A hardcoded ClickUp API key exposed hundreds of corporate and government emails for over a year, raising new SaaS security ...

Fastly FSLY runs an edge cloud platform that helps developers build, secure, and deliver digital experiences closer to end ...

A Claude Opus 4.6-powered coding agent erased three months of PocketOS production data in a single API call after misusing an ...

Cequence Security, the leader in application, API, and Agentic AI protection, today announced the general availability of Agent Personas in Cequence AI Gateway. Agent Personas give enterprises ...

Citrix’s evolving security ecosystem now spans Workspace, NetScaler, and SD-WAN, offering layered defenses for hybrid and multi-cloud environments. From multifactor authentication to Web App Firewall ...

Connecting different software systems is a big deal for businesses these days. When things work together smoothly, ...

Check Point WAF is purpose-built to protect modern, cloud-native and AI-powered applications in real time. As applications grow more dynamic, organizations need security that prevents threats before ...

Security researchers have discovered 10 new indirect prompt injection (IPI) payloads targeting AI agents with malicious ...

Patching is not enough: applications embedding the insecure library will need to be rebuilt, and affected tokens and cookies ...

A Vercel employee's AI tool OAuth grant gave attackers access to internal systems via a four-hop kill chain. Here's what ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

Today’s attack surface is shifting from the endpoint to the API, and AI and third-party SaaS are worsening the issue. CISOs offer advice for API defense. Recent breaches suggest attackers are shifting ...