Tag: api

Kritische Sicherheitslücke – Angriffe auf IBM API Connect ohne Authentifizierung möglich

Jan 20, 2026 8:13 AM

Tags: api, authentication, bug, cyberattack, ibm

First seen on security-insider.de Jump to article: www.security-insider.de/softwarefehler-api-connect-ibm-a-649c1fa70812396057030720140e574b/
How to Visualize Web API Coverage with Screenshots and Validate Attack Paths in Escape

Jan 19, 2026 8:13 PM

Tags: api, attack

Visualize web and API coverage, validate attack paths, and confirm every executed action with screenshots and logs in Escape First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/how-to-visualize-web-api-coverage-with-screenshots-and-validate-attack-paths-in-escape/
Anthropic’s Cowork Shipped With Known Vulnerability

Jan 19, 2026 7:13 PM

Tags: access, ai, api, exploit, vulnerability

AI Agent Can Access File Upload API to Exfiltrate Documents. Security researchers have demonstrated how Anthropic’s new Claude Cowork productivity agent can be tricked into stealing user files and uploading them to an attacker’s account, exploiting a vulnerability the company allegedly knew about. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/anthropics-cowork-shipped-known-vulnerability-a-30553
Neue EU-Schwachstellen-Datenbank gestartet

Jan 19, 2026 5:21 PM

Tags: api, compliance, computer, cybersecurity, incident response, open-source, risk-management, security-incident, tool, vulnerability, vulnerability-management

Die neue GCVE-Datenbank soll das Schwachstellenmanagement effizienter und einfacher machen.Mit db.gcve.eu stellt die GCVE-Initiative (Global Cybersecurity Vulnerability Enumeration) ab sofort eine kostenfreie, öffentlich zugängliche Datenbank für IT-Sicherheitslücken bereit. Ziel ist es, die Abhängigkeit von US-Datenbanken zu beenden und die digitale Souveränität in Europa zu stärken. Die Plattform führt Informationen aus verschiedenen öffentlichen Ressourcen zusammen. Dazu…
Five Chrome extensions caught hijacking enterprise sessions

Jan 19, 2026 1:13 PM

Tags: access, api, authentication, breach, browser, chrome, cloud, data, defense, infrastructure, injection, login, malicious, mfa, monitoring, password, software, threat, tool

Blocking defenses and hijacking sessions: The campaign went beyond stealing credentials. Two of the extensions, Tool Access 11 and Data By Cloud 2, incorporated DOM manipulation routines that actively blocked access to security and administrative pages within the targeted platforms. This prevented the enterprise admins from reaching screens to change passwords, view sign-on history, or…
OAuth Scopes Consent: Complete Guide to Secure API Authorization

Jan 19, 2026 12:13 PM

Tags: api, guide

Learn how to design secure OAuth scopes and consent flows for enterprise applications. A complete guide for CTOs on API authorization and CIAM. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/oauth-scopes-consent-complete-guide-to-secure-api-authorization/
7 top cybersecurity projects for 2026

Jan 19, 2026 9:13 AM

Tags: access, ai, api, attack, authentication, business, cisco, ciso, cloud, communications, compliance, control, credentials, cybersecurity, data, defense, detection, email, framework, governance, infrastructure, LLM, mail, phishing, programming, resilience, risk, software, strategy, technology, threat, tool, vulnerability, zero-trust

2. Strengthening email security: Phishing continues to be a primary attack vector for stealing credentials and defrauding victims, says Mary Ann Blair, CISO at Carnegie Mellon University. She warns that threat actors are now generating increasingly sophisticated phishing attacks, effectively evading mail providers’ detection capabilities. “Legacy multifactor authentication techniques are now regularly defeated, and threat…
7 top cybersecurity projects for 2026

Jan 19, 2026 9:13 AM

Tags: access, ai, api, attack, authentication, business, cisco, ciso, cloud, communications, compliance, control, credentials, cybersecurity, data, defense, detection, email, framework, governance, infrastructure, LLM, mail, phishing, programming, resilience, risk, software, strategy, technology, threat, tool, vulnerability, zero-trust

2. Strengthening email security: Phishing continues to be a primary attack vector for stealing credentials and defrauding victims, says Mary Ann Blair, CISO at Carnegie Mellon University. She warns that threat actors are now generating increasingly sophisticated phishing attacks, effectively evading mail providers’ detection capabilities. “Legacy multifactor authentication techniques are now regularly defeated, and threat…
ServiceNow BodySnatcher flaw highlights risks of rushed AI integrations

