OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps
Oct 01, 2025Ravie LakshmananVulnerability / API Security A high-severity security flaw has…
How to Gain Control of AI Agents and Non-Human Identities
We hear this a lot: "We've got hundreds of service accounts and…
GitHub Account Compromise Led to Salesloft Drift Breach Affecting 22 Companies
Sep 08, 2025Ravie LakshmananSupply Chain Attack / API Security Salesloft has revealed…
Wiz Uncovers Critical Access Bypass Flaw in AI-Powered Vibe Coding Platform Base44
Jul 29, 2025Ravie LakshmananLLM Security / Vulnerability Cybersecurity researchers have disclosed a…
Cisco Confirms Active Exploits Targeting ISE Flaws Enabling Unauthenticated Root Access
Jul 22, 2025Ravie LakshmananNetwork Security / Vulnerability Cisco on Monday updated its…
The Unusual Suspect: Git Repos
Jul 14, 2025The Hacker NewsSecrets Management / SaaS Security While phishing and…
Over 600 Laravel Apps Exposed to Remote Code Execution Due to Leaked APP_KEYs on GitHub
Cybersecurity researchers have discovered a serious security issue that allows leaked Laravel…
Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)
Jul 11, 2025Ravie LakshmananUnited States Fortinet has released fixes for a critical…
A Pragmatic Approach To NHI Inventories
Identity-based attacks are on the rise. Attacks in which malicious actors assume…