Collecting Cyber-News from over 60 sources

Tag: api

Will AI agent-fueled attacks force CISOs to fast-track passwordless projects?

May 28, 2025 8:54 AM

Tags: access, ai, api, attack, authentication, breach, business, ciso, cloud, credentials, cyber, cybersecurity, data, fido, finance, framework, google, Hardware, identity, login, metric, microsoft, okta, passkey, password, phishing, privacy, risk, risk-management, service, technology, threat, tool, update, zero-trust

Passwordless options: In retiring passwords, security leaders will need to consider their options, passkeys, biometrics, and third-party login services, looking for the best technical, usability, and security fit. There are pros and cons for each option, and in many cases CISOs may be guided towards one based on their existing environment.Passkeys, used by Microsoft, Samsung,…
Woodpecker: Open-source red teaming for AI, Kubernetes, APIs

May 28, 2025 7:54 AM

Tags: ai, api, kubernetes, open-source, RedTeam, tool

Woodpecker is an open-source tool that automates red teaming, making advanced security testing easier and more accessible. It helps teams find and fix security weaknesses in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/28/woodpecker-open-source-red-teaming/
New Russian APT group Void Blizzard targets NATO-based orgs after infiltrating Dutch police

May 28, 2025 1:55 AM

Tags: access, api, apt, attack, authentication, blizzard, cloud, credentials, data, defense, detection, edr, email, fido, framework, group, hacker, identity, least-privilege, login, mfa, microsoft, open-source, passkey, password, phishing, qr, risk, russia, siem, spear-phishing, switch, threat, tool

Switch to spear phishing: In recent months the group seems to have pivoted from password spraying to targeted spear phishing attacks that direct users to fake Microsoft Entra login pages using adversary-in-the-middle (AitM) techniques. Such a campaign led to the compromise of 20 NGOs in April.In its campaign against NGOs, Void Blizzard sent emails masquerading…
New Self-Spreading Malware Infects Docker Containers to Mine Dero Cryptocurrency

May 27, 2025 7:54 PM

Tags: api, attack, container, crypto, data-breach, docker, malware, threat, worm

Misconfigured Docker API instances have become the target of a new malware campaign that transforms them into a cryptocurrency mining botnet.The attacks, designed to mine for Dero currency, is notable for its worm-like capabilities to propagate the malware to other exposed Docker instances and rope them into an ever-growing horde of mining bots.Kaspersky said it…
AI, Quantum and the Evolving Threat Landscape: Key Findings from the Thales 2025 Data Threat Report

May 27, 2025 1:54 PM

Tags: ai, api, attack, authentication, awareness, breach, cloud, compliance, computing, control, crypto, cryptography, data, encryption, guide, malicious, malware, mfa, nist, passkey, phishing, privacy, programming, ransomware, regulation, risk, software, strategy, threat, tool, vulnerability

AI, Quantum and the Evolving Threat Landscape: Key Findings from the Thales 2025 Data Threat Report madhav Tue, 05/27/2025 – 04:40 The Thales 2025 Data Threat Report reveals a critical inflection point in global cybersecurity. As the threat landscape grows more complex and hostile, the rapid adoption of generative AI is amplifying both opportunity and…
Unlocking the Gates: REST API Authentication Methods for Modern Security

May 27, 2025 5:54 AM

Tags: api, authentication

From Basic Auth’s simplicity to OAuth 2.0’s delegated muscle, this quick-read unpacks the strengths, gaps, and best-fit use cases of the four core REST API authentication methods”, so you pick security that scales, not slows. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/unlocking-the-gates-rest-api-authentication-methods-for-modern-security/
Sieben gängige Wege, ein Smartphone zu hacken

May 26, 2025 6:54 AM

Tags: access, ai, android, api, apple, ceo, cyberattack, exploit, google, hacker, hacking, Hardware, infrastructure, iphone, mail, malware, mobile, phishing, privacy, smishing, social-engineering, spyware, tool, update, usa, vpn, vulnerability, wifi, zero-day

Angriffsvektoren gibt es etliche, doch wenn der Mensch aufpasst, lassen sich viele neutralisieren.Mobiltelefone gelten gemeinhin zwar als sicherer als PCs, sind aber dennoch anfällig für Angriffe insbesondere durch Social Engineering und andere Hacking-Methoden. Die sieben am weitesten verbreiteten Wege, ein Smartphone zu hacken, sind dabei:Zero-Click-SpywareSocial EngineeringMalvertisingSmishingGefälschte AppsPretextingPhysischer Zugriff Die gefährlichsten und raffiniertesten Angriffe auf Smartphones…
»manage it« TechTalk: Wie sich API-Endpunkte schützen lassen