Jan 19, 2026 9:13 AM

Tags: ai, api, attack, authentication, backdoor, control, credentials, email, flaw, mfa, password, risk, update, vulnerability

Enter agent-to-agent interactions and execution: The platform was later extended further to support external AI agents talking to internal ServiceNow AI agents that could execute tasks. To enable this, the company created a special protocol and a separate REST API that requires authentication.However, this new API is apparently just another layer on top of the…
New “BodySnatcher” Flaw Allows Full ServiceNow User Impersonation

Jan 19, 2026 8:13 AM

Tags: ai, api, authentication, backdoor, control, cve, cyber, email, flaw, mfa, vulnerability

Security researcher has disclosed a critical vulnerability in ServiceNow’s Virtual Agent API and Now Assist AI Agents application, tracked as CVE-2025-12420. Dubbed >>BodySnatcher,<< this flaw enables unauthenticated attackers to impersonate any ServiceNow user using only their email address, bypassing multi-factor authentication and single sign-on controls to execute privileged AI workflows and create backdoor administrator accounts.…
Insider risk in an age of workforce volatility

Jan 16, 2026 8:52 AM

Tags: access, ai, api, authentication, automation, backdoor, backup, china, ciso, control, credentials, cyber, cybersecurity, data, data-breach, exploit, framework, governance, government, identity, jobs, least-privilege, malicious, mitigation, monitoring, network, risk, strategy, supply-chain, threat, zero-trust

Early warnings: The machine as insider risk/threat: These dynamics are not emerging in a vacuum. They represent the culmination of warnings that have been building for years.As early as 2021, in my CSO opinion piece “Device identity: The overlooked insider threat,” Rajan Koo (then chief customer officer at DTEX Systems, now CTO) observed: “There needs…
Using JWT as API Keys: Security Best Practices Implementation Guide

Jan 15, 2026 7:11 AM

Tags: api, best-practice, guide

Learn how to use JWT as API keys for enterprise apps. We cover security best practices, oidc integration, and avoiding common auth breaches. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/using-jwt-as-api-keys-security-best-practices-implementation-guide/
Beyond Testing: API Security as the Foundational Intelligence for an ‘industry leader’-Level Security Strategy

Jan 14, 2026 10:12 PM

Tags: ai, api, application-security, attack, business, ciso, communications, container, data, detection, gartner, governance, intelligence, risk, service, strategy, technology, tool, vulnerability

In today’s security landscape, it’s easy to get lost in a sea of acronyms. But one layer has become the undisputed foundation for modern application security: API security. Why? Because APIs are no longer just part of the application, they are the application. They are the connective tissue for microservices, third-party data, and the explosive…
Lack of isolation in agentic browsers resurfaces old vulnerabilities

Jan 13, 2026 7:02 PM

Tags: access, ai, api, attack, authentication, control, corporate, credentials, data, data-breach, defense, dns, email, exploit, finance, flaw, framework, github, google, hacker, healthcare, injection, Internet, leak, linkedin, LLM, malicious, mitigation, network, nvidia, organized, privacy, programming, risk, service, side-channel, threat, tool, training, unauthorized, update, vulnerability, xss

With browser-embedded AI agents, we’re essentially starting the security journey over again. We exploited a lack of isolation mechanisms in multiple agentic browsers to perform attacks ranging from the dissemination of false information to cross-site data leaks. These attacks, which are functionally similar to cross-site scripting (XSS) and cross-site request forgery (CSRF), resurface decades-old patterns…
Malicious Chrome Extension Steals MEXC API Keys by Masquerading as Trading Tool

Jan 13, 2026 7:02 PM

Tags: api, browser, chrome, crypto, cybersecurity, google, malicious, tool

Cybersecurity researchers have disclosed details of a malicious Google Chrome extension that’s capable of stealing API keys associated with MEXC, a centralized cryptocurrency exchange (CEX) available in over 170 countries, while masquerading as a tool to automate trading on the platform.The extension, named MEXC API Automator (ID: pppdfgkfdemgfknfnhpkibbkabhghhfh), has 29 downloads and is still First…
BodySnatcher (CVE-2025-12420): A Broken Authentication and Agentic Hijacking Vulnerability in ServiceNow

Jan 13, 2026 5:02 PM

Tags: ai, api, authentication, vulnerability

BodySnatcher (CVE-2025-12420) exposes a critical agentic AI security vulnerability in ServiceNow. Aaron Costello’s deep dive analyzes interplay between Virtual Agent API and Now Assist enabled in this exploit. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/bodysnatcher-cve-2025-12420-a-broken-authentication-and-agentic-hijacking-vulnerability-in-servicenow/
AI Supply Chain Risk: Will CIOs Be Held Accountable?

