Exposed API documentation is a gift-wrapped roadmap for threat actors. The free Autoswagger tool from Intruder scans for exposed docs and flags endpoints with broken access controls—before attackers ...

Model Context Protocol makes it far easier to integrate LLMs and your APIs. Let’s walk through how MCP clients and servers ...

The connected sex toy platform Lovense is vulnerable to a zero-day flaw that allows an attacker to get access to a member's ...

Browser-based identity attacks surge in 2025, targeting SaaS apps and weak credentials across enterprise accounts.

I recently sat down with Tejpal Garwhal, Application Security and DevSecOps Leader, for a conversation debunking some of the most common API security myths. From zombie endpoints to the limits of WAFS ...

Microsoft has been developing a set of tools to help manage Azure-hosted VMs for some time now under its Project Flash banner. These are designed to help bring the data you need into a central ...

RBM not only offers developers new possibilities in customer communication, but also represents the entry into a new paradigm ...

Amazon said Kiro goes beyond specs and hooks for developers and can be expanded with the Model Context Protocol, an open-source method for connecting AI agents to external tools. This provides ...

Credential-based attacks are the top threat to SMBs. Strengthen your cybersecurity posture with practical identity-first defense strategies.

Some coyotes hunt squirrels, this one hunts users' financial apps A new variant of the Coyote banking trojan abuses Microsoft ...

It’s MCP projects in production, not specification elegance or market buzz, that will determine if MCP (or something else) stays on top.

As AI gets more curious, security gaps widen. Explore the risks of prompt exfiltration and autonomous model behavior.