May 24, 2025 4:55 PM

Tags: api, cloud

Auf der Sicherheitsveranstaltung von Heise namens secIT haben wir mit Markus Hennig, Distributed Cloud Evangelist bei F5, dieses Videointerview geführt. Darin wollten wir wissen, wie sich API-Endpunkte mithilfe des 360-Grad-Prinzips schützen lassen. Die Antwort dazu liefert er in knapp 90 Sekunden. First seen on ap-verlag.de Jump to article: ap-verlag.de/manage-it-techtalk-wie-sich-api-endpunkte-schuetzen-lassen/96070/
Cybersecurity Snapshot: AI Data Security Best Practices Released, While New Framework Seeks To Help IT Pros Gain Cyber Skills

May 23, 2025 11:55 PM

Tags: access, advisory, ai, api, attack, authentication, awareness, best-practice, breach, cctv, cisa, cloud, computer, control, credentials, crypto, cyber, cybercrime, cybersecurity, data, detection, email, espionage, exploit, finance, framework, germany, group, Hardware, infrastructure, injection, intelligence, iot, kev, law, linux, malware, metric, mfa, military, mitigation, network, nist, open-source, organized, passkey, password, phishing, risk, russia, skills, software, sql, tactics, technology, tool, training, ukraine, unauthorized, update, vpn, vulnerability, wifi, zero-trust

Check out expert recommendations for protecting your AI system data. Plus, boost your IT department’s cybersecurity skills with a new interactive framework. In addition, learn about a malware campaign targeting critical infrastructure orgs. And get the latest on Russian cyber espionage and on a NIST effort to enhance vulnerability prioritization. Dive into five things that…
StackHawk Secures $12M to Tackle API Security Challenges in AI-Driven Development

May 23, 2025 10:55 PM

Tags: ai, api

First seen on scworld.com Jump to article: www.scworld.com/news/stackhawk-secures-12m-to-tackle-api-security-challenges-in-ai-driven-development
Hacker bietet 1,2 Milliarden Facebook-Nutzerdaten im Darknet ist es ein Fake?

May 23, 2025 6:55 PM

Tags: api, dark-web, data-breach, hacker

Gab es ein neues Datenleck bei Meta-Tochter Facebook? Ein Hacker behauptet 1,2 Milliarden Facebook-Nutzerdaten über eine API abgezogen zu haben und bietet diese im Darknet zum Kauf an. Es gibt aber Zweifel, ob diese Daten neu sind. Meta meint dazu, … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/05/23/hacker-bietet-12-milliarden-facebook-nutzerdaten-im-darknet-ist-es-ein-fake/
Neue Malware-Kampagne zielt auf offene Docker-Umgebungen

May 23, 2025 10:54 AM

Tags: api, docker, malware

Eine neu entdeckte Cyberkampagne nutzt schwach gesicherte Docker-APIs als Einfallstor in containerisierte Infrastrukturen. Mit raffiniert getarnten Malware-Komponenten übernehmen die Angreifer Containerumgebungen, schürfen Kryptowährungen und nutzen kompromittierte Systeme als Sprungbrett für weitere Attacken. Die potenzielle Ausbreitung ist enorm. First seen on itsicherheit-online.com Jump to article: www.itsicherheit-online.com/news/cybersecurity/neue-malware-kampagne-zielt-auf-offene-docker-umgebungen/
Fortinet Zero-Day Under Attack: PoC Now Publicly Available

May 23, 2025 9:55 AM

Tags: advisory, api, attack, cve, cyber, flaw, fortinet, remote-code-execution, vulnerability, zero-day

FortiGuard Labs released an urgent advisory detailing a critical vulnerability, CVE-2025-32756, affecting several Fortinet products, including FortiCamera, FortiMail, FortiNDR, FortiRecorder, and FortiVoice. The vulnerability is a stack-based buffer overflow located within the administrative API, specifically in the handling of session cookies. This flaw allows for unauthenticated remote code execution, making it a prime target for…
Getarnte Krypto-Miner kapern Docker-Container

May 23, 2025 5:54 AM

Tags: api, container, crypto, docker, malware, vulnerability

Eine neue, raffiniert angelegte Cyberkampagne nutzt Schwachstellen in öffentlich erreichbaren Docker-APIs aus. Ziel ist es, Container-Umgebungen mit Krypto-Mining-Malware zu infizieren und das mit hohem Automatisierungsgrad. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/krypto-miner-docker
Russian APT28 compromised Western logistics and IT firms to track aid to Ukraine

