Microsoft’s plan to fix the web with AI has already hit an embarrassing security flaw. Researchers discovered you could use malformed URLs to grab .env files and steal OpenAI or Gemini API keys. Full details 👇 [www.theverge.com/news/719617/...](https://www.theverge.com/news/719617/microsoft-nlweb-security-flaw-agentic-web )
[Microsoft’s plan to fix the we...](https://www.theverge.com/news/719617/microsoft-nlweb-security-flaw-agentic-web )
Tom Warren
npub1q2…v9k63
2025-08-06 10:31:28 UTC
Author Public Key
npub1q2ns4c2vvtvwelxdxurw75rzxs3r32842gz7w7aq395ce8t68txqcv9k63Seen on
wss://relay.momostr.pinkPublished at
2025-08-06 10:31:28 UTCEvent JSON
{
"id": "b8535107bd4f20d1feb04e1a6598e21447868cf96c7681241ce728802a6e39f6",
"pubkey": "02a70ae14c62d8ecfccd3706ef5062342238a8f55205e77ba089698c9d7a3acc",
"created_at": 1754476288,
"kind": 1,
"tags": [
[
"proxy",
"https://bsky.brid.gy/r/https://bsky.app/profile/did:plc:fbtvg6jxtdroidfvq5z635xu/post/3lvpzfzcgyc2m",
"web"
],
[
"proxy",
"https://bsky.brid.gy/convert/ap/at://did:plc:fbtvg6jxtdroidfvq5z635xu/app.bsky.feed.post/3lvpzfzcgyc2m",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://bsky.brid.gy/convert/ap/at://did:plc:fbtvg6jxtdroidfvq5z635xu/app.bsky.feed.post/3lvpzfzcgyc2m",
"pink.momostr"
],
[
"-"
]
],
"content": "Microsoft’s plan to fix the web with AI has already hit an embarrassing security flaw. Researchers discovered you could use malformed URLs to grab .env files and steal OpenAI or Gemini API keys. Full details 👇 [www.theverge.com/news/719617/...](https://www.theverge.com/news/719617/microsoft-nlweb-security-flaw-agentic-web )\n\n[Microsoft’s plan to fix the we...](https://www.theverge.com/news/719617/microsoft-nlweb-security-flaw-agentic-web )",
"sig": "b0f6ed9ba6f9ba17ed233918403b1859e056f16ed000e828946bcc22eb0ffaf8f5700610f986fb76e3d05c1084b983b6f3a3892196116ae2bdd51745c792d31d"
}