More than 100 malicious extensions in the official Chrome Web Store are attempting to steal Google OAuth2 Bearer tokens, deploy backdoors, and carry out ad fraud. Researchers at application security ...

Legacy IAM can't govern autonomous AI agents that spin up, execute and terminate in seconds. New identity patterns are now emerging. The post Why Traditional IAM Is No Match for Agentic AI appeared ...

Vercel breached after attacker compromised Context.ai, hijacked an employee's Google Workspace via OAuth, and accessed ...

Connecting different software systems is a big deal for businesses these days. When things work together smoothly, ...

AiTM attacks don't steal passwords; they copy the result of a real login. You need to watch what happens after the user logs ...

Google’s new MFA requirement for the Ads API strengthens security but may require advertisers to adjust authentication ...

Cursor flaw lets extensions steal API keys and session tokens without user interaction, according to researchers at LayerX ...

Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.

Supported Releases: These releases have been certified by Bloomberg’s Enterprise Products team for use by Bloomberg customers. Experimental Releases: These releases have not yet been certified for use ...

A major security issue has been found in Moltbook, an experimental social media platform for AI agents, which exposed sensitive user data and internal system credentials, according to a report by ...