Tag: api
-
Cursor AI Agent Wipes PocketOS Database and Backups in 9 Seconds
PocketOS founder says Cursor AI agent deleted its production database in 9 seconds after misusing a root API token, exposing major Railway security flaws. First seen on hackread.com Jump to article: hackread.com/cursor-ai-agent-wipes-pocketos-database-backups/
-
CVE-2026-42208: LiteLLM bug exploited 36 hours after its disclosure
Attackers quickly exploited a critical LiteLLM flaw (CVE-2026-42208) to access and modify sensitive database data via SQL injection. Attackers rapidly exploited a critical vulnerability in LiteLLM Python package, tracked as CVE-2026-42208, just days after it became public. The vulnerability, an SQL injection in the proxy API key verification process, lets attackers access and potentially modify database…
-
Polymarket Rejects Data Breach Claims as Hacker Alleges 300K Records Stolen
A hacker using the alias “Xorcat” claims to have breached Polymarket using API flaws, but research suggests the leak could be just data scraping incident. First seen on hackread.com Jump to article: hackread.com/polymarket-rejects-data-breach-hacker-records-stolen/
-
Cursor Extension Flaw Exposes Developer API Keys
Cursor flaw lets extensions steal API keys and session tokens without user interaction, according to researchers at LayerX First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cursor-extension-flaw-exposes-api/
-
Cursor AI Extension Flaw Exposes Developer Tokens to Credential Theft
Security researchers at LayerX have uncovered a high-severity vulnerability in the popular AI-powered development environment, Cursor. Dubbed >>CursorJacking,<< this flaw carries a CVSS score of 8.2 and exposes developers to immediate credential theft. Any installed extension can silently access a user's API keys and session tokens without requiring special permissions or user interaction. Standard security…
-
SLOTAGENT Malware Hides API Calls and Strings to Thwart Analysis
A previously unknown remote access trojan (RAT), dubbed SLOTAGENT, after analyzing a suspicious ZIP archive uploaded from Japan to a public malware repository in early 2026. The malware demonstrates advanced evasion techniques and flexible post-exploitation capabilities, making it a notable addition to the evolving threat landscape. The ZIP file contains a malicious executable, WindowsOobeAppHost.AOT.exe, which triggers the…
-
SLOTAGENT Malware Hides API Calls and Strings to Thwart Analysis
A previously unknown remote access trojan (RAT), dubbed SLOTAGENT, after analyzing a suspicious ZIP archive uploaded from Japan to a public malware repository in early 2026. The malware demonstrates advanced evasion techniques and flexible post-exploitation capabilities, making it a notable addition to the evolving threat landscape. The ZIP file contains a malicious executable, WindowsOobeAppHost.AOT.exe, which triggers the…
-
SLOTAGENT Malware Hides API Calls and Strings to Thwart Analysis
A previously unknown remote access trojan (RAT), dubbed SLOTAGENT, after analyzing a suspicious ZIP archive uploaded from Japan to a public malware repository in early 2026. The malware demonstrates advanced evasion techniques and flexible post-exploitation capabilities, making it a notable addition to the evolving threat landscape. The ZIP file contains a malicious executable, WindowsOobeAppHost.AOT.exe, which triggers the…
-
How a Long-Lived API Credential Let an AI Agent Delete Production Data
4 min readWhat began as a routine staging task for a SaaS startup ended in a disaster that would have been unthinkable just months ago: an AI agent operating as a super insider threat and triggering a worst-case production failure. In a detailed X post, Jer Crane, founder of PocketOS, a software platform for the…
-
How a Long-Lived API Credential Let an AI Agent Delete Production Data
4 min readWhat began as a routine staging task for a SaaS startup ended in a disaster that would have been unthinkable just months ago: an AI agent operating as a super insider threat and triggering a worst-case production failure. In a detailed X post, Jer Crane, founder of PocketOS, a software platform for the…
-
How a Long-Lived API Credential Let an AI Agent Delete Production Data
4 min readWhat began as a routine staging task for a SaaS startup ended in a disaster that would have been unthinkable just months ago: an AI agent operating as a super insider threat and triggering a worst-case production failure. In a detailed X post, Jer Crane, founder of PocketOS, a software platform for the…
-
ClickUp Data Leak Exposes Enterprise Emails for Over a Year
A hardcoded ClickUp API key exposed hundreds of corporate and government emails for over a year, raising new SaaS security concerns. The post ClickUp Data Leak Exposes Enterprise Emails for Over a Year appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-clickup-api-key-email-exposure/
-
ClickUp Data Leak Exposes Enterprise Emails for Over a Year
A hardcoded API key in ClickUp’s public website exposed hundreds of enterprise and government email addresses for over a year. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/clickup-data-leak-exposes-enterprise-emails-for-over-a-year/
-
AI Agent Wipes Startup’s Data in 9-Second API Call
Claude-Powered Tool Deletes Production Data, Then Explains Its Failures. A Claude Opus 4.6-powered coding agent erased three months of PocketOS production data in a single API call after misusing an over-permissioned token. The system later, when prompted, admitted to violating safety rules. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/ai-agent-wipes-startups-data-in-9-second-api-call-a-31521
-
The Facebook ID problem breaking your DLP alerts
