TipRanks on MSN

IBM warns of critical API flaw that could allow hackers to bypass authentication

Tech giant IBM ($IBM) is urging customers to quickly fix a serious security flaw in its API Connect software, which is used by companies to manage ...
Communications of the ACM

The Security Risks of Deploying AI Agents

A recent State of IT: Security report from Salesforce found that 100% of IT security leaders believe AI agents can improve at ...
InfoWorld

Critical vulnerability in IBM API Connect could allow authentication bypass

Rated 9.8 out of 10 in severity, the flaw could allow a remote attacker to gain unauthorized access to applications.
The Register on MSN

Poisoned WhatsApp API package steals messages and accounts

And it's especially dangerous because the code works A malicious npm package with more than 56,000 downloads masquerades as a working WhatsApp Web API library, and then it steals messages, harvests ...

Apiiro Launches AI-SAST That Detects, Validates and Fixes Code Vulnerabilities with Software Architectural Context from Code-to-Runtime

By combining application security testing (AST) scanning, Large Language Model (LLM) reasoning, and Apiiro's patented Deep Code Analysis (DCA), Apiiro AI SAST cuts through noisy alerts to detect and ...

Enterprise AI coding grows teeth: GPT‑5.2‑Codex weaves security into large-scale software refactors

OpenAI launches GPT-5.2-Codex with increased security capabilities and longer-horizon abilities to build longer lasting ...
Dataquest

OpenAI API user data exposed in Mixpanel security breach

OpenAI has confirmed a security incident involving Mixpanel, a third-party web analytics provider it used for its API product frontend. The incident, which was a breach of Mixpanel's systems and not ...
Microsoft

SesameOp: Novel backdoor uses OpenAI Assistants API for command and control

Microsoft Incident Response – Detection and Response Team (DART) researchers uncovered a new backdoor that is notable for its novel use of the OpenAI Assistants Application Programming Interface (API) ...
IEEE

A Review on API Security Risk and Vulnerability Assessment

Abstract: Numerous previous security breaches have highlighted the importance of strong cybersecurity practices, particularly in the areas of vulnerability assessment and API security. Incidents such ...
Bleeping Computer

New EDR-Freeze tool uses Windows WER to suspend security software

The technique eliminates the need of a vulnerable driver and puts security agents like endpoint detection and response (EDR) tools into a state of hibernation. By using the WER framework together with ...
Infosecurity-magazine.com

API Threats Surge to 40,000 Incidents in 1H 2025

The financial services, telecoms and travel sectors were in the crosshairs of threat actors in the first half of the year, after Thales observed 40,000 incidents in the period alone. The firm’s ...
Bleeping Computer

Free Autoswagger Tool Finds the API Flaws Attackers Hope You Miss

APIs are the backbone of modern applications - and one of the most exposed parts of an organization’s infrastructure. This makes them a prime target for attackers. One of the highest-profile examples ...