May 23, 2025 5:54 AM

Tags: access, advisory, api, authentication, cctv, cloud, computer, container, credentials, cve, cybersecurity, data, detection, email, exploit, flaw, government, hacker, identity, infrastructure, Internet, login, malicious, malware, mfa, military, network, ntlm, office, open-source, password, phishing, powershell, russia, service, software, threat, tool, ukraine, vulnerability

Credential guessing and spearphishing: The attackers used brute-force credential guessing techniques, also known as password spraying, to gain initial access to accounts. This was complemented with targeted phishing emails that directed recipients to fake login pages for government entities or Western cloud email providers. These phishing pages were stored on free web hosting services or…
Cybercriminals Using Trusted Google Domains to Spread Malicious Code

May 22, 2025 5:54 PM

Tags: api, cyber, cybercrime, exploit, google, malicious, malware, phishing

A sophisticated new malvertising scheme has emerged, transforming trusted e-commerce websites into phishing traps without the knowledge of site owners or advertisers. Cybercriminals are exploiting integrations with Google APIs, specifically through JSONP (JSON with Padding) calls, to inject malicious scripts into legitimate online stores. These scripts operate covertly, redirecting unsuspecting shoppers to fraudulent payment pages…
Attackers Abuse TikTok and Instagram APIs

May 22, 2025 4:55 PM

Tags: api, exploit, LLM, malicious, tool

It must be the season for API security incidents. Hot on the heels of a developer leaking an API key for private Tesla and SpaceX LLMs, researchers have now discovered a set of tools for validating account information via API abuse, leveraging undocumented TikTok and Instagram APIs. The tools, and assumed exploitation, involve malicious Python…
Prompt injection flaws in GitLab Duo highlights risks in AI assistants

May 22, 2025 12:55 PM

Tags: access, ai, api, control, flaw, gitlab, injection, leak, LLM, malicious, risk, unauthorized

AI prompt injection leads to HTML injection: Duo sends responses to users in a chatbot HTML-based interface that uses the Markdown language to format text. The researchers observed that its answers were rendered progressively as they streamed in from the backend LLM and that gave them the idea that if they managed to inject HTML…
Securing Open Banking: How Fintechs Can Defend Against Automated Fraud API Abuse

May 22, 2025 12:54 AM

Tags: api, banking, credentials, fintech, fraud, threat

Open Banking is accelerating innovation, and fraud”, with API abuse, credential stuffing, and fake account creation now among the top threats fintechs must defend against in real time. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/securing-open-banking-how-fintechs-can-defend-against-automated-fraud-api-abuse/
Threat Actor Selling 1.2 Billion Facebook Records, But Details Don’t Add Up

May 21, 2025 11:54 PM

Tags: api, data, identity, threat

Threat actor ‘ByteBreaker’ claims to sell 1.2B Facebook records scraped via API abuse, but inconsistencies in data size and identity raise doubts. First seen on hackread.com Jump to article: hackread.com/threat-actor-selling-1-2-billion-facebook-records/
TikTok, Instagram APIs exploited by PyPI packages for account validation

May 21, 2025 10:54 PM

Tags: api, exploit, pypi

First seen on scworld.com Jump to article: www.scworld.com/brief/tiktok-instagram-apis-exploited-by-pypi-packages-for-account-validation
Docker Zombie Malware Infects Containers for Crypto Mining and Self-Replication

May 21, 2025 7:54 PM

Tags: api, attack, container, crypto, cyber, cybersecurity, data-breach, docker, exploit, infrastructure, kaspersky, malicious, malware

A novel malware campaign targeting containerized infrastructures has emerged, exploiting insecurely exposed Docker APIs to spread malicious containers and mine Dero cryptocurrency. Dubbed a “Docker zombie outbreak” by cybersecurity researchers at Kaspersky, this attack leverages a self-replicating propagation mechanism to transform compromised containers into “zombies” that mine cryptocurrency and infect new victims. The campaign, detected…
Ransomware-Bande BlackBasta hat neuen Malware-Favoriten

