Infosecurity Magazine

Cursor Extension Flaw Exposes Developer API Keys

Cursor flaw lets extensions steal API keys and session tokens without user interaction, according to researchers at LayerX ...
Developer Tech

API security issues in the spotlight as agents enter the enterprise

A survey by Akamai raises issues around API security and equates the issue with the rise of agentic AIs placing demand on API ...

ClickUp Data Leak Exposes Enterprise Emails for Over a Year

A hardcoded ClickUp API key exposed hundreds of corporate and government emails for over a year, raising new SaaS security ...
Decrypt

OpenClaw Insider Builds the Enterprise Safety Layer the Project Never Shipped

Red Hat principal engineer and OpenClaw maintainer Sally O'Malley released Tank OS—a tool that sandboxes AI agents in ...

NetSuite Brings AI-Powered Speed and Precision to SuiteCloud Development

Oracle NetSuite, the #1 AI cloud ERP, today announced new NetSuite knowledge packages for AI coding agents that will help customers and partners accelerate and de-risk the creation of NetSuite ...
CSO Online

Securing RAG pipelines in enterprise SaaS

Connecting an LLM to your proprietary data via RAG is a massive liability; without document-level access controls, your AI is ...
Security Boulevard

10 Warning Signs Your Current Authentication Stack Is a Breach Waiting to Happen

Run a quick self-audit against 10 warning signs that your authentication stack has critical vulnerabilities. Each sign includes a diagnostic check, an explanation of why it's dangerous, and a concrete ...
Hosted on MSN

OWASP flags indirect prompt injection as top AI security risk

Indirect prompt injection attacks, where malicious instructions are hidden in content AI systems process, have been identified by OWASP as the leading security risk for large language models. These ...

The Vercel breach wasn’t just a hack. It was a trust failure

Hackers don’t break in. They log in.
Cloud Security AllianceOpinion

We are Fixing the Wrong Problem in Non-Human Identity Security

Machine identities are the primary attack surface; governance must shift from user-centric models to trust-based, ...

Adversaries hijacked AI security tools at 90+ organizations. The next wave has write access to the firewall

Autonomous SOC agents now shipping can rewrite firewall rules and modify IAM policies — outpacing the governance frameworks ...

The MCP Disclosure Is the AI Era’s ‘Open Redirect’ Moment

The MCP flaw reveals a systemic AI security gap, exposing enterprise systems to supply chain attacks and forcing a shift ...