API Security

Berlin AI Startup Parloa Reaches $1B Valuation: Implications for Enterprise Security

News

Berlin AI Startup Parloa Reaches $1B Valuation: Implications for Enterprise Security

Berlin-based artificial intelligence startup Parloa has achieved “unicorn” status with a valuation exceeding $1 billion following a...

Passkey Usability Challenges: Security Benefits vs. Adoption Barriers

News

Passkey Usability Challenges: Security Benefits vs. Adoption Barriers

Passkeys promise a future free from phishing and credential theft, yet their adoption faces significant hurdles due...

Third-Party and Machine Credential Abuse: The Hidden Catalysts of 2025’s Major Breaches

Data Breach

Third-Party and Machine Credential Abuse: The Hidden Catalysts of 2025’s Major Breaches

The 2025 Verizon Data Breach Investigations Report (DBIR) reveals a troubling trend: third-party vulnerabilities and machine credential...

xAI API Key Leak: Technical Breakdown and Security Implications

Data Breach

xAI API Key Leak: Technical Breakdown and Security Implications

An API key leak at Elon Musk’s artificial intelligence firm xAI exposed proprietary large language models (LLMs)...

CVE-2025-45615: Critical Privilege Escalation Vulnerability in Yaoqishan Admin API

CVE News

CVE-2025-45615: Critical Privilege Escalation Vulnerability in Yaoqishan Admin API

A critical privilege escalation vulnerability (CVE-2025-45615) has been identified in yaoqishan v0.0.1-SNAPSHOT, allowing unauthenticated attackers to gain...

xAI API Key Leak Exposes Private SpaceX and Tesla LLMs for Two Months

Data Breach

xAI API Key Leak Exposes Private SpaceX and Tesla LLMs for Two Months

A developer at Elon Musk’s artificial intelligence company xAI accidentally leaked a private API key on GitHub,...

Increased Scanning Activity Targeting SMS Gateways and APIs: Risks and Mitigation

Threat Intelligence

Increased Scanning Activity Targeting SMS Gateways and APIs: Risks and Mitigation

Recent reports highlight a surge in scanning activity targeting SMS gateways and APIs, with attackers seeking to...

Meta Releases Llama AI Model API for Developers: Technical Implications

Red-Team

Meta Releases Llama AI Model API for Developers: Technical Implications

Meta has officially launched an API for its Llama AI models, providing developers with tools to integrate...

How Breaches Start: Analyzing 5 Real-World Vulnerabilities

News

How Breaches Start: Analyzing 5 Real-World Vulnerabilities

Not every security vulnerability poses an immediate high risk, but attackers often chain seemingly minor flaws to...

India Tops Cyberattack Targets in Q1 2025 as Russia Faces Surging API Threats

Threat Intelligence

India Tops Cyberattack Targets in Q1 2025 as Russia Faces Surging API Threats

In the first quarter of 2025, India became the primary target for cyberattacks globally, while Russia maintained...

Brave’s Cookiecrumbler: Community-Driven Cookie Notice Blocking with LLMs

Security Tools & Research

Brave’s Cookiecrumbler: Community-Driven Cookie Notice Blocking with LLMs

Brave Software has introduced an open-source tool called Cookiecrumbler, designed to automate the detection and blocking of...

Q1 2025 DDoS Surge: API Attacks Target Russian Retail and Telecom Sectors

Threat Intelligence

Q1 2025 DDoS Surge: API Attacks Target Russian Retail and Telecom Sectors

In the first quarter of 2025, Russian companies faced a sharp increase in DDoS attacks, with APIs...

WebMethods Integration Server 10.15.0 Vulnerability: Unauthenticated Access to Admin Panel (CVE-2024-23733)

CVE News

WebMethods Integration Server 10.15.0 Vulnerability: Unauthenticated Access to Admin Panel (CVE-2024-23733)

A critical vulnerability in Software AG’s webMethods Integration Server 10.15.0 allows unauthenticated attackers to bypass authentication and...