May 21, 2025 3:55 PM

Tags: api, dns, encryption, malware, powershell, ransomware, rust, tool

Modularität für verschiedene Zwecke: Die Malware Skitnet verfügt über separate Plug-ins umAnmeldeinformationen zu sammeln,Berechtigungen auszuweiten,sich im Netzwerk lateral zu bewegen undRansomware bereitzustellen.Sie nutzt die Programmiersprachen Rust und Nim, um eine verdeckte Reverse Shell über das DNS-Protokoll zu realisieren. Dadurch ist eine unauffällige C2-Kommunikation möglich.Zusätzlich verwendet Skitnet Verschlüsselung, manuelles Mapping und dynamische API-Auflösung, um nicht entdeckt…
Hacker-Attacke auf Kosten von Kling-AI Gefälschte Facebook-Auftritte verbreiten Remote-Access-Trojaner

May 21, 2025 3:55 PM

Tags: access, ai, api, hacker, software, tool

Sicherheitsforscher von Check Point Software Technologies deckten Anfang 2025 einen großangelegten Datenklau auf. Das weltweit erste breit nutzbare DiT-Video-Generation-Tool Kling-AI verzeichnet seit April 2025 rund 22 Millionen Nutzer global und über 15 000 Entwickler sowie Geschäftskunden, die bereits die Kling-API in verschiedene Unternehmensbereiche eingebunden haben. Check Point stieß auf gefälschte Facebook-Werbung und -Auftritte für das…
Trust becomes an attack vector in the new campaign using trojanized KeePass

May 21, 2025 2:54 PM

Tags: access, api, attack, authentication, backup, breach, ceo, control, credentials, defense, edr, identity, open-source, password, ransomware, risk, service, software, veeam, vmware, zero-trust

Identity is the new perimeter: Once KeeLoader stole vault credentials-often including domain admin, vSphere, and backup service accountattackers moved fast. Using SSH, RDP, and SMB protocols, they quietly seized control of jump servers, escalated privileges, disabled multifactor authentication, and pushed ransomware payloads directly to VMware ESXi hypervisors.Jason Soroko of Sectigo called it a “textbook identity…
Salt Security deepens API integration with Wiz

May 20, 2025 10:54 PM

Tags: api

First seen on scworld.com Jump to article: www.scworld.com/brief/salt-security-deepens-api-integration-with-wiz
Scripting Outside the Box: API Client Security Risks (2/2)

May 20, 2025 5:54 PM

Tags: api, risk

Continuing on API client security, we cover more sandbox bypasses, this time in Bruno and Hoppscotch, as well as JavaScript sandboxing best practices. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/scripting-outside-the-box-api-client-security-risks-2-2/
Schädliche PyPI-Pakete missbrauchen Instagram- und TikTok-APIs

May 20, 2025 4:54 PM

Tags: api, cybersecurity, mail, pypi, tool

Cybersecurity-Forscher haben mehrere bösartige Python-Pakete entdeckt, die gezielt auf gestohlene E-Mail-Adressen angesetzt wurden. Die Tools nutzten offizielle Programmierschnittstellen (APIs) von TikTok und Instagram, um zu prüfen, ob bestimmte E-Mail-Adressen mit Nutzerkonten verknüpft sind. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/pypi-instagram-tiktok-apis
8 KI-Sicherheitsrisiken, die Unternehmen übersehen

May 20, 2025 4:54 PM

Tags: access, ai, api, application-security, authentication, cisco, ciso, compliance, cyber, cyberattack, cybersecurity, data, data-breach, framework, governance, hacker, injection, LLM, RedTeam, risk, risk-management, security-incident, software, threat, tool, vulnerability

In ihrem Wettlauf um Produktivitätssteigerungen durch generative KI übersehen die meisten Unternehmen die damit verbundenen Sicherheitsrisiken.Laut einer Studie des Weltwirtschaftsforums, die in Zusammenarbeit mit Accenture durchgeführt wurde, versäumen es 63 Prozent der Unternehmen, die Sicherheit von KI-Tools vor deren Einsatz zu überprüfen. Dadurch gehen sie eine Reihe von Risiken für ihr Unternehmen ein.Dies gilt sowohl…
Hackers Abuse TikTok and Instagram APIs to Verify Stolen Account Credentials

May 20, 2025 4:54 PM

Tags: api, breach, credentials, cyber, cybercrime, email, exploit, hacker, malicious, tool

Cybercriminals are leveraging the Python Package Index (PyPI) to distribute malicious tools designed to exploit TikTok and Instagram APIs for verifying stolen account credentials. Security researchers at Socket have identified three such packages checker-SaGaF, steinlurks, and sinnercore that automate the process of validating emails and usernames against social media platforms. Released between April 2023 and…