Collecting Cyber-News from over 60 sources

Tag: api

Improving Cost Efficiency with Karpenter 1.0: An Upgrade Guide

Jun 4, 2025 7:55 AM

Tags: api, guide, infrastructure, kubernetes
Discover First, Defend Fully: The Essential First Step on Your API Security Journey

Jun 4, 2025 5:57 AM

Tags: api, cloud, waf

APIs power today’s digital economy, but their lightning-fast evolution and astronomical call volumes can leave security teams scrambling to keep up. How can you secure what you can’t yet see or quantify? Imperva’s Unlimited Discovery-Only capability for the Cloud WAF (CWAF) add-On delivers continuous, comprehensive visibility into your entire API landscape without requiring up-front commitment……
Salt Security Introduces Instant API Security Deployment with Complete Environment Visibility

Jun 3, 2025 9:55 PM

Tags: api

First seen on scworld.com Jump to article: www.scworld.com/news/salt-security-introduces-instant-api-security-deployment-with-complete-environment-visibility
Malicious RubyGems pose as Fastlane to steal Telegram API data

Jun 3, 2025 6:54 PM

Tags: api, data, malicious

Two malicious RubyGems packages posing as popular Fastlane CI/CD plugins redirect Telegram API requests to attacker-controlled servers to intercept and steal data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/malicious-rubygems-pose-as-fastlane-to-steal-telegram-api-data/
What Tackling the SaaS Security Problem Means to Me

Jun 3, 2025 6:54 PM

Tags: access, ai, api, attack, authentication, breach, business, ceo, ciso, cloud, control, credentials, crypto, data, data-breach, detection, exploit, google, identity, incident response, infrastructure, jobs, lessons-learned, login, mfa, microsoft, ml, mssp, saas, siem, threat, tool, zero-day

By Kevin Hanes, CEO of Reveal Security When I reflect on the years I spent leading one of the world’s largest Security Operations Centers (SOCs) and incident response teams, the lessons learned aren’t just war stories”¦they’re a playbook for how we should rethink our responsibilities in the face of today’s fast-evolving attack surfaces. Back then,…
The high cost of misconfigured DevOps tools: Global cryptojacking hits enterprises

Jun 3, 2025 4:54 PM

Tags: access, api, attack, authentication, cloud, control, data-breach, docker, exploit, flaw, infrastructure, Internet, jobs, least-privilege, malware, open-source, service, software, tactics, threat, tool, unauthorized

Lockdown of DevOps exposure: Wiz urges organizations to lock down exposed DevOps infrastructure by following established best practices. For Nomad, enforcing access control lists (ACLs) would have blocked the unauthenticated job executions used in this campaign. Public Gitea instances should be fully patched, with git hooks disabled and the installation locked unless absolutely needed.In Consul,…
The high cost of misconfigured DevOps: Global cryptojacking hits enterprises

Jun 3, 2025 12:55 PM

Tags: access, api, attack, authentication, cloud, control, data-breach, docker, exploit, flaw, infrastructure, Internet, jobs, least-privilege, malware, open-source, service, software, tactics, threat, tool, unauthorized

Lockdown of DevOps exposure: Wiz urges organizations to lock down exposed DevOps infrastructure by following established best practices. For Nomad, enforcing access control lists (ACLs) would have blocked the unauthenticated job executions used in this campaign. Public Gitea instances should be fully patched, with git hooks disabled and the installation locked unless absolutely needed.In Consul,…
API Security: The Importance of Vulnerability Assessment and Penetration Testing (VAPT)

Jun 2, 2025 8:54 PM

Tags: api, penetration-testing, vulnerability

First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/api-security-the-importance-of-vulnerability-assessment-and-penetration-testing-vapt
Stealth Syscall Technique Allows Hackers to Evade Event Tracing and EDR Detection

Jun 2, 2025 8:54 PM

Tags: api, cyber, detection, edr, endpoint, hacker, infrastructure, monitoring, threat, windows

Advanced threat actors have developed sophisticated stealth syscall execution techniques that successfully bypass modern security infrastructure, including Event Tracing for Windows (ETW), Sysmon monitoring, and Endpoint Detection and Response (EDR) systems. These techniques combine multiple evasion methods such as call stack spoofing, ETW API hooking, and encrypted syscall execution to render traditional detection mechanisms ineffective,…
Cryptojacking Campaign Exploits DevOps APIs Using OffShelf Tools from GitHub

Jun 2, 2025 6:54 PM

Tags: api, cybersecurity, docker, exploit, github, tool

Cybersecurity researchers have discovered a new cryptojacking campaign that’s targeting publicly accessible DevOps web servers such as those associated with Docker, Gitea, and HashiCorp Consul and Nomad to illicitly mine cryptocurrencies.Cloud security firm Wiz, which is tracking the activity under the name JINX-0132, said the attackers are exploiting a wide range of known misconfigurations and…
Java 25 Launches Stable Values API for Enhanced Immutability

