Unite.AI

David Mytton, CEO of Arcjet – Interview Series

David Mytton, founder and CEO of Arcjet, leads the developer-focused security startup that helps teams embed robust protections like bot detection, rate limiting, email validation, attack mitigation, ...

Why Agentic AI Isn’t Possible Without Secure APIs

As a result, AI can no longer be viewed merely as a tool. It has become an active participant in the software supply chain, ...
The Register on MSN

Poisoned WhatsApp API package steals messages and accounts

And it's especially dangerous because the code works A malicious npm package with more than 56,000 downloads masquerades as a working WhatsApp Web API library, and then it steals messages, harvests ...

Apiiro Launches AI-SAST That Detects, Validates and Fixes Code Vulnerabilities with Software Architectural Context from Code-to-Runtime

By combining application security testing (AST) scanning, Large Language Model (LLM) reasoning, and Apiiro's patented Deep Code Analysis (DCA), Apiiro AI SAST cuts through noisy alerts to detect and ...
Dataquest

OpenAI API user data exposed in Mixpanel security breach

OpenAI has confirmed a security incident involving Mixpanel, a third-party web analytics provider it used for its API product frontend. The incident, which was a breach of Mixpanel's systems and not ...
moneycontrol.com

OpenAI discloses Mixpanel 'security incident'; says no API data or credentials exposed

OpenAI has alerted customers to a security incident involving Mixpanel, a third-party analytics provider the artificial intelligence company previously used to track web analytics on its API platform ...
Microsoft

SesameOp: Novel backdoor uses OpenAI Assistants API for command and control

Microsoft Incident Response – Detection and Response Team (DART) researchers uncovered a new backdoor that is notable for its novel use of the OpenAI Assistants Application Programming Interface (API) ...
IEEE

A Review on API Security Risk and Vulnerability Assessment

Abstract: Numerous previous security breaches have highlighted the importance of strong cybersecurity practices, particularly in the areas of vulnerability assessment and API security. Incidents such ...
Bleeping Computer

New EDR-Freeze tool uses Windows WER to suspend security software

The technique eliminates the need of a vulnerable driver and puts security agents like endpoint detection and response (EDR) tools into a state of hibernation. By using the WER framework together with ...
Bleeping Computer

Free Autoswagger Tool Finds the API Flaws Attackers Hope You Miss

APIs are the backbone of modern applications - and one of the most exposed parts of an organization’s infrastructure. This makes them a prime target for attackers. One of the highest-profile examples ...
Cyber Defense Magazine

Breaking Down the Application Programming Interface (API) Security Lifecycle

APIs are the heartbeat behind nearly all of our digital interactions. From checking the weather, using Uber, or asking Alexa to turn the lights on in our personal lives to e-commerce integrations, ...
Executive Gov

NIST Publishes New Guideline on Securing APIs for Enterprise IT Systems

The National Institute of Standards and Technology has published a new special publication, titled “Guidelines for API Protection for Cloud-Native Systems.” SP 800-228, authored by NIST’s Ramaswamy ...