Tag: api
-
TOR-Based Cryptojacking Attack Expands Through Misconfigured Docker APIs
Cybersecurity researchers have discovered a variant of a recently disclosed campaign that abuses the TOR network for cryptojacking attacks targeting exposed Docker APIs.Akamai, which discovered the latest activity last month, said it’s designed to block other actors from accessing the Docker API from the internet.The findings build on a prior report from Trend Micro in…
-
New Malware Exploits Exposed Docker APIs to Gain Persistent Root SSH Access
The Akamai Hunt Team has uncovered a new strain of malware that targets exposed Docker APIs with expanded infection capabilities. First observed in August 2025 within Akamai’s honeypot infrastructure, this variant diverges from the June 2025 Trend Micro report by blocking other attackers from accessing the Docker API and delivering a modular payload rather than…
-
Argo CD Security Flaw Rated 9.8 Leaves GitOps Repositories Exposed
Tags: api, cloud, credentials, cve, cvss, data-breach, flaw, kubernetes, open-source, password, tool, vulnerabilityA security flaw in Argo CD, the popular open-source GitOps tool for Kubernetes, has been targeted at the DevOps and cloud-native communities. Tracked as CVE-2025-55190, the vulnerability has been rated critical with a CVSS score of 9.8 out of 10, as it allows attackers to retrieve sensitive repository credentials, including usernames and passwords, through a…
-
Critical Argo CD API Flaw Exposes Repository Credentials to Attackers
A major security flaw has been discovered in Argo CD, a popular open-source tool used for Kubernetes GitOps deployments. The vulnerability allows project-level API tokens to expose sensitive repository credentials, such as usernames and passwords, to attackers. The issue has been classified as critical with a CVSS score of 9.8/10 and is tracked asCVE-2025-55190. The…
-
MeetC2 A serverless C2 framework that leverages Google Calendar APIs as a communication channel
MeetC2 is a PoC C2 tool using Google Calendar to mimic cloud abuse, helping teams test detection, logging, and response. Background:Modern adversaries increasingly hide command-and-control (C2) traffic inside cloud services. We built this proof of concept (PoC) to study and demonstrate those techniques in a controlled way, emulating those tactics so red and blue teams…
-
Max severity Argo CD API flaw leaks repository credentials
An Argo CD vulnerability allows API tokens with even low project-level get permissions to access API endpoints and retrieve all repository credentials associated with the project. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/max-severity-argo-cd-api-flaw-leaks-repository-credentials/
-
10 Best Attack Surface Management (ASM) Companies in 2025
Attack Surface Management (ASM) is a proactive cybersecurity discipline that helps organizations identify, analyze, and remediate all of their internet-facing assets and potential vulnerabilities. It goes beyond traditional vulnerability scanning to find and continuously monitor unknown or unmanaged assets, such as rogue cloud instances, misconfigured APIs, and shadow IT, that attackers use as entry points.…
-
Hackers Exploit Google Calendar API with Serverless MeetC2 Framework
A novel serverless command-and-control (C2) technique that abuses Google Calendar APIs to obscure malicious traffic inside trusted cloud services. Dubbed MeetC2, this lightweight, cross-platform proof-of-concept demonstrates how adversaries can seamlessly blend C2 communications into everyday SaaS usage, presenting fresh detection, telemetry, and response challenges for red and blue teams alike. In a recent internal purple-team…
-
SHARED INTEL QA: Inside the mind of a hacker, shadowing adversaries across API pathways
In today’s digital economy, business starts with the application. Increasingly, the critical activity lives in the APIs that support it. Related: The hidden cost of API security laspses For Jamison Utter, Field CISO at A10 Networks, this moment marks… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/shared-intel-qa-inside-the-mind-of-a-hacker-shadowing-adversaries-across-api-pathways/
-
Reflecting on Wallarm’s Journey: Growth, Resilience, and What Comes Next
By Ivan Novikov and Stepan Ilyin When we started Wallarm, we focused on the APIs that power modern apps. We built an API-first platform, used AI from day one, and secured early patents in behavior-based detection and automated policy creation. The result: real-time, inline blocking with automatic API discovery that protects production, not just dashboards.…
-
The Full Lifecycle Imperative: Why >>Shift Left<>Shift Right<<
Tags: access, ai, api, attack, authentication, automation, business, cloud, compliance, data, detection, framework, governance, HIPAA, mitre, nist, PCI, risk, siem, strategy, threat, tool, vulnerability, wafIn this series, we examined the vital connection between AI and APIs, highlighting what makes a leader in the API security market through the 2025 KuppingerCole Leadership Compass. Now, we turn to the core strategy of true API security: the full-lifecycle approach, where security is a continuous, integrated process rather than a single action. The…
-
Empire Red Teaming Tool Updated With Enhanced Agents and API Support
The BC-SECURITY team has released a major update to its flagship offensive security framework,Empire, introducing enhanced agent capabilities and comprehensive API support designed to streamline post-exploitation operations and adversary emulation for Red Teams and penetration testers worldwide. Enhanced Features Drive Advanced Operations Empire’s latest iteration showcases aserver/client architectureengineered for multiplayer support, enabling distributed teams to…
-
Stealthy Python Malware Uses Discord to Steal Windows Data
Inf0s3c Stealer, a stealthy Python-based grabber built to harvest system information and user data from Windows hosts. Packed as a 64-bit PE file compressed with UPX and bundled via PyInstaller, the executable imports a suite of Windows API functions to enumerate processes, navigate directories, manipulate memory, and manage security settings. Once executed, it methodically collects…
