That AI You Confide in May Be an Open Book: Researchers Find Cloud Keys, Exposed Conversations, and Injectable Chat in Companion Apps Oversecured identifies hardcoded cloud credentials and a cross-site scripting flaw in popular AI companion apps, exposing backend infrastructure and allowing code injection into private conversations.