Jan 13, 2026 4:02 PM

Tags: ai, api, breach, cio, data, open-source, risk, supply-chain

Growing Third-Party Breach Trend Is Spreading to AI Suppliers IT organizations have built processes for reducing vendor risk, but in the AI era, that operating model is being dismantled. Modern AI environments are built on dynamic external foundational models, countless APIs, open-source components and continuous data pipelines that pose risks. First seen on govinfosecurity.com Jump…
[Webinar] Securing Agentic AI: From MCPs and Tool Access to Shadow API Key Sprawl

Jan 13, 2026 4:02 PM

Tags: access, ai, api, control, software, tool

AI agents are no longer just writing code. They are executing it.Tools like Copilot, Claude Code, and Codex can now build, test, and deploy software end-to-end in minutes. That speed is reshaping engineering”, but it’s also creating a security gap most teams don’t see until something breaks.Behind every agentic workflow sits a layer few organizations…
Top 10 vendors for AI-enabled security, according to CISOs

Jan 13, 2026 9:01 AM

Tags: access, ai, api, attack, automation, business, ceo, cisco, ciso, cloud, container, crowdstrike, cybersecurity, data, detection, edr, email, encryption, endpoint, firewall, gartner, google, governance, group, ibm, identity, incident response, intelligence, jobs, mandiant, microsoft, monitoring, network, openai, phishing, ransomware, risk, risk-assessment, service, siem, soar, soc, social-engineering, software, startup, technology, threat, tool, vmware, vulnerability, waf, zero-trust

2. Microsoft: Why they’re here: Similar to Cisco, Microsoft is embedded in virtually every enterprise, and is also a vendor that has marshalled its considerable resources to build an AI-powered security ecosystem. The platform includes Microsoft Defender for securing cloud environments, Microsoft Sentinel for cloud-native SIEM, Microsoft Purview for data governance, Microsoft Intune for endpoint…
Malicious Chrome Extension Steals Wallet Credentials, Enables Automated Trading Abuse

Jan 13, 2026 7:02 AM

Tags: api, browser, chrome, credentials, crypto, cyber, malicious, malware, threat, unauthorized

A sophisticated malware campaign targeting cryptocurrency traders has been uncovered by Socket’s Threat Research Team, revealing a malicious Chrome extension designed to steal MEXC exchange API credentials and enable unauthorized account control. The malicious extension operates by programmatically creating new MEXC API keys, enabling withdrawal permissions without user knowledge, and exfiltrating the resulting credentials to…
Attackers Probing Popular LLMs Looking for Access to APIs: Report

Jan 12, 2026 9:02 PM

Tags: access, ai, api, exploit, LLM, threat

Security researchers with GreyNoise say they’ve detected a campaign in which the threat actors are targeting more than 70 popular AI LLM models in a likely reconnaissance mission that will feed into what they call a “larger exploitation pipeline.” First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/attackers-probing-popular-llms-looking-for-access-to-apis-report/
Tenable Is a Gartner® Peer Insights Customers’ Choice for Cloud-Native Application Protection Platforms

Jan 12, 2026 6:02 PM

Tags: ai, api, attack, automation, banking, ciso, cloud, compliance, control, cybersecurity, data, detection, gartner, google, governance, healthcare, identity, infrastructure, microsoft, risk, risk-management, service, software, strategy, technology, tool, vulnerability, vulnerability-management

This recognition, based entirely on feedback from the people who use our products every day, to us is a testament to the unmatched value Tenable Cloud Security CNAPP offers organizations worldwide. Our key takeaways: In our view, this peer recognition confirms Tenable’s strategic value in helping organizations worldwide, across all industry sectors, preemptively close critical…
Google Chrome Pushes Critical Security Update for 3B Users

Jan 12, 2026 6:02 PM

Tags: api, browser, chrome, cve, google, spam, update

Google patched high-severity CVE-2026-0628 in Chrome 143 and added Push API rate limits to curb notification spam, with penalties up to 14 days. The post Google Chrome Pushes Critical Security Update for 3B Users appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-google-chrome-vulnerabilities-3b/
EDRStartupHinder: Blocks Antivirus EDR at Windows 11 25H2 Startup (Defender Included)

Jan 12, 2026 7:01 AM

Tags: antivirus, api, cyber, cybersecurity, detection, edr, endpoint, exploit, microsoft, software, startup, tool, windows

A cybersecurity researcher has unveiled EDRStartupHinder, a proof-of-concept tool that prevents antivirus and endpoint detection and response (EDR) solutions from launching during Windows startup, including Microsoft Defender on Windows 11 25H2. The technique exploits Windows Bindlink API functionality through the bindflt.sys driver to interfere with security software initialization. The tool builds on previous research into Bindlink…
Beyond “Is Your SOC AI Ready?” Plan the Journey!

