\\\/api-tokens-exposed-on-huggingface-and-github-a-huge-risk\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/dailyai.com\\\/wp-content\\\/uploads\\\/2023\\\/12\\\/HuggingFace.jpg\",\"keywords\":[\"AI risks\",\"LLMS\"],\"articleSection\":[\"Industry\"],\"inLanguage\":\"fr-FR\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/dailyai.com\\\/2023\\\/12\\\/api-tokens-exposed-on-huggingface-and-github-a-huge-risk\\\/\",\"url\":\"https:\\\/\\\/dailyai.com\\\/2023\\\/12\\\/api-tokens-exposed-on-huggingface-and-github-a-huge-risk\\\/\",\"name\":\"API tokens exposed on Huggingface and GitHub a huge risk | DailyAI\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/dailyai.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/dailyai.com\\\/2023\\\/12\\\/api-tokens-exposed-on-huggingface-and-github-a-huge-risk\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/dailyai.com\\\/2023\\\/12\\\/api-tokens-exposed-on-huggingface-and-github-a-huge-risk\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/dailyai.com\\\/wp-content\\\/uploads\\\/2023\\\/12\\\/HuggingFace.jpg\",\"datePublished\":\"2023-12-05T15:15:58+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/dailyai.com\\\/2023\\\/12\\\/api-tokens-exposed-on-huggingface-and-github-a-huge-risk\\\/#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/dailyai.com\\\/2023\\\/12\\\/api-tokens-exposed-on-huggingface-and-github-a-huge-risk\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/dailyai.com\\\/2023\\\/12\\\/api-tokens-exposed-on-huggingface-and-github-a-huge-risk\\\/#primaryimage\",\"url\":\"https:\\\/\\\/dailyai.com\\\/wp-content\\\/uploads\\\/2023\\\/12\\\/HuggingFace.jpg\",\"contentUrl\":\"https:\\\/\\\/dailyai.com\\\/wp-content\\\/uploads\\\/2023\\\/12\\\/HuggingFace.jpg\",\"width\":1000,\"height\":563},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/dailyai.com\\\/2023\\\/12\\\/api-tokens-exposed-on-huggingface-and-github-a-huge-risk\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/dailyai.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"API tokens exposed on Huggingface and GitHub a huge risk\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/dailyai.com\\\/#website\",\"url\":\"https:\\\/\\\/dailyai.com\\\/\",\"name\":\"DailyAI\",\"description\":\"Your Daily Dose of AI News\",\"publisher\":{\"@id\":\"https:\\\/\\\/dailyai.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/dailyai.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/dailyai.com\\\/#organization\",\"name\":\"DailyAI\",\"url\":\"https:\\\/\\\/dailyai.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/dailyai.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/dailyai.com\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/Daily-Ai_TL_colour.png\",\"contentUrl\":\"https:\\\/\\\/dailyai.com\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/Daily-Ai_TL_colour.png\",\"width\":4501,\"height\":934,\"caption\":\"DailyAI\"},\"image\":{\"@id\":\"https:\\\/\\\/dailyai.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/DailyAIOfficial\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/dailyaiofficial\\\/\",\"https:\\\/\\\/www.youtube.com\\\/@DailyAIOfficial\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/dailyai.com\\\/#\\\/schema\\\/person\\\/7ce525c6d0c79838b7cc7cde96993cfa\",\"name\":\"Eugene van der Watt\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/dailyai.com\\\/wp-content\\\/uploads\\\/2023\\\/07\\\/Eugine_Profile_Picture-96x96.png\",\"url\":\"https:\\\/\\\/dailyai.com\\\/wp-content\\\/uploads\\\/2023\\\/07\\\/Eugine_Profile_Picture-96x96.png\",\"contentUrl\":\"https:\\\/\\\/dailyai.com\\\/wp-content\\\/uploads\\\/2023\\\/07\\\/Eugine_Profile_Picture-96x96.png\",\"caption\":\"Eugene van der Watt\"},\"description\":\"Eugene comes from an electronic engineering background and loves all things tech. When he takes a break from consuming AI news you'll find him at the snooker table.