Tag: api
-
Two flaws in vBulletin forum software are under attack
Experts found two vulnerabilities in the vBulletin forum software, one of which is already being exploited in real-world attacks. Two critical vBulletin flaws, tracked as CVE-2025-48827 and CVE-2025-48828, enable API abuse and remote code execution. The experts warn that one of these flaws is actively exploited in the wild. An unauthenticated user could exploit CVE-2025-48827…
-
The Sequential Kill Chain for AI FireTail Blog
May 30, 2025 – Timo Rüppell – The Sequential Kill Chain for AI-Powered Attacks Excerpt: We’ve talked before about Mean Time To Attack, or MTTA, which has grown alarmingly short for new vulnerabilities across the cyber landscape. In this blog, we’ll dive into the “how” and “why” of this”¦ Summary: In our current cyber landscape,…
-
Evaluating the Security Efficacy of Web Application Firewalls (WAFs)
Web Application Firewalls (WAFs) are now a staple in defending web-facing applications and APIs, acting as specialized filters to block malicious traffic before it ever reaches your systems. But simply deploying a WAF isn’t enough, the real challenge is knowing whether it works when it matters most. Not all WAFs are created equal, and a……
-
Void Blizzard nimmt NATO-Organisationen ins Visier
Tags: access, api, authentication, blizzard, cloud, cyberattack, cyberespionage, edr, fido, framework, governance, government, hacker, intelligence, mail, malware, mfa, microsoft, open-source, passkey, password, phishing, risk, siem, spear-phishing, threat, tool, ukraineRussische Hacker ändern ihre Taktik von Passwort-Spraying zu Phishing, aber ihre Ziele innerhalb der NATO bleiben gleich.Seit über einem Jahr hat es eine neue Cyberspionage-Gruppe, die mit der russischen Regierung in Verbindung stehen soll, auf Unternehmen aus verschiedenen Branchen innerhalb der NATO abgesehen. Die Gruppe wird von Microsoft Threat Intelligence ‘Void Blizzard” genannt. Die niederländischen…
-
Safari Flaw Exploited by BitM Attack to Steal User Login Data
A new wave of phishing attacks, known as Fullscreen Browser-in-the-Middle (BitM) attacks, is exploiting browser features to steal user credentials with unprecedented stealth. Unlike traditional phishing, which relies on fake websites and visible clues, BitM attacks leverage remote browser sessions and the Fullscreen API to create convincing overlays that mask all browser interface elements, including…
-
Poisoned models in fake Alibaba SDKs show challenges of securing AI supply chains
Malicious code in ML models is hard to detect: While Hugging Face hosts models directly, PyPI hosts Python software packages, so detection of poisoned models hidden inside Pickle files hidden inside packages could prove even harder for developers and PyPI’s maintainers, given the extra layer of obfuscation.The attack campaign discovered by ReversingLabs involved three packages:…
-
Fullscreen BitM Attack Discovered by SquareX Exploits Browser Fullscreen APIs to Steal Credentials in Safari
PALO ALTO, California, 29th May 2025, CyberNewsWire First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/fullscreen-bitm-attack-discovered-by-squarex-exploits-browser-fullscreen-apis-to-steal-credentials-in-safari/
-
Most LLMs don’t pass the security sniff test
Advice to CSOs: Lee said that CSOs should consider the following before approving any LLM:Training data: figure out where the model got its info. Random web grabs expose your secrets;Prompt history: if your questions stick around on their servers, they’ll turn up in the next breach bulletin;Credentials: stolen API keys and weak passwords keep attackers…
-
Fullscreen BitM Attack Discovered by SquareX Exploits Browser Fullscreen APIs to Steal Credentials in Safari
PALO ALTO, California, 29th May 2025, CyberNewsWire First seen on hackread.com Jump to article: hackread.com/fullscreen-bitm-attack-discovered-by-squarex-exploits-browser-fullscreen-apis-to-steal-credentials-in-safari/
-
AI Agents and APIs: Understand Complexities Today to Authenticate Tomorrow
The growth of AI agents puts the need for robust API authentication practices front and center, so today we’re highlighting two AI agent scenarios and how you could deal with their typical authentication challenges. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/ai-agents-and-apis-understand-complexities-today-to-authenticate-tomorrow/
