Workload identity federation has come to AI agents. The agentic identity era starts here. Using API Keys to access AI platforms was never going to survive the agentic era. Anthropic’s support for ...

Exposed UIs, weak authentication, and risky defaults could turn cloud-native AI apps on Kubernetes into potential targets by ...

The post How Escape AI Pentesting Exploited SSRF in LiteLLM appeared first on Escape – Application Security & Offensive Security Blog. At Escape, we routinely test the AI infrastructure that teams ...

A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to ...

Companies like Lovable, Base44, Replit, and Netlify use AI to let anyone build a web app in seconds—and in thousands of cases ...

The key difference between the terms REST versus RESTful is that REST refers to a philosophy about the architecture and design of web services, while the term RESTful refers to any API that properly ...

CISA added CVE-2026-20182, a CVSS 10.0 Cisco Catalyst SD-WAN Controller authentication bypass flaw, to its KEV catalog.

An LLM-powered system found 4 security bugs, including a critical one in the web server’s URL rewrite module. Researchers have found a critical vulnerability in the widely used Nginx web server that ...

OpenAI's new Daybreak platform pairs GPT-5.5 with Codex Security to take on Anthropic's Mythos in AI-powered cyber defence.

Over the last several years, Apple has dramatically improved how it handles lithium-ion battery charging in iPhones, iPads, Macs, and Apple Watches. Across multiple system releases, the company moved ...

Zero-trust has fundamentally reshaped the cybersecurity paradigm with a principle that is both simple and uncompromising: ...

Link lets users connect cards, banks, and subscriptions, then authorize AI agents to spend securely via approval flows.