Topic: api security
-
Radware Unveils Real-Time API Lifecycle Protection
Radware has launched a new API Security Service designed to provide real-time, end-to-end protection by analyzing live traffic to identify and mitigate threats, directly addressing the OWASP Top 10 API Security Risks. The service tackles common security gaps by offering continuous runtime visibil...
Read More » -
API Incidents Surge: 40,000+ Reported in First Half of 2025
The first half of 2025 saw over 40,000 API incidents, with APIs becoming a prime target for sophisticated automated attacks despite representing a small part of the attack surface. A record-breaking 15 million requests-per-second DDoS attack targeted a financial services API, using botnets that m...
Read More » -
Cequence Security Supercharges Channel Program for API & AI Security Growth
Cequence Security has transitioned to a channel-only business model, expanding its Partner Program with structured tiers, enhanced resources, and incentives to accelerate growth in API and AI security. The program addresses key customer challenges by simplifying API security through the Unified A...
Read More » -
Streaming Security in the LLM Era: Expert Best Practices
The security landscape for streaming media has been fundamentally reshaped by the widespread availability of AI tools, enabling attackers to launch sophisticated, low-cost assaults that threaten revenue and brand integrity, necessitating a proactive, integrated defense strategy. Critical vulnerab...
Read More » -
OpenAI API Data Breach Exposed Customer Data
A security incident at OpenAI's analytics provider, Mixpanel, exposed limited customer information for some ChatGPT API users, though no sensitive data like passwords or chat histories were accessed, highlighting third-party risks. The breach resulted from a smishing attack on Mixpanel, affecting...
Read More » -
OpenAI Data Breach: Why a Password Change Won't Protect You
The breach was a supply chain attack targeting a third-party analytics provider (Mixpanel), not OpenAI's core systems, highlighting a common tactic to exploit weaker links in interconnected software ecosystems. Compromised data was limited to OpenAI's developer portal, affecting developers' non-s...
Read More » -
ImmuniWeb Continuous: AI-Powered, Always-On Security Testing
ImmuniWeb Continuous offers 24/7 penetration testing and vulnerability scanning for web applications, APIs, and microservices, ideal for businesses with multiple applications across varied infrastructures. The platform combines AI-driven automated scanning with optional manual testing by experts,...
Read More » -
Asia-Pacific Emerges as World's Most AI-Ready Software Market
The Asia-Pacific region is emerging as a global leader in AI-ready software development, with its developers showing greater maturity in building the API infrastructure needed to operationalize AI safely and at scale. APAC developers prioritize API security and performance, being significantly mo...
Read More » -
AI Adoption Fuels Surge in Critical Security Flaws
A significant surge in hardware, API, and network vulnerabilities is creating unprecedented risks, driven by IoT proliferation and resulting in an 88% increase in hardware flaws and a doubling of network vulnerabilities. The rapid integration of AI into software development is expanding the attac...
Read More » -
OpenAI Alerts Users to Mixpanel API Data Breach
OpenAI notified API users of a data exposure due to a security incident at its third-party analytics provider, Mixpanel, clarifying that its own systems were not breached. The exposed data may include user details like names, email addresses, approximate locations, and device information, but sen...
Read More » -
Bugcrowd Boosts AI Security with Mayhem Acquisition
Bugcrowd has acquired Mayhem Security to enhance AI-powered, human-in-the-loop security testing, enabling faster, safer software development and reduced operational costs. The acquisition combines Mayhem's AI-driven automation with Bugcrowd's crowdsourced human expertise to proactively identify a...
Read More » -
Fastly Named Gartner Customers' Choice for 7th Year in Web Security
Fastly has been named a Gartner Peer Insights Customers’ Choice for Cloud WAAP for the seventh consecutive year, based on high customer satisfaction and feedback from IT professionals. The company's Web Application Firewall received an outstanding 4.8 out of 5 stars from 130 verified reviews, emp...
Read More » -
Securing AI Agents in SaaS with Obsidian
Obsidian Security has launched a new defense system specifically designed to secure AI agents in SaaS environments, addressing the security gaps and cascading threats created by their rapid integration and excessive permissions. The proliferation of AI agents, such as those from Microsoft Copilot...
Read More » -
CIS, Astrix & Cequence Release AI Security Best Practices
A new partnership between CIS, Astrix Security, and Cequence Security will develop specialized security best practices and guides to extend the CIS Critical Security Controls framework into AI and agentic systems. The initiative will produce two guides focusing on securing AI Agent Environments a...
Read More » -
Boost SaaS Security with NIST CSF & Agentic AI
The rapid adoption of SaaS and AI often outpaces security, creating risks; the NIST Cybersecurity Framework provides a structured blueprint to balance innovation with robust protection. Effective security requires strong governance and collaboration between InfoSec and SaaS teams, alongside criti...
Read More » -
US Cargo Firm Exposes Shipping Systems and Customer Data Online
Security experts warn that cyberattacks on logistics firms are enabling large-scale cargo theft, creating a dangerous alliance between hackers and organized crime that threatens global supply chains. A researcher discovered severe vulnerabilities in Bluspark Global's shipping software, including ...
Read More » -
SonicWall Urges Password Reset Following Security Breach
SonicWall has advised customers to reset passwords after detecting unauthorized access to firewall configuration backup files in some MySonicWall accounts, which contain sensitive data like credentials and tokens. The company confirmed this was not a ransomware attack but a series of targeted bru...
Read More » -
Secure Your Cloud with cnspec: Open-Source Policy & Security
cnspec is an open-source tool that provides unified security and compliance scanning across diverse technologies, identifying vulnerabilities and misconfigurations to prioritize fixes. It supports a wide range of targets including cloud platforms, Kubernetes, containers, SaaS applications, infras...
Read More » -
F5 Issues Critical Patches for Stolen BIG-IP Vulnerabilities
F5 Networks issued critical security patches for its BIG-IP product line after a state-sponsored breach on August 9, 2025, which exposed proprietary source code and vulnerabilities, urging immediate installation to address 44 issues. The Cybersecurity and Infrastructure Security Agency (CISA) man...
Read More » -
Instagram Denies Data Breach Claims
Meta denied a system breach, attributing a wave of password reset emails to an external party exploiting a technical flaw that has since been fixed. A separate data scraping incident exposed largely public information from about 17 million accounts, with 6.2 million records including an email add...
Read More » -
SonicWall Firewall Backups Compromised by Attackers
SonicWall confirmed that attackers used brute-force methods to access its cloud backup API, compromising configuration backup files for all customers who used the service, contradicting earlier statements about a limited impact. The compromised files contain sensitive data like network settings, ...
Read More » -
Secure AI Operations with Akeyless AI Agent Identity
Businesses face urgent security challenges from autonomous AI agents, with Akeyless launching a comprehensive AI Agent Identity Security solution to address vulnerabilities from AI-driven identities. AI agents possess inherent design flaws, such as maintaining awareness of their credentials, whic...
Read More » -
Crafting an Effective Healthcare Cybersecurity Strategy
Focus on foundational cybersecurity controls like vulnerability management and network segmentation to maximize protection with limited resources, as they offer high-impact risk reduction. Cultivate a strong cybersecurity culture through staff training, making the workforce a cost-effective first...
Read More » -
Upwind Integrates Real-Time AI Security into CNAPP Platform
Upwind has integrated a real-time AI security suite into its CNAPP, moving beyond siloed AI security to provide unified, runtime-first protection for AI workloads within the broader cloud ecosystem. The platform addresses modern AI security challenges by offering key functionalities like posture ...
Read More »