Jun 2, 2025 4:54 PM

Tags: api, startup

The new Stable Values API in JDK 25, enhancing performance with deferred immutability. Learn how it optimizes application startup now! First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/06/java-25-launches-stable-values-api-for-enhanced-immutability/
Over 50,000 Azure AD Users’ Access Tokens Exposed via Unauthenticated API Endpoint

Jun 2, 2025 12:54 PM

Tags: access, api, cyber, data, data-breach, endpoint, microsoft, unauthorized, vulnerability

CloudSEK’s BeVigil platform has uncovered a critical security vulnerability affecting an aviation giant, where an exposed JavaScript file containing an unauthenticated API endpoint led to unauthorized access to Microsoft Graph tokens with elevated privileges. This security lapse resulted in the exposure of sensitive data belonging to more than 50,000 Azure Active Directory users, highlighting significant…
Active Exploits Detected Targeting Critical vBulletin Vulnerability

Jun 2, 2025 11:54 AM

Tags: api, cve, cyber, exploit, flaw, remote-code-execution, software, vulnerability

Two critical vulnerabilities”, CVE-2025-48827 and CVE-2025-48828″, have been assigned to vBulletin, the widely used PHP/MySQL forum software, following public disclosure and observed exploitation in the wild. The flaws, affecting vBulletin versions 5.0.0 through 6.0.3, enable unauthenticated attackers to achieve Remote Code Execution (RCE), putting thousands of online communities at risk. Reflection API Abuse and Template…
Two flaws in vBulletin forum software are under attack

Jun 1, 2025 4:55 PM

Tags: api, attack, cve, exploit, flaw, software, vulnerability

Experts found two vulnerabilities in the vBulletin forum software, one of which is already being exploited in real-world attacks. Two critical vBulletin flaws, tracked as CVE-2025-48827 and CVE-2025-48828, enable API abuse and remote code execution. The experts warn that one of these flaws is actively exploited in the wild. An unauthenticated user could exploit CVE-2025-48827…
The Sequential Kill Chain for AI FireTail Blog

May 31, 2025 1:55 AM

Tags: ai, api, attack, breach, chatgpt, container, cyber, data, exploit, hacker, infrastructure, LLM, mitigation, openai, software, threat, update, vulnerability

May 30, 2025 – Timo Rüppell – The Sequential Kill Chain for AI-Powered Attacks Excerpt: We’ve talked before about Mean Time To Attack, or MTTA, which has grown alarmingly short for new vulnerabilities across the cyber landscape. In this blog, we’ll dive into the “how” and “why” of this”¦ Summary: In our current cyber landscape,…
Evaluating the Security Efficacy of Web Application Firewalls (WAFs)

May 30, 2025 3:55 PM

Tags: api, firewall, malicious, waf

Web Application Firewalls (WAFs) are now a staple in defending web-facing applications and APIs, acting as specialized filters to block malicious traffic before it ever reaches your systems. But simply deploying a WAF isn’t enough, the real challenge is knowing whether it works when it matters most. Not all WAFs are created equal, and a……
Void Blizzard nimmt NATO-Organisationen ins Visier

May 30, 2025 12:55 PM

Tags: access, api, authentication, blizzard, cloud, cyberattack, cyberespionage, edr, fido, framework, governance, government, hacker, intelligence, mail, malware, mfa, microsoft, open-source, passkey, password, phishing, risk, siem, spear-phishing, threat, tool, ukraine

Russische Hacker ändern ihre Taktik von Passwort-Spraying zu Phishing, aber ihre Ziele innerhalb der NATO bleiben gleich.Seit über einem Jahr hat es eine neue Cyberspionage-Gruppe, die mit der russischen Regierung in Verbindung stehen soll, auf Unternehmen aus verschiedenen Branchen innerhalb der NATO abgesehen. Die Gruppe wird von Microsoft Threat Intelligence ‘Void Blizzard” genannt. Die niederländischen…
Safari Flaw Exploited by BitM Attack to Steal User Login Data

May 30, 2025 11:55 AM

Tags: api, attack, credentials, cyber, data, exploit, flaw, login, phishing

A new wave of phishing attacks, known as Fullscreen Browser-in-the-Middle (BitM) attacks, is exploiting browser features to steal user credentials with unprecedented stealth. Unlike traditional phishing, which relies on fake websites and visible clues, BitM attacks leverage remote browser sessions and the Fullscreen API to create convincing overlays that mask all browser interface elements, including…
Poisoned models in fake Alibaba SDKs show challenges of securing AI supply chains

May 30, 2025 12:55 AM

Tags: access, ai, api, attack, china, cloud, computer, credentials, detection, infrastructure, malicious, ml, network, pypi, risk, software, supply-chain, tool

Malicious code in ML models is hard to detect: While Hugging Face hosts models directly, PyPI hosts Python software packages, so detection of poisoned models hidden inside Pickle files hidden inside packages could prove even harder for developers and PyPI’s maintainers, given the extra layer of obfuscation.The attack campaign discovered by ReversingLabs involved three packages:…
Fullscreen BitM Attack Discovered by SquareX Exploits Browser Fullscreen APIs to Steal Credentials in Safari