-
Woodpecker: Red Teaming Tool Targets AI, Kubernetes, and API Vulnerabilities
Operant AI has announced the release of Woodpecker, an open-source automated red teaming engine designed to make advanced security testing accessible to organizations of all sizes. Traditionally, red teaming”, simulated cyberattacks conducted by ethical hackers to uncover vulnerabilities”, has been a privilege reserved for large enterprises with significant security budgets. With Woodpecker, Operant AI aims…
-
Risk assessment vital when choosing an AI model, say experts
Advice to CSOs: Lee said that CSOs should consider the following before approving any LLM:Training data: figure out where the model got its info. Random web grabs expose your secrets;Prompt history: if your questions stick around on their servers, they’ll turn up in the next breach bulletin;Credentials: stolen API keys and weak passwords keep attackers…
-
Apollo MCP Server: Bridging AI Agents and GraphQL APIs
Discover Apollo GraphQL’s MCP Server, the gateway to seamless AI integration with existing APIs. Enhance your development process today! First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/apollo-mcp-server-bridging-ai-agents-and-graphql-apis/
-
Your Mobile Apps May Not Be as Secure as You Think”¦ FireTail Blog
Tags: access, ai, android, api, authentication, banking, best-practice, cloud, control, cyber, cybersecurity, data, encryption, finance, leak, mobile, password, phone, risk, threat, vulnerabilityMay 28, 2025 – Lina Romero – Your Mobile Apps May Not Be as Secure as You Think”¦ Excerpt: Cybersecurity risks are too close for comfort. Recent data from the Global Mobile Threat Report reveals that our mobile phone applications are most likely exposing our data due to insecure practices such as API key hardcoding.…
-
If you use OneDrive to upload files to ChatGPT or Zoom, don’t
Tags: access, api, chatgpt, compliance, corporate, cybersecurity, data, google, governance, least-privilege, microsoft, mitigation, risk, saas, security-incident, service, strategy, threat, toolWeb app vendors aren’t off the hook: This could be bad news for security teams, according to Eric Schwake, director of cybersecurity strategy at Salt Security. “Sensitive secrets required for this access are often stored in an insecure manner by default,” Schwake said. “This situation presents a key API security challenge for security teams, and…
-
What are OAuth Grant Types?
Discover the different OAuth grant types, including authorization code, client credentials, and more. Learn how each type works and when to use them for secure API access. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/what-are-oauth-grant-types/
-
Will AI agent-fueled attacks force CISOs to fast-track passwordless projects?
Tags: access, ai, api, attack, authentication, breach, business, ciso, cloud, credentials, cyber, cybersecurity, data, fido, finance, framework, google, Hardware, identity, login, metric, microsoft, okta, passkey, password, phishing, privacy, risk, risk-management, service, technology, threat, tool, update, zero-trustPasswordless options: In retiring passwords, security leaders will need to consider their options, passkeys, biometrics, and third-party login services, looking for the best technical, usability, and security fit. There are pros and cons for each option, and in many cases CISOs may be guided towards one based on their existing environment.Passkeys, used by Microsoft, Samsung,…
-
Woodpecker: Open-source red teaming for AI, Kubernetes, APIs
Woodpecker is an open-source tool that automates red teaming, making advanced security testing easier and more accessible. It helps teams find and fix security weaknesses in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/28/woodpecker-open-source-red-teaming/
-
New Russian APT group Void Blizzard targets NATO-based orgs after infiltrating Dutch police
Tags: access, api, apt, attack, authentication, blizzard, cloud, credentials, data, defense, detection, edr, email, fido, framework, group, hacker, identity, least-privilege, login, mfa, microsoft, open-source, passkey, password, phishing, qr, risk, russia, siem, spear-phishing, switch, threat, toolSwitch to spear phishing: In recent months the group seems to have pivoted from password spraying to targeted spear phishing attacks that direct users to fake Microsoft Entra login pages using adversary-in-the-middle (AitM) techniques. Such a campaign led to the compromise of 20 NGOs in April.In its campaign against NGOs, Void Blizzard sent emails masquerading…
