Study: 282 iOS Apps Expose LLM API Keys in Traffic
🔍 Researchers tested 444 iPhone AI chatbot apps and found 282 leaking paid AI access via network traffic, often as plaintext keys, reusable tokens, or unsecured backend relays. The team used a tool called LLMKeyLens to capture credentials without jailbreaking. Only 28% of affected apps were fixed after three months; many tokens remained valid and susceptible to costly misuse.