Jan 9, 2026 10:01 PM

Tags: access, ai, api, automation, breach, business, ciso, compliance, control, data, detection, framework, guide, metric, mitre, siem, soar, soc, software, strategy, technology, threat, tool, training, update

You read the “AI-ready SOC pillars” blog, but you still see a lot of this: Bungled AI SOC transition How do we do better? Let’s go through all 5 pillars aka readiness dimensions and see what we can actually do to make your SOC AI-ready. #1 SOC Data Foundations As I said before, this one is my…
Ni8mare: Kritische n8n-Lücke bedroht 100.000 Server

Jan 9, 2026 3:01 PM

Tags: access, api, bug, cloud, cve, cvss, cyberattack, google, open-source, rce, remote-code-execution, update, vulnerability

n8n-Anwender sollten ihre Systeme dringend patchen. Forscher warnen vor einer schwerwiegenden Sicherheitslücke. Forscher des Security-Anbieters Cyera haben eine schwerwiegende Schwachstelle in der Workflow-Automatisierungsplattform n8n entdeckt. Sie ermöglicht es Angreifern, beliebigen Code auszuführen. Auf diese Weise könnten sie die vollständige Kontrolle über die betroffene Umgebung übernehmen, so die Experten. Laut Forschungsbericht sind davon 100.000 Server betroffen.…
CISA flags max-severity bug in HPE OneView amid active exploitation

Jan 9, 2026 2:01 PM

Tags: api, authentication, cisa, endpoint, exploit, flaw, Hardware, intelligence, kev, monitoring, software, strategy, threat, update, vulnerability

Not an ‘apply and move on’ solution: While CISA’s KEV inclusion raised the priority immediately, enterprises can’t treat OneView like a routine endpoint patch. Management-plane software is often deployed on-premises, sometimes on physical servers, and tightly coupled with production workflows. A rushed fix that breaks monitoring, authentication, or integrations can be almost as dangerous as…
How AI agents are turning security inside-out

Jan 9, 2026 9:01 AM

Tags: ai, api, application-security, attack, cloud, control, risk, software, supply-chain

AppSec teams have spent the last decade hardening externally facing applications, API security, software supply chain risk, CI/CD controls, and cloud-native attack paths. But … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/09/ai-agents-appsec-risk/
Enterprises still aren’t getting IAM right

Jan 9, 2026 6:01 AM

Tags: access, ai, api, authentication, automation, cloud, control, credentials, cybersecurity, data, email, governance, iam, identity, incident response, infrastructure, least-privilege, password, risk, saas, service, tool

Just 1% have fully implemented a modern just-in-time (JIT) privileged access model;91% say at least half of their privileged access is always-on (standard privilege), providing unrestricted, persistent access to sensitive systems;45% apply the same privileged access controls to human and AI identities;33% lack clear AI access policies.The research also revealed a growing issue with “shadow…
The 2 faces of AI: How emerging models empower and endanger cybersecurity

Jan 8, 2026 8:02 PM

Tags: ai, api, attack, compliance, credentials, cyber, cybersecurity, data, deep-fake, defense, detection, endpoint, espionage, exploit, finance, flaw, framework, GDPR, google, governance, government, group, guide, hacker, HIPAA, incident response, injection, intelligence, LLM, malicious, malware, mandiant, microsoft, network, PCI, penetration-testing, privacy, risk, russia, scam, security-incident, service, social-engineering, strategy, tactics, threat, tool, vulnerability, zero-day

Self-modifying, evasive malware More recently, the researchers at Google Threat Intelligence Group (GTIG) identified a disturbing new trend: malware that uses LLMs during execution to dynamically alter its own behavior and evade detection. This is not pre-generated code, this is code that adapts mid-execution.In June 2025, GTIG identified an experimental malware called PROMPTFLUX, which connects…