Verizon Call Filter App Vulnerability Exposes Millions of Call Logs

CVE News

Verizon Call Filter App Vulnerability Exposes Millions of Call Logs

A recently patched vulnerability in Verizon’s Call Filter iOS app allowed unauthorized access to call metadata for...

GitHub Expands Security Tools Following 39 Million Secret Leaks in 2024

Data Breach

GitHub Expands Security Tools Following 39 Million Secret Leaks in 2024

GitHub has introduced new security measures after its systems detected 39 million exposed secrets—including API keys, tokens,...

Verizon Call Filter API Vulnerability Exposed Customer Call Logs via Unsecured Endpoint

CVE News

Verizon Call Filter API Vulnerability Exposed Customer Call Logs via Unsecured Endpoint

A security flaw in Verizon’s Call Filter API allowed unauthorized access to customers’ incoming call histories due...

Data Privacy and Cybersecurity Challenges in Smart Construction Platforms

News

Data Privacy and Cybersecurity Challenges in Smart Construction Platforms

As digital transformation accelerates across industries, smart construction platforms and intelligent buildings are becoming prime targets for...

Hijacked npm Packages Used to Steal API Keys via Obfuscated Scripts

Threat Intelligence

Hijacked npm Packages Used to Steal API Keys via Obfuscated Scripts

Cybersecurity researchers have uncovered a campaign involving hijacked npm packages, some over nine years old, that were...

Indonesian E-Learning Platform Reportedly Targeted in Cybersecurity Incident

News

Indonesian E-Learning Platform Reportedly Targeted in Cybersecurity Incident

Reports indicate that a prominent Indonesian educational technology platform may have been the target of a cybersecurity...

Docker Remote API Servers Targeted by perfctl Malware in New Attack Wave

News

Docker Remote API Servers Targeted by perfctl Malware in New Attack Wave

Security researchers have uncovered a new campaign targeting misconfigured Docker Remote API servers, where attackers deploy the...

Posts pagination

1 2 Next

API Security

Berlin AI Startup Parloa Reaches $1B Valuation: Implications for Enterprise Security

Passkey Usability Challenges: Security Benefits vs. Adoption Barriers

Third-Party and Machine Credential Abuse: The Hidden Catalysts of 2025’s Major Breaches

xAI API Key Leak: Technical Breakdown and Security Implications

CVE-2025-45615: Critical Privilege Escalation Vulnerability in Yaoqishan Admin API

xAI API Key Leak Exposes Private SpaceX and Tesla LLMs for Two Months

Increased Scanning Activity Targeting SMS Gateways and APIs: Risks and Mitigation

Meta Releases Llama AI Model API for Developers: Technical Implications

How Breaches Start: Analyzing 5 Real-World Vulnerabilities

India Tops Cyberattack Targets in Q1 2025 as Russia Faces Surging API Threats

Brave’s Cookiecrumbler: Community-Driven Cookie Notice Blocking with LLMs

Q1 2025 DDoS Surge: API Attacks Target Russian Retail and Telecom Sectors

WebMethods Integration Server 10.15.0 Vulnerability: Unauthenticated Access to Admin Panel (CVE-2024-23733)

Verizon Call Filter App Vulnerability Exposes Millions of Call Logs

GitHub Expands Security Tools Following 39 Million Secret Leaks in 2024

Verizon Call Filter API Vulnerability Exposed Customer Call Logs via Unsecured Endpoint

Hijacked npm Packages Used to Steal API Keys via Obfuscated Scripts

Indonesian E-Learning Platform Reportedly Targeted in Cybersecurity Incident

Docker Remote API Servers Targeted by perfctl Malware in New Attack Wave

You may have missed

Procolored Printer Drivers Distributed Malware for Six Months: Technical Analysis and Mitigation

Tor Oniux: Kernel-Level Network Anonymization for Linux Applications

Google Chrome’s Security Update: Blocking Admin-Level Launches in Windows

Australian Human Rights Commission Data Breach: Technical Analysis and Impact