A security lapse at Elon Musk’s artificial intelligence startup xAI left sensitive AI models, possibly trained on internal data from SpaceX, Tesla, and X (formerly Twitter). The leak involved a private application programming interface (API) key posted to GiHub by an xAI technical staff.
This key granted access to a trove of unreleased and internal large language models (LLMs), including experimental versions of xAI’s Grok chatbot and other custom tools designed to interact with proprietary data from Musk’s various enterprises.
The breach was first discovered by Philippe Caturegli, chief hacking officer at the French cybersecurity firm Seralys, who posted about the leaked credentials on LinkedIn. His disclosure caught the attention of GitGuardian, a company specializing in the detection of exposed secrets within software repositories.
According to Gitguardian co-founder Eric, the leaked key had access to 60 fine-tuned private LLMs. These include unreleased (grok-2.5V), development (research-grok-2p5v-1018), and private models (tweet-rejector, grok-spacex-2024-11-04).
Despite GitGuardian alerting the employee on March 2, the API key remained active until at least April 30, when the security firm escalated the issue directly to xAI’s internal security team. The company responded by asking GitGuardian to report the matter via its HackerOne bug bounty program. Hours later, the exposed repository was removed.
Source: hxxps[://]krebsonsecurity[.]com/2025/05/xai-dev-leaks-api-key-for-private-spacex-tesla-llms/
Follow Cybersecurity88 on X and Linkedin for the latest cybersecurity news
