Most API vulnerabilities are fast, remote, and easy to exploit. Attackers take full advantage of these attributes.

Leaked API keys are nothing new, but the scale of the problem in front-end code has been largely a mystery - until now. Intruder's research team built a new secrets detection method and scanned 5 ...

New REST API gives developers programmatic access to NIST FIPS 204 post-quantum document authentication — sign any ...

IBM has released security updates to address a critical IBM API Connect vulnerability that could allow remote attackers to bypass authentication controls and gain unauthorized access to affected ...

Rated 9.8 out of 10 in severity, the flaw could allow a remote attacker to gain unauthorized access to applications. IBM is urging customers to quickly patch a critical vulnerability in its API ...

IBM has disclosed details of a critical security flaw in API Connect that could allow attackers to gain remote access to the application. The vulnerability, tracked as CVE-2025-13915, is rated 9.8 out ...

Security experts point out that the hacker group’s infiltration into KT’s network by targeting its femtocells (ultra-small base stations) was possible because KT initially managed the femtocells ...

South Korea’s worst data breach in over a decade raises concerns about poor authentication key management and a potential insider threat. A prolonged lack of management of valid authentication keys ...

OpenAI is notifying some ChatGPT API customers that limited identifying information was exposed following a breach at its third-party analytics provider Mixpanel. Mixpanel offers event analytics that ...

On Monday, Microsoft Detection and Response Team (DART) researchers warned that an OpenAI API was being abused as a backdoor for malware. The researchers concluded that bad actors were using the novel ...