-
New Self-Spreading Malware Infects Docker Containers to Mine Dero Cryptocurrency
Misconfigured Docker API instances have become the target of a new malware campaign that transforms them into a cryptocurrency mining botnet.The attacks, designed to mine for Dero currency, is notable for its worm-like capabilities to propagate the malware to other exposed Docker instances and rope them into an ever-growing horde of mining bots.Kaspersky said it…
-
AI, Quantum and the Evolving Threat Landscape: Key Findings from the Thales 2025 Data Threat Report
Tags: ai, api, attack, authentication, awareness, breach, cloud, compliance, computing, control, crypto, cryptography, data, encryption, guide, malicious, malware, mfa, nist, passkey, phishing, privacy, programming, ransomware, regulation, risk, software, strategy, threat, tool, vulnerabilityAI, Quantum and the Evolving Threat Landscape: Key Findings from the Thales 2025 Data Threat Report madhav Tue, 05/27/2025 – 04:40 The Thales 2025 Data Threat Report reveals a critical inflection point in global cybersecurity. As the threat landscape grows more complex and hostile, the rapid adoption of generative AI is amplifying both opportunity and…
-
Unlocking the Gates: REST API Authentication Methods for Modern Security
From Basic Auth’s simplicity to OAuth 2.0’s delegated muscle, this quick-read unpacks the strengths, gaps, and best-fit use cases of the four core REST API authentication methods”, so you pick security that scales, not slows. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/unlocking-the-gates-rest-api-authentication-methods-for-modern-security/
-
»manage it« TechTalk: Wie sich API-Endpunkte schützen lassen
Auf der Sicherheitsveranstaltung von Heise namens secIT haben wir mit Markus Hennig, Distributed Cloud Evangelist bei F5, dieses Videointerview geführt. Darin wollten wir wissen, wie sich API-Endpunkte mithilfe des 360-Grad-Prinzips schützen lassen. Die Antwort dazu liefert er in knapp 90 Sekunden. First seen on ap-verlag.de Jump to article: ap-verlag.de/manage-it-techtalk-wie-sich-api-endpunkte-schuetzen-lassen/96070/
-
StackHawk Secures $12M to Tackle API Security Challenges in AI-Driven Development
First seen on scworld.com Jump to article: www.scworld.com/news/stackhawk-secures-12m-to-tackle-api-security-challenges-in-ai-driven-development
-
Hacker bietet 1,2 Milliarden Facebook-Nutzerdaten im Darknet ist es ein Fake?
Gab es ein neues Datenleck bei Meta-Tochter Facebook? Ein Hacker behauptet 1,2 Milliarden Facebook-Nutzerdaten über eine API abgezogen zu haben und bietet diese im Darknet zum Kauf an. Es gibt aber Zweifel, ob diese Daten neu sind. Meta meint dazu, … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/05/23/hacker-bietet-12-milliarden-facebook-nutzerdaten-im-darknet-ist-es-ein-fake/
-
Neue Malware-Kampagne zielt auf offene Docker-Umgebungen
Eine neu entdeckte Cyberkampagne nutzt schwach gesicherte Docker-APIs als Einfallstor in containerisierte Infrastrukturen. Mit raffiniert getarnten Malware-Komponenten übernehmen die Angreifer Containerumgebungen, schürfen Kryptowährungen und nutzen kompromittierte Systeme als Sprungbrett für weitere Attacken. Die potenzielle Ausbreitung ist enorm. First seen on itsicherheit-online.com Jump to article: www.itsicherheit-online.com/news/cybersecurity/neue-malware-kampagne-zielt-auf-offene-docker-umgebungen/
-
Fortinet Zero-Day Under Attack: PoC Now Publicly Available
Tags: advisory, api, attack, cve, cyber, flaw, fortinet, remote-code-execution, vulnerability, zero-dayFortiGuard Labs released an urgent advisory detailing a critical vulnerability, CVE-2025-32756, affecting several Fortinet products, including FortiCamera, FortiMail, FortiNDR, FortiRecorder, and FortiVoice. The vulnerability is a stack-based buffer overflow located within the administrative API, specifically in the handling of session cookies. This flaw allows for unauthenticated remote code execution, making it a prime target for…