AI Giants Accidentally Leaking Secrets on GitHub

Research by Wiz shows that industry titans, with combined valuations exceeding $400 billion, have left the equivalent of ...
Business Wire

Intruder Introduces Autoswagger: The Free Tool To Expose Hidden API Authorization Flaws

LONDON--(BUSINESS WIRE)--Intruder, a leader in attack surface management, has launched Autoswagger—a free, open-source tool that scans OpenAPI-documented APIs for broken authorization vulnerabilities.

OAuth Device Code Phishing: Azure vs. Google Compared

Azure can yield very powerful tokens while Google limits scopes, reducing the blast radius. Register for Huntress Labs' Live Hack to see live Microsoft 365 attack demos, explore defensive tactics, and ...
Infosecurity-magazine.com

The Growing Threat of Broken Authentication Attacks on APIs

Application programming interfaces (APIs) are integral to the functionality of the internet today. By enabling communications between programs, they make many processes more efficient and convenient, ...
TechCircle

API security: The new frontline in the cyberwar

In today’s hyper-connected world, APIs aren’t just supporting digital experiences, they are the digital experience. From logging in and ...
Threat Post

Attacker Breach ‘Dozens’ of GitHub Repos Using Stolen OAuth Tokens

GitHub shared the timeline of breaches in April 2022, this timeline encompasses the information related to when a threat actor gained access and stole private repositories belonging to dozens of ...
Security Boulevard

When APIs Become Attack Paths: What the Q3 2025 ThreatStats Report Tells Us

Wallarm’s latest Q3 2025 API ThreatStats report reveals that API vulnerabilities, exploits, and breaches are not just increasing; they’re evolving.  Malicious actors are shifting from code-level ...