May 29, 2025 3:55 PM

Tags: access, api, attack, credentials, cyber, exploit, saas, threat, unauthorized

Today, SquareX released new threat research on an advanced Browser-in-the-Middle (BitM) attack targeting Safari users. As highlighted by Mandiant, adversaries have been increasingly using BitM attacks to steal credentials and gain unauthorized access to enterprise SaaS apps. BitM attacks work by using a remote browser to trick victims into interacting with an attacker-controlled browser via a pop-up window…
Fullscreen BitM Attack Discovered by SquareX Exploits Browser Fullscreen APIs to Steal Credentials in Safari

May 29, 2025 3:55 PM

Tags: api, attack, credentials, exploit

PALO ALTO, California, 29th May 2025, CyberNewsWire First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/fullscreen-bitm-attack-discovered-by-squarex-exploits-browser-fullscreen-apis-to-steal-credentials-in-safari/
Most LLMs don’t pass the security sniff test

May 29, 2025 3:55 PM

Tags: ai, api, backdoor, breach, control, data, data-breach, finance, injection, LLM, mfa, network, password

Advice to CSOs: Lee said that CSOs should consider the following before approving any LLM:Training data: figure out where the model got its info. Random web grabs expose your secrets;Prompt history: if your questions stick around on their servers, they’ll turn up in the next breach bulletin;Credentials: stolen API keys and weak passwords keep attackers…
Fullscreen BitM Attack Discovered by SquareX Exploits Browser Fullscreen APIs to Steal Credentials in Safari

May 29, 2025 3:55 PM

Tags: api, attack, credentials, exploit

PALO ALTO, California, 29th May 2025, CyberNewsWire First seen on hackread.com Jump to article: hackread.com/fullscreen-bitm-attack-discovered-by-squarex-exploits-browser-fullscreen-apis-to-steal-credentials-in-safari/
AI Agents and APIs: Understand Complexities Today to Authenticate Tomorrow

May 29, 2025 11:55 AM

Tags: ai, api, authentication

The growth of AI agents puts the need for robust API authentication practices front and center, so today we’re highlighting two AI agent scenarios and how you could deal with their typical authentication challenges. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/ai-agents-and-apis-understand-complexities-today-to-authenticate-tomorrow/
Woodpecker: Red Teaming Tool Targets AI, Kubernetes, and API Vulnerabilities

May 29, 2025 10:55 AM

Tags: ai, api, cyber, cyberattack, hacker, kubernetes, open-source, RedTeam, tool, vulnerability

Operant AI has announced the release of Woodpecker, an open-source automated red teaming engine designed to make advanced security testing accessible to organizations of all sizes. Traditionally, red teaming”, simulated cyberattacks conducted by ethical hackers to uncover vulnerabilities”, has been a privilege reserved for large enterprises with significant security budgets. With Woodpecker, Operant AI aims…
Risk assessment vital when choosing an AI model, say experts

May 29, 2025 5:55 AM

Tags: ai, api, backdoor, breach, control, data, data-breach, finance, injection, LLM, mfa, network, password, risk, risk-assessment

Advice to CSOs: Lee said that CSOs should consider the following before approving any LLM:Training data: figure out where the model got its info. Random web grabs expose your secrets;Prompt history: if your questions stick around on their servers, they’ll turn up in the next breach bulletin;Credentials: stolen API keys and weak passwords keep attackers…
Apollo MCP Server: Bridging AI Agents and GraphQL APIs

May 28, 2025 6:54 PM

Tags: ai, api

Discover Apollo GraphQL’s MCP Server, the gateway to seamless AI integration with existing APIs. Enhance your development process today! First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/apollo-mcp-server-bridging-ai-agents-and-graphql-apis/
Your Mobile Apps May Not Be as Secure as You Think”¦ FireTail Blog

May 28, 2025 6:54 PM

Tags: access, ai, android, api, authentication, banking, best-practice, cloud, control, cyber, cybersecurity, data, encryption, finance, leak, mobile, password, phone, risk, threat, vulnerability

May 28, 2025 – Lina Romero – Your Mobile Apps May Not Be as Secure as You Think”¦ Excerpt: Cybersecurity risks are too close for comfort. Recent data from the Global Mobile Threat Report reveals that our mobile phone applications are most likely exposing our data due to insecure practices such as API key hardcoding.…
If you use OneDrive to upload files to ChatGPT or Zoom, don’t

May 28, 2025 3:55 PM

Tags: access, api, chatgpt, compliance, corporate, cybersecurity, data, google, governance, least-privilege, microsoft, mitigation, risk, saas, security-incident, service, strategy, threat, tool

Web app vendors aren’t off the hook: This could be bad news for security teams, according to Eric Schwake, director of cybersecurity strategy at Salt Security. “Sensitive secrets required for this access are often stored in an insecure manner by default,” Schwake said. “This situation presents a key API security challenge for security teams, and…
What are OAuth Grant Types?

May 28, 2025 2:55 PM

Tags: api, credentials

Discover the different OAuth grant types, including authorization code, client credentials, and more. Learn how each type works and when to use them for secure API access. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/what-are-oauth-grant-types/