Tag: api
-
CoinMarketCap Doodle Image Vulnerability Lets Attackers Run Malicious Code via API Call
CoinMarketCap, the globally recognized cryptocurrency data aggregator, experienced a significant security incident when a vulnerability in its homepage doodle image was exploited to inject malicious code, leading to a phishing campaign targeting user wallets. Incident Overview The breach originated from a seemingly innocuous doodle image featured on CoinMarketCap’s homepage. Threat actors manipulated the backend API…
-
Malicious AI Agent in LangSmith May Have Exposed API Data
High-Severity Flaw in LangChain’s AI Tooling Hub Now Patched. A flaw in the LangSmith platform, an open-source framework that helps developers build LLM-powered applications, can enable hackers to siphon sensitive data, said Noma Security. Dubbed AgentSmith, the flaw can allow attackers to embed malicious proxy configurations into public AI agents. First seen on govinfosecurity.com Jump…
-
Insomnia API Client Vulnerability Enables Arbitrary Code Execution via Template Injection
A severe security vulnerability in the Insomnia API Client, a widely used tool by developers and security testers for interacting with APIs, has been uncovered by researchers at an offensive security consultancy. Discovered by Technical Director Marcio Almeida and Head of Research Justin Steven, the flaw allows for arbitrary code execution through a mechanism known…
-
A New Identity Playbook for AI Agents: Securing the Agentic User Flow
Artificial intelligence has reached an inflection point. AI agents are no longer just service accounts or background processes. They’re decision-makers, workflow executors, and digital delegates”, acting autonomously across APIs, clouds, and systems. Unlike traditional non-human identities (NHI), like service accounts or static API keys, agentic identities are dynamic, ephemeral, and often self-directed. Gartner highlights that…
-
The Identity Gaps in Agentic AI: 9 Problems We Must Solve to Secure the Future
AI agents have evolved from passive tools into proactive actors”, making decisions, executing transactions, and interacting with APIs autonomously. Unlike traditional non-human identities (NHI) that serve narrow, static purposes, agentic identities are dynamic, ephemeral, and often independent in their actions. By 2026, Gartner predicts that 30% of enterprises will rely on AI agents that operate…
-
Five Uncomfortable Truths About LLMs in Production
Many tech professionals see integrating large language models (LLMs) as a simple process -just connect an API and let it run. At Wallarm, our experience has proved otherwise. Through rigorous testing and iteration, our engineering team uncovered several critical insights about deploying LLMs securely and effectively. This blog shares our journey of integrating cutting-edge AI…
-
Why Enterprises Need JustTime Provisioning to Secure AI at Scale
AI agents are no longer science experiments in the enterprise. They’re becoming actors in critical workflows”, making decisions, performing transactions, and chaining together complex API calls across multi-cloud environments. Gartner calls this the shift from predictive to proactive AI, where agents don’t just respond”, they act. But there’s a catch: our identity systems weren’t designed…
-
How JustTime Provisioning Creates Artificial Agent Identities on Demand
Artificial intelligence is entering its agentic era”, where AI systems don’t just assist humans, they act autonomously to accomplish complex tasks. These agents can reason, delegate, and interact with APIs and systems across clouds, all at machine speed. Gartner predicts that by 2026, 30% of enterprises will deploy AI agents capable of acting on behalf…
-
Malicious PyPI Package Targets Developer Credentials
JFrog uncovers multi-stage malware harvesting cloud secrets. Multi-stage malware embedded in a Python package is stealing sensitive cloud infrastructure data, JFrog researchers said Monday. The package steals credentials, configuration files, API tokens and other data from corporate cloud environments. It targets developers using the Chimera sandbox platform. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/malicious-pypi-package-targets-developer-credentials-a-28725
-
LangSmith Bug Could Expose OpenAI Keys and User Data via Malicious Agents
Cybersecurity researchers have disclosed a now-patched security flaw in LangChain’s LangSmith platform that could be exploited to capture sensitive data, including API keys and user prompts.The vulnerability, which carries a CVSS score of 8.8 out of a maximum of 10.0, has been codenamed AgentSmith by Noma Security.LangSmith is an observability and evaluation platform that allows…
-
Security, risk and compliance in the world of AI agents
Tags: access, ai, api, attack, automation, business, compliance, control, credentials, data, encryption, finance, framework, governance, grc, identity, infection, injection, ISO-27001, jobs, LLM, monitoring, password, privacy, regulation, resilience, risk, service, tool, trainingUnderstand and interpret natural language Access internal and external data sources dynamically Invoke tools (like APIs, databases, search engines) Carry memory to recall prior interactions or results Chain logic to reason through complex multi-step tasks They may be deployed through: Open-source frameworks like LangChain or Semantic Kernel Custom-built agent stacks powered by internal LLM APIs Hybrid orchestration models integrated across business platforms Real-world examples…
-
Sicherheitsrisiko bei Salesforce Industry Cloud
Die Salesforce Industry Cloud ist mit Konfigurationsrisiken behaftet.Die vertikal ausgerichtete Lösungssuite Salesforce Industry Cloud umfasst eine Low-Code-Plattform, die vorgefertigte Tools für die digitale Transformation für bestimmte Branchen wie Finanzdienstleistungen und Fertigung bereitstellt. Forscher von AppOmni haben nun herausgefunden, dass Kunden ihre Komponenten leicht falsch konfigurieren können. Dadurch besteht die Gefahr, dass Angreifer Zugriff auf verschlüsselte…
-
Hunting Through APIs Graph, Azure Monitor, and Defender ATP APIs
Tags: apiFirst seen on thesecurityblogger.com Jump to article: www.thesecurityblogger.com/hunting-through-apis/
-
What are the best practices for MCP security?
