Tag: api
-
The ‘Invisible Risk’: 1.5 Million Unmonitored AI Agents Threaten Corporate Security
A massive >>invisible workforce<< of autonomous digital workers has arrived in the corporate world, but new research suggests it may be operating largely out of control. Large enterprises across the U.S. and UK have already deployed 3 million AI agents, according to a study released by Gravitee, an open-source leader in API and agentic management……
-
Vibe-Coded Moltbook Exposes User Data, API Keys and More
Wiz Security claims Moltbook misconfiguration allowed full read and write access First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/moltbook-exposes-user-data-api/
-
Think agentic AI is hard to secure today? Just wait a few months
Cost effective fix: Do nothing: Kodezi’s Khan offers an interesting fix for that foundational problem: Don’t even try. He argues it’s a money pit that will never be fully resolved. Instead, he suggests pouring resources into creating a strict identity strategy for every NHI going forward. “Aim for containment rather than for perfection. You can’t really govern…
-
APT28 Leverages CVE-2026-21509 in Operation Neusploit
IntroductionIn January 2026, Zscaler ThreatLabz identified a new campaign in-the-wild, tracked as Operation Neusploit, targeting countries in the Central and Eastern European region. In this campaign, the threat actor leveraged specially crafted Microsoft RTF files to exploit CVE-2026-21509 and deliver malicious backdoors in a multi-stage infection chain. Due to significant overlaps in tools, techniques, and procedures (TTPs)…
-
Why Your WAF Missed It: The Danger of Double-Encoding and Evasion Techniques in Healthcare Security
Tags: access, ai, api, attack, data, data-breach, detection, exploit, governance, hacker, healthcare, intelligence, malicious, risk, technology, threat, tool, wafThe “Good Enough” Trap If you ask most organizations how they protect their APIs, they point to their WAF (Web Application Firewall). They have the OWASP Top 10 rules enabled. The dashboard is green. They feel safe. But attackers know exactly how your WAF works, and, more importantly, how to trick it. We recently worked…
-
Why non-human identities are your biggest security blind spot in 2026
Tags: access, api, breach, cloud, control, credentials, data-breach, github, google, governance, identity, least-privilege, password, service, threat, toolThe three blind spots I keep finding: After years working in cloud security and identity management, certain patterns show up everywhere I look. Three problems in particular appear in nearly every environment I assess. Secrets where they should never be. I still find API keys hardcoded in source files. Still. In 2026. Last year, GitGuardian…
-
Researchers Uncover Moltbook AI Flaw Exposing API Keys and Login Credentials
A critical vulnerability in Moltbook, the AI agent social network launched in late January 2026 by Octane AI’s Matt Schlicht, exposes email addresses, login tokens, and API keys for registered entities. The flaw impacts the platform’s claimed 1.5 million users, though security researchers revealed the inflated user count stems from unchecked bot registrations rather than…
-
AI is flooding IAM systems with new identities
Most organizations view AI identities through the same lens used for other non-human identities, such as service accounts, API keys, and chatbots, according to The State of … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/02/cloud-security-alliance-securing-ai-identities/
-
Why API Security Is No Longer an AppSec Problem And What Security Leaders Must Do Instead
APIs are one of the most important technologies in digital business ecosystems. And yet, the responsibility for their security often falls to AppSec teams and that’s a problem. This organizational mismatch creates systemic risk: business teams assume APIs are “secured,” while attackers exploit logic flaws, authorization gaps, and automated attacks in production. As Tim […]…
-
SmarterMail Fixes Critical Unauthenticated RCE Flaw with CVSS 9.3 Score
SmarterTools has addressed two more security flaws in SmarterMail email software, including one critical security flaw that could result in arbitrary code execution.The vulnerability, tracked as CVE-2026-24423, carries a CVSS score of 9.3 out of 10.0.”SmarterTools SmarterMail versions prior to build 9511 contain an unauthenticated remote code execution vulnerability in the ConnectToHub API First seen…
-
