The threat actor behind the recent Dell data breach revealed they scraped information of 49 million customer records using an partner portal API they accessed as a fake company.

Two malicious RubyGems packages posing as popular Fastlane CI/CD plugins redirect Telegram API requests to attacker-controlled servers to intercept and steal data.

It prohibits the bulk export of Slack data via the API, and explicitly states that data accessed via Slack APIs can no longer be used to train LLMs.

APIs are not really so simple, though. Another analogy is a restaurant. The customer is the software application, the chef is the data or service, and the waiter is the API.