\",\"sameAs\":[\"www.linkedin.com\\\/in\\\/eugene-van-der-watt-16828119\"],\"url\":\"https:\\\/\\\/dailyai.com\\\/fr\\\/author\\\/eugene\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Les jetons d'API expos\u00e9s sur Huggingface et GitHub repr\u00e9sentent un risque \u00e9norme | DailyAI","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/dailyai.com\/fr\/2023\/12\/api-tokens-exposed-on-huggingface-and-github-a-huge-risk\/","og_locale":"fr_FR","og_type":"article","og_title":"API tokens exposed on Huggingface and GitHub a huge risk | DailyAI","og_description":"Lasso Security exposed security vulnerabilities on HuggingFace and GitHub after finding 1681 exposed API tokens hardcoded into code stored on the platforms. HuggingFace and GitHub are two of the most popular repositories where developers can provide access to their AI models and code. Think of these as folders in the cloud that are managed by the organizations that own them. HuggingFace and GitHub make it easy for users to interact with hundreds of thousands of AI models and datasets via APIs. It also allows organizations that own the models and datasets to use the API access to read, create, modify,","og_url":"https:\/\/dailyai.com\/fr\/2023\/12\/api-tokens-exposed-on-huggingface-and-github-a-huge-risk\/","og_site_name":"DailyAI","article_published_time":"2023-12-05T15:15:58+00:00","og_image":[{"width":1000,"height":563,"url":"https:\/\/dailyai.com\/wp-content\/uploads\/2023\/12\/HuggingFace.jpg","type":"image\/jpeg"}],"author":"Eugene van der Watt","twitter_card":"summary_large_image","twitter_creator":"@DailyAIOfficial","twitter_site":"@DailyAIOfficial","twitter_misc":{"\u00c9crit par":"Eugene van der Watt","Dur\u00e9e de lecture estim\u00e9e":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"NewsArticle","@id":"https:\/\/dailyai.com\/2023\/12\/api-tokens-exposed-on-huggingface-and-github-a-huge-risk\/#article","isPartOf":{"@id":"https:\/\/dailyai.com\/2023\/12\/api-tokens-exposed-on-huggingface-and-github-a-huge-risk\/"},"author":{"name":"Eugene van der Watt","@id":"https:\/\/dailyai.com\/#\/schema\/person\/7ce525c6d0c79838b7cc7cde96993cfa"},"headline":"API tokens exposed on Huggingface and GitHub a huge risk","datePublished":"2023-12-05T15:15:58+00:00","mainEntityOfPage":{"@id":"https:\/\/dailyai.com\/2023\/12\/api-tokens-exposed-on-huggingface-and-github-a-huge-risk\/"},"wordCount":427,"publisher":{"@id":"https:\/\/dailyai.com\/#organization"},"image":{"@id":"https:\/\/dailyai.com\/2023\/12\/api-tokens-exposed-on-huggingface-and-github-a-huge-risk\/#primaryimage"},"thumbnailUrl":"https:\/\/dailyai.com\/wp-content\/uploads\/2023\/12\/HuggingFace.jpg","keywords":["AI risks","LLMS"],"articleSection":["Industry"],"inLanguage":"fr-FR"},{"@type":"WebPage","@id":"https:\/\/dailyai.com\/2023\/12\/api-tokens-exposed-on-huggingface-and-github-a-huge-risk\/","url":"https:\/\/dailyai.com\/2023\/12\/api-tokens-exposed-on-huggingface-and-github-a-huge-risk\/","name":"Les jetons d'API expos\u00e9s sur Huggingface et GitHub repr\u00e9sentent un risque \u00e9norme | DailyAI","isPartOf":{"@id":"https:\/\/dailyai.