Tags: ai, api, credit-card, data, detection, exploit, finance, governance, LLM, ml, PCI, risk, service, sql, technology, tool, zero-trustHow we reverse-engineered the structure of Facebook IDs to improve credit card classification. (This is blog 3 in our Classification Series. You can also read {children} and {children}) The concept behind data loss prevention (DLP) platforms is simple and powerful: Discover and classify sensitive data then apply policies to prevent that data from leaving the…
-
From Shadow AI to Full Control: FireTail’s Q1 2026 Updates FireTail Blog
Apr 28, 2026 – Timo Rüppell – Most security teams have accepted a hard truth in recent months. AI has already arrived in your organization. It resides in your codebase, runs in your cloud infrastructure, and is likely open in a nearby browser tab right now.The question is no longer whether to let AI in.…
-
6 Lessons Security Leaders Must Learn About AI and APIs
Most organizations treating AI security as a model problem are defending the wrong layer. Security teams filter prompts, patch jailbreaks, and tune model behavior, which is all necessary work, while the actual attack surface sits largely unexamined underneath. That surface is the API layer: the endpoints AI systems use to retrieve data, call tools, and…
-
Artifact Poisoning: A Silent Threat to Enterprise Software Supply Chains
Software supply chains have quietly become one of the most critical and most vulnerable foundations of modern enterprises. Today, applications are no longer monolithic systems built entirely in-house. Instead, they are complex assemblies of open-source libraries, third-party packages, container images, APIs, and pre-built binaries pulled from multiple repositories. This interconnected ecosystem has dramatically improved speed,……
-
Critical LiteLLM Flaw Enables Database Attacks Through SQL Injection
Tags: access, api, attack, authentication, cve, cyber, cybercrime, exploit, flaw, injection, sql, vulnerabilityA critical pre-authentication SQL injection vulnerability, identified as CVE-2026-42208, has been discovered in the popular LiteLLM gateway, allowing attackers to access databases without credentials. Cybercriminals have already been observed exploiting this flaw to target high-value secrets such as API keys and provider credentials. Overview of the Vulnerability CVE-2026-42208 is a critical flaw in LiteLLM, an…
-
Microsoft patched an ‘agent-only’ role that was not
From principal ownership to full takeover: Once ownership of a service principal was obtained, the attacker could generate new credentials like client secrets or certificates, and use them to authenticate as the compromised application. If the application held elevated directory roles or sensitive API permissions, the attackers could inherit those privileges.”The impact depends on the…
-
Technology-Innovation-Leadership 2026 Auszeichnung für Check Point für seine WAF- und API-Sicherheitslösungen
Check Point Software Technologies gibt bekannt, dass das Unternehmen für seine Fortschritte im Bereich des Schutzes von Webanwendungen und APIs (WAAP) mit der Auszeichnung ‘Technology Innovation Leadership 2026″ von Frost & Sullivan geehrt wurde. Die neue Auszeichnung verdeutlicht, wie Check Points Strategie, bei der Prävention an erster Stelle steht, sowie die Beiträge des Unternehmens zur…
-
eBay Struggles with Widespread Outage, Disrupting Transactions and API Access
The e-commerce platform eBay, a giant in online auctions and fixed-price listings, faced widespread disruptions beginning late Sunday, April 26, 2026, extending into Monday, as users across the globe reported severe technical issues. The eBay outage, which has crippled essential features of the site, particularly the API, has left many buyers and sellers frustrated, struggling…
-
AI is reshaping DevSecOps to bring security closer to the code
Tags: access, ai, api, application-security, attack, authentication, automation, breach, business, cloud, communications, compliance, container, control, data, data-breach, detection, exploit, governance, infrastructure, injection, least-privilege, risk, service, skills, software, sql, strategy, supply-chain, threat, tool, training, vulnerabilityExplicit security requirements elevate AI benefits: While deploying AI with DevSecOps is helping to shift the emphasis on security to earlier in the development lifecycle, this requires “explicit instruction to do it right,” says Noe Ramos, vice president of AI operations at business software provider Agiloft.”AI coding assistants accelerate development meaningfully, but they optimize for…
-
Why AI Agents Need Least Privilege Too, and How to Enforce It Automatically
AI agents are cloud identities. They don’t get a badge or a login. They get a service account, an IAM role, or an API key, just like any other non-human identity running in your environment. Mechanically, there’s nothing new. What’s new is how many of them are being deployed, how fast, and with how much……
-
Xinference PyPI Supply Chain Poisoning Warning
Overview Recently, NSFOCUS CERT detected that Xinference had suffered supply chain poisoning in its PyPI warehouse. The attacker stole the PyPI release permission credentials of Xinference maintainers and released three consecutive malicious versions implanted with Trojans on April 22, GMT+8. When triggered by the user, it will collect cloud credentials, SSH keys, API tokens, Sensitive……
-
The Governance Gap: How the EU AI Act Makes API Security a Compliance Imperative
Your legal team just handed you a 400-page document and said “figure out compliance.” The EU AI Act is live, your organization falls under its scope, which is broader than many expect. Even non”‘EU companies must comply if their AI”¯systems are used, deployed, or produce effects within the”¯European”¯Union. In practice, that means that global organizations…
-
Harvester APT Goes Cross-Platform: New Linux Backdoor Abuses Microsoft Graph API
The post Harvester APT Goes Cross-Platform: New Linux Backdoor Abuses Microsoft Graph API appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/harvester-apt-linux-backdoor-microsoft-graph-api/