ClickUp Data Leak Exposes Enterprise Emails for Over a Year

A hardcoded ClickUp API key exposed hundreds of corporate and government emails for over a year, raising new SaaS security ...

Top 5 Best Customer Identity and Access Management (CIAM) Solutions in 2026

Compare the top 5 customer identity and access management (CIAM) platforms in 2026 to find the right fit for your product's authentication needs.

ConsentFix v3 attacks target Azure with automated OAuth abuse

A new attack type, dubbed ConsentFix v3, has been circulating on hacker forums, building on the previous technique by adding ...
Security Boulevard

ConsentFix v3 Automates OAuth Abuse to Bypass MFA and Hijack Azure Accounts

What happened A third iteration of the ConsentFix attack technique has been circulating on hacker forums, introducing automation and scalability to a method that abuses Microsoft Azure’s OAuth2 ...

Seedance 2.0 API Goes Live on fal, Expanding Access to Next-Generation AI Video Generation Infrastructure

San Francisco, California, United States, April 17, 2026 -- fal has announced the official launch of the Seedance 2.0 API on its platform, ...
The Next Web

Lovable left thousands of projects exposed for 48 days, and the vibe coding security crisis is only getting worse

Lovable's API exposed source code and database credentials for 48 days after the company closed a bug report. Up to 62% of AI ...

Learning from the Vercel breach: Shadow AI & OAuth sprawl

A single third-party OAuth integration can become a direct path into your environment. Push explains how the Vercel breach ...
Security Boulevard

How Escape AI Pentesting Exploited SSRF in LiteLLM

The post How Escape AI Pentesting Exploited SSRF in LiteLLM appeared first on Escape – Application Security & Offensive ...

Under the Hood: How Pay by Bank Works

As you can tell from the title, this is a classic Under the Hood deep dive I pulled from the archive, written back in 2023. I ...

Grok Service Outages Spark Frustration in 2026 as xAI Struggles With Explosive Demand

Users of Grok, the artificial intelligence chatbot developed by Elon Musk's xAI, have repeatedly complained about service ...

Over 100 Chrome extensions caught stealing Google and Telegram data: How to stay safe?

Cybersecurity experts have reported a coordinated attack involving 108 Google Chrome extensions that steal user data and hijack Telegram sessions. Researchers say these extensions have been installed ...