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/dailyai.com\/2023\/12\/api-tokens-exposed-on-huggingface-and-github-a-huge-risk\/#primaryimage"},"image":{"@id":"https:\/\/dailyai.com\/2023\/12\/api-tokens-exposed-on-huggingface-and-github-a-huge-risk\/#primaryimage"},"thumbnailUrl":"https:\/\/dailyai.com\/wp-content\/uploads\/2023\/12\/HuggingFace.jpg","datePublished":"2023-12-05T15:15:58+00:00","breadcrumb":{"@id":"https:\/\/dailyai.com\/2023\/12\/api-tokens-exposed-on-huggingface-and-github-a-huge-risk\/#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/dailyai.com\/2023\/12\/api-tokens-exposed-on-huggingface-and-github-a-huge-risk\/"]}]},{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/dailyai.com\/2023\/12\/api-tokens-exposed-on-huggingface-and-github-a-huge-risk\/#primaryimage","url":"https:\/\/dailyai.com\/wp-content\/uploads\/2023\/12\/HuggingFace.jpg","contentUrl":"https:\/\/dailyai.com\/wp-content\/uploads\/2023\/12\/HuggingFace.jpg","width":1000,"height":563},{"@type":"BreadcrumbList","@id":"https:\/\/dailyai.com\/2023\/12\/api-tokens-exposed-on-huggingface-and-github-a-huge-risk\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/dailyai.com\/"},{"@type":"ListItem","position":2,"name":"API tokens exposed on Huggingface and GitHub a huge risk"}]},{"@type":"WebSite","@id":"https:\/\/dailyai.com\/#website","url":"https:\/\/dailyai.com\/","name":"DailyAI","description":"Votre dose quotidienne de nouvelles sur l'IA","publisher":{"@id":"https:\/\/dailyai.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/dailyai.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-FR"},{"@type":"Organization","@id":"https:\/\/dailyai.com\/#organization","name":"DailyAI","url":"https:\/\/dailyai.com\/","logo":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/dailyai.com\/#\/schema\/logo\/image\/","url":"https:\/\/dailyai.com\/wp-content\/uploads\/2023\/06\/Daily-Ai_TL_colour.png","contentUrl":"https:\/\/dailyai.com\/wp-content\/uploads\/2023\/06\/Daily-Ai_TL_colour.png","width":4501,"height":934,"caption":"DailyAI"},"image":{"@id":"https:\/\/dailyai.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/DailyAIOfficial","https:\/\/www.linkedin.com\/company\/dailyaiofficial\/","https:\/\/www.youtube.com\/@DailyAIOfficial"]},{"@type":"Person","@id":"https:\/\/dailyai.com\/#\/schema\/person\/7ce525c6d0c79838b7cc7cde96993cfa","name":"Eug\u00e8ne van der Watt","image":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/dailyai.com\/wp-content\/uploads\/2023\/07\/Eugine_Profile_Picture-96x96.png","url":"https:\/\/dailyai.com\/wp-content\/uploads\/2023\/07\/Eugine_Profile_Picture-96x96.png","contentUrl":"https:\/\/dailyai.com\/wp-content\/uploads\/2023\/07\/Eugine_Profile_Picture-96x96.png","caption":"Eugene van der Watt"},"description":"Eugene a une formation d'ing\u00e9nieur en \u00e9lectronique et adore tout ce qui touche \u00e0 la technologie. Lorsqu'il fait une pause dans sa consommation d'informations sur l'IA, vous le trouverez \u00e0 la table de snooker.","sameAs":["www.linkedin.com\/in\/eugene-van-der-watt-16828119"],"url":"https:\/\/dailyai.com\/fr\/author\/eugene\/"}]}},"_links":{"self":[{"href":"https:\/\/dailyai.com\/fr\/wp-json\/wp\/v2\/posts\/8019","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dailyai.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dailyai.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dailyai.com\/fr\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/dailyai.com\/fr\/wp-json\/wp\/v2\/comments?post=8019"}],"version-history":[{"count":2,"href":"https:\/\/dailyai.com\/fr\/wp-json\/wp\/v2\/posts\/8019\/revisions"}],"predecessor-version":[{"id":8024,"href":"https:\/\/dailyai.com\/fr\/wp-json\/wp\/v2\/posts\/8019\/revisions\/8024"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/dailyai.com\/fr\/wp-json\/wp\/v2\/media\/8022"}],"wp:attachment":[{"href":"https:\/\/dailyai.com\/fr\/wp-json\/wp\/v2\/media?parent=8019"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dailyai.com\/fr\/wp-json\/wp\/v2\/categories?post=8019"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dailyai.com\/fr\/wp-json\/wp\/v2\/tags?post=8019"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}