Introduction Modern applications are increasingly powered by large language models (LLMs) that don’t just generate text”, they can call live APIs, query databases, and even trigger automated workflows. The Model Context Protocol (MCP) makes this possible by standardizing how LLMs interface with external tools, turning your AI assistant into a fully programmable agent. With great…
-
Google Cloud Suffers Major Disruption After API Management Error
Google Cloud experienced one of its most significant outages in recent years, disrupting a vast array of services and impacting millions of users and businesses worldwide. The disruption, which lasted for over three hours, was traced back to a critical error in Google Cloud’s API management system, highlighting the vulnerabilities inherent in modern cloud infrastructure.…
-
Google links massive cloud outage to API management issue
Google says an API management issue is behind Thursday’s massive Google Cloud outage, which disrupted or brought down its services and many other online platforms. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/google/google-links-massive-cloud-outage-to-api-management-issue/
-
How identity management is shifting into the agent era
We’re witnessing a shift in enterprise architecture: AI agents are moving from supporting roles to autonomous actors that drive decisions, trigger transactions, and interact directly with APIs, often on behalf of users. As a result, identity management is evolving. Identity isn’t just for humans anymore, it’s becoming the security backbone for intelligent, non-human… First seen…
-
SHARED INTEL QA: A sharper lens on rising API logic abuse, and a framework to fight back
In today’s digital enterprise, API-driven infrastructure is the connective tissue holding everything together. Related: The DocuSign API-abuse hack From mobile apps to backend workflows, APIs are what keep digital services talking”, and scaling. But this essential layer of connectivity is also… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/06/shared-intel-qa-a-sharper-lens-on-rising-api-logic-abuse-and-a-framework-to-fight-back/
-
Apache Kafka Arbitrary File Read and SSRF Vulnerability (CVE-2025-27817)
Overview Recently, NSFOCUS CERT detected that Apache issued a security bulletin to fix the arbitrary file read and SSRF vulnerabilities in Apache Kafka (CVE-2025-27817); Because the Apache Kafka client does not strictly validate and restrict user input, an unauthenticated attacker can elevate the file system/environment/URL access rights of the REST API by constructing malicious configurations…The…
-
From Puppeteer stealth to Nodriver: How anti-detect frameworks evolved to evade bot detection
Browser automation tools like Puppeteer, Playwright, and Selenium are widely used for testing, scraping, and other automation tasks. However, because they were not designed with stealth in mind, they often expose detectable traces. These can include headless browser markers, inconsistencies in JavaScript APIs, or synthetic input patterns, all of which First seen on securityboulevard.com Jump…
-
APIContext Releases Guide to Enterprise API Readiness for Autonomous AI Agents
In 2025, agentic AI has rapidly moved from theoretical promise to real-world implementation, reshaping the digital infrastructure of enterprises worldwide. These autonomous systems, capable of making decisions, initiating actions, and interacting with APIs at machine speed, are unlocking extraordinary efficiencies across industries. But with innovation comes risk and with that in mind, APIContext have today…
-
Mirai botnet weaponizes PoC to exploit Wazuh open-source XDR flaw
Two Mirai variants integrate the exploit: The first botnet exploiting CVE-2025-24016 was detected by Akamai in March and used a proof-of-concept (PoC) exploit that was published for the vulnerability in late February. That exploit targets the /security/user/authenticate/run_as API endpoint.The second botnet was detected in early May and targeted the /Wazuh endpoint, but the exploit payload…
-
The Hidden Threat in Your Stack: Why Non-Human Identity Management is the Next Cybersecurity Frontier
Modern enterprise networks are highly complex environments that rely on hundreds of apps and infrastructure services. These systems need to interact securely and efficiently without constant human oversight, which is where non-human identities (NHIs) come in. NHIs, including application secrets, API keys, service accounts, and OAuth tokens, have exploded in recent years, thanks to an…
-
Exploitation of Critical Wazuh Server RCE Vulnerability Leads to Mirai Variant Deployment
The Akamai Security Intelligence and Response Team (SIRT) has uncovered active exploitation of a critical remote code execution (RCE) vulnerability in Wazuh servers, identified as CVE-2025-24016 with a CVSS score of 9.9. Disclosed in February 2025, this vulnerability affects Wazuh versions 4.4.0 through 4.9.0 and stems from unsafe deserialization in the Distributed API (DAPI) requests,…
-
Hidden Backdoors in npm Packages Let Attackers Wipe Entire Systems
Malicious npm packages found with hidden endpoints that wipe systems on command. Devs warned to check dependencies for express-api-sync, system-health-sync-api. First seen on hackread.com Jump to article: hackread.com/backdoors-npm-packages-attackers-wipe-systems/
-
Chrome extension privacy promises undone by hardcoded secrets, leaky HTTP
Extension code uses hardcoded credentials: Guo added that hardcoded credentials, such as API keys, secrets, and tokens, are exposed within popular extensions’ JavaScript, making them accessible to anyone who inspects the extension’s source code. For instance, Avast Online Security and Privacy and AVG Online Security extensions, aimed at browsing privacy and security, both contain hardcoded Google…
-
Unmasking the silent saboteur you didn’t know was running the show
Tags: 5G, access, ai, api, attack, authentication, backup, blockchain, breach, ciso, cloud, compliance, control, cybersecurity, data, defense, endpoint, firewall, firmware, GDPR, governance, Hardware, incident response, iot, ISO-27001, login, malicious, network, nis-2, PCI, service, siem, supply-chain, threat, zero-trustCybersecurity depends on accurate clocks : Your logs are only as valuable as your clocks are accurate. If your servers are out of sync, forget to reconstruct timelines. You’ll spend hours chasing phantom alerts. Event correlation and forensics Your SIEM is only as good as the timestamps it gets. Correlating events across endpoints, firewalls and cloud…