Researchers tested 444 AI chatbot apps for iPhone and found
that 282 of them, nearly two-thirds, exposed paid AI access through
their network traffic. In many cases, the path in was visible just
by watching what the app sent: a plaintext API key, a reusable
token, or a backend server that accepted requests with no key at
all. Whoever grabs it can send model requests on the developer's
account,
Read more https://thehackernews.com/2026/06/282-ios-apps-found-leaking-llm-api-keys.html