-
Stealthy Python Malware Uses Discord to Steal Windows Data
Inf0s3c Stealer, a stealthy Python-based grabber built to harvest system information and user data from Windows hosts. Packed as a 64-bit PE file compressed with UPX and bundled via PyInstaller, the executable imports a suite of Windows API functions to enumerate processes, navigate directories, manipulate memory, and manage security settings. Once executed, it methodically collects…
-
Top 10 Best API Penetration Companies In 2025
Securing APIs is a critical cybersecurity challenge in 2025 as they are the backbone of modern applications and a prime target for attackers. API penetration testing is no longer an optional check; it’s a necessity for finding business logic flaws, authorization bypasses, and other complex vulnerabilities that automated tools can’t detect. The best companies in…
-
Automatic Secrets Redaction at Runtime: Building a GitGuardian Lambda Extension
Tags: apiI’m going to show you how to build a Lambda Runtime API extension that automatically scans and redacts sensitive information from your function responses, without touching a single line of your existing function code. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/automatic-secrets-redaction-at-runtime-building-a-gitguardian-lambda-extension/
-
Automatic Secrets Redaction at Runtime: Building a GitGuardian Lambda Extension
Tags: apiI’m going to show you how to build a Lambda Runtime API extension that automatically scans and redacts sensitive information from your function responses, without touching a single line of your existing function code. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/automatic-secrets-redaction-at-runtime-building-a-gitguardian-lambda-extension/
-
NSFOCUS Recognized by Gartner® “Hype Cycle for APIs, 2025” for API Threat Protection
Recently, Gartner released “Hype Cycle for APIs, 2025”, NSFOCUS was selected as a Representative vendor in API Threat Protection of Hype Cycle with its cloud-native API security solution. We believe, this recognition reflects NSFOCUS’s comprehensive strength in API security technology innovation research, and continuous accumulation and achievements in API security protection practices in cloud-native environments. With…The…
-
NSFOCUS Recognized by Gartner® “Hype Cycle for APIs, 2025” for API Threat Protection
Recently, Gartner released “Hype Cycle for APIs, 2025”, NSFOCUS was selected as a Representative vendor in API Threat Protection of Hype Cycle with its cloud-native API security solution. We believe, this recognition reflects NSFOCUS’s comprehensive strength in API security technology innovation research, and continuous accumulation and achievements in API security protection practices in cloud-native environments. With…The…
-
Agentic AI: A CISO’s security nightmare in the making?
Tags: access, ai, antivirus, api, attack, automation, ciso, compliance, cybersecurity, data, defense, detection, email, endpoint, exploit, framework, governance, law, leak, malicious, malware, open-source, privacy, risk, service, strategy, supply-chain, tool, vulnerabilityFree agents: Autonomy breeds increased risks: Agentic AI introduces the ability to make independent decisions and act without human oversight. This capability presents its own cybersecurity risk by potentially leaving organizations vulnerable.”Agentic AI systems are goal-driven and capable of making decisions without direct human approval,” Joyce says. “When objectives are poorly scoped or ambiguous, agents…
-
Angriffe auf npm-Lieferkette gefährden Entwicklungsumgebungen
Tags: ai, api, browser, bug, chrome, cloud, computer, control, cyberattack, data-breach, github, malware, software, supply-chain, toolAngriffe auf das NX-Build-System und React-Pakete zeigen, dass die Bedrohungen für Softwareentwicklung in Unternehmen immer größer werden.Ein ausgeklügelter Supply-Chain-Angriff hat das weit verbreitete Entwickler-Tool Nx-Build-System-Paket kompromittiert, das über den Node Package Manager (npm) installiert und verwendet wird. Dadurch wurden zahlreiche Anmeldedaten von Entwicklern offengelegt. Laut einem neuen Bericht des Sicherheitsunternehmens Wiz wurden bei dieser Kampagne…
-
Angriffe auf npm-Lieferkette gefährden Entwicklungsumgebungen
Tags: ai, api, browser, bug, chrome, cloud, computer, control, cyberattack, data-breach, github, malware, software, supply-chain, toolAngriffe auf das NX-Build-System und React-Pakete zeigen, dass die Bedrohungen für Softwareentwicklung in Unternehmen immer größer werden.Ein ausgeklügelter Supply-Chain-Angriff hat das weit verbreitete Entwickler-Tool Nx-Build-System-Paket kompromittiert, das über den Node Package Manager (npm) installiert und verwendet wird. Dadurch wurden zahlreiche Anmeldedaten von Entwicklern offengelegt. Laut einem neuen Bericht des Sicherheitsunternehmens Wiz wurden bei dieser Kampagne…
-
Food Delivery Robots Vulnerable to Hacks That Redirect Orders
A startling vulnerability in Pudu Robotics’ management APIs that allowed anyone with minimal technical skill to seize control of the company’s food delivery and service robots. The vulnerability, which went unaddressed for weeks despite repeated responsible”disclosure attempts, could have enabled malicious actors to redirect BellaBots and other Pudu models to deliver meals to unintended recipients,…
-
Black Hat Fireside Chat: API sprawl turns SMBs into prime targets, simple flaws invite breaches
Cyber attackers don’t always need sophisticated exploits. Too often, they succeed by exploiting the basics. Related: 51 common SMB cyberattacks That’s the warning from Chris Wallis, founder and CEO of London-based Intruder, who sat down with Last Watchdog“¦ (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/black-hat-fireside-chat-api-sprawl-turns-smbs-into-prime-targets-simple-flaws-invite-breaches/