Measuring Agentic AI Posture: A New Metric for CISOs
In cybersecurity, we live by our metrics. We measure Mean Time to Respond (MTTR), Dwell Time, and Patch Cadence. These numbers indicate to the Board how quickly we respond when issues arise. But in the era of Agentic AI, reaction speed is no longer enough. When an AI Agent or an MCP server is compromised,…
-
Salt Security Brings >>Plain English<< Clarity to API Security
Salt Security has unveiled a suite of new intelligent analysis features designed to solve the critical >>Context Crisis<>Plain English<< Clarity to API Security appeared first on IT Security Guru. First seen on itsecurityguru.org Jump to article: www.itsecurityguru.org/2026/01/29/salt-security-brings-plain-english-clarity-to-api-security/
-
The Agentic AI Posture Score: A New Metric for CISOs
In cybersecurity, we live by our metrics. We measure Mean Time to Respond (MTTR), Dwell Time, and Patch Cadence. These numbers tell the Board how fast we react when things go wrong. But in the era of Agentic AI, reaction speed is no longer enough. When an AI Agent or an MCP server is compromised,…
-
This startup aims to solve crypto’s broken key management problem
Crypto security firm Sodot launches Exchange API Vault to stop API key theft, securing billions in assets while supporting low latency, high frequency trading. First seen on hackread.com Jump to article: hackread.com/startup-solve-crypto-broken-key-management-problem/
-
Crooks are hijacking and reselling AI infrastructure: Report
Tags: access, ai, api, attack, authentication, business, cloud, communications, control, credentials, cybersecurity, data, data-breach, endpoint, exploit, firewall, group, infosec, infrastructure, intelligence, Internet, LLM, malicious, marketplace, risk, service, skills, technology, theft, threat, training, vulnerabilityexposed endpoints on default ports of common LLM inference services;unauthenticated API access without proper access controls;development/staging environments with public IP addresses;MCP servers connecting LLMs to file systems, databases and internal APIs.Common misconfigurations leveraged by these threat actors include:Ollama running on port 11434 without authentication;OpenAI-compatible APIs on port 8000 exposed to the internet;MCP servers accessible without…
-
Radware Acquires Pynt to Add API Security Testing Tool
Radware this week revealed it has acquired Pynt, a provider of a set of tools for testing the security of application programming interfaces (APIs). Uri Dorot, a senior product marketing manager for Radware, said that capability will continue to be made available as a standalone tool in addition to being more tightly integrated into the..…
-
Viral Moltbot AI assistant raises concerns over data security
Security researchers are warning of insecure deployments in enterprise environments of the Moltbot (formerly Clawdbot) AI assistant, which can lead to leaking API keys, OAuth tokens, conversation history, and credentials. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/viral-moltbot-ai-assistant-raises-concerns-over-data-security/
-
What Are Service Accounts and Why Are They a Security Risk?
Tags: api, cloud, container, credentials, cyberattack, data, identity, infrastructure, risk, service6 min read79 percent of cyberattacks now rely purely on identity compromise, using legitimate credentials to move laterally, escalate privileges and exfiltrate data while appearing authorized at every step. Service accounts represent the automated backbone of modern infrastructure, operating continuously across cloud platforms, databases, APIs and container orchestrators as non-human identities. Their ubiquity makes them…
-
Stop Staring at JSON: How GenAI is Solving the API >>Context Crisis<<
Tags: ai, api, attack, authentication, banking, business, credentials, credit-card, data, endpoint, governance, mobile, organized, risk, soc, threat, toolThere is a moment that happens in every SOC (Security Operations Center) every day. An alert fires. An analyst looks at a dashboard and sees a UR: POST /vs/payments/proc/77a. And then they stop. They stare. And they ask the question that kills productivity: “What does this thing actually do?” Is it a critical payment gateway?…
-
Always-on privileged access is pervasive, and fraught with risks
Tags: access, api, automation, cloud, credentials, cybersecurity, framework, governance, iam, risk, saas, serviceParadigm shift ahead: Forrester analyst Geoff Cairns stresses the cybersecurity risks at play when organizations do not rein in excessive credential use. “Persistent standing privilege, yes, I think that is rampant,” he says. “It is something that attackers can target and then leverage to move laterally through systems and create havoc. The elevated privilege makes that…
-
APT Attacks Target Indian Government Using SHEETCREEP, FIREPOWER, and MAILCREEP – Part 2
Tags: access, ai, api, apt, attack, backdoor, backup, cloud, control, credentials, data, dns, email, exploit, github, google, government, group, india, infection, infrastructure, Internet, linux, malicious, malware, microsoft, monitoring, network, phishing, powershell, programming, service, tactics, threat, tool, update, windowsThis is Part 2 of our two-part technical analysis on the Gopher Strike and Sheet Attack campaigns. For details on the Gopher Strike campaign, go to Part 1.IntroductionIn September 2025, Zscaler ThreatLabz uncovered three additional backdoors, SHEETCREEP, FIREPOWER, and MAILCREEP, used to power the Sheet Attack campaign. In Part 2 of this series, ThreatLabz will…
-
APT Attacks Target Indian Government Using GOGITTER, GITSHELLPAD, and GOSHELL – Part 1
Tags: access, adobe, ai, antivirus, api, apt, attack, authentication, backdoor, backup, cloud, control, data, data-breach, detection, email, endpoint, github, google, government, group, india, infection, infrastructure, injection, Internet, malicious, malware, microsoft, network, phishing, service, spear-phishing, threat, tool, update, windowsIntroductionIn September 2025, Zscaler ThreatLabz identified two campaigns, tracked as Gopher Strike and Sheet Attack, by a threat actor that operates in Pakistan and primarily targets entities in the Indian government. In both campaigns, ThreatLabz identified previously undocumented tools, techniques, and procedures (TTPs). While these campaigns share some similarities with the Pakistan-linked Advanced Persistent Threat (APT) group, APT36, we…
-
Salt Security Expands >>Universal Visibility<< with Specialized API Security for Databricks and Rapid Edge Support for Netlify
Salt Security announced a major expansion of its platform’s connectivity fabric with two new strategic integrations: the Salt Databricks Connector and the Salt Netlify Collector. These additions reinforce Salt’s >>Universal Visibility<>Universal Visibility<< with Specialized API Security for Databricks and Rapid Edge Support for Netlify appeared first on IT Security Guru. First seen on itsecurityguru.org Jump to…
-
Data Privacy Day 2026: Datenschutz durch KI so relevant wie nie
Der Data Privacy Day versteht sich und sollte als ein Weckruf wahrgenommen werden. Immer mehr Daten werden von KI, APIs und Bots abgerufen. Deshalb müssen Unternehmen den Datenschutz von vornherein in ihre Systeme integrieren und dabei eine weitaus bessere Kontrolle und klarere Kommunikation darüber gewährleisten, wie Daten erfasst, weitergegeben und verwendet werden. First seen on…
-
From the Data Lake to the Edge: Why Universal Visibility is the Future of API Security
If you look at an enterprise architecture diagram from five years ago, it looks relatively tidy. You had a data center, maybe a cloud provider, and a few gateways. Today, that diagram looks like a constellation. Data is living in AI platforms like Databricks. Frontend applications are pushed to the edge on Netlify. Logic is…
-
Critical Chainlit AI Flaws Let Hackers Seize Control Of Cloud Environments
Tags: ai, api, cloud, control, credentials, cve, cyber, flaw, framework, hacker, Internet, open-source, pypi, vulnerabilityZafran Labs uncovered two critical vulnerabilities in Chainlit, a popular open-source framework for building conversational AI apps. Chainlit powers internet-facing AI systems in enterprises across industries, averaging 700,000 PyPI downloads monthly. The flaws CVE-2026-22218 (arbitrary file read) and CVE-2026-22219 (SSRF) enable attackers to steal API keys, sensitive files, and cloud credentials without user interaction. Zafran…
-
Chainlit AI Framework Flaws Enable Data Theft via File Read and SSRF Bugs
Security vulnerabilities were uncovered in the popular open-source artificial intelligence (AI) framework Chainlit that could allow attackers to steal sensitive data, which may allow for lateral movement within a susceptible organization.Zafran Security said the high-severity flaws, collectively dubbed ChainLeak, could be abused to leak cloud environment API keys and steal sensitive files, or First seen…