API security challenges: The weaknesses of tokens When looking to exploit an API, threat actors will often try to harvest client credentials and API keys to obtain access to the underlying data.

An as-of-yet undiagnosed compromise of the Salesloft Drift AI-driven platform has led to a rash of stolen OAuth tokens, in turn creating downstream breaches at some of the biggest names in the ...

For effective API security, build a collaborative defense across development, operations, and business teams and take advantage of these proven strategies for strengthening defenses.

Sumo Logic, a U.S.-based cloud data analytics and log analysis company, is urging users to reset API keys after discovering a security breach. In a security notice published this week, Sumo Logic ...

Jason Kent, hacker in residence at unified API protection company Cequence Security Inc., also noted that the decision to reset the API keys would not have been taken lightly because “IT and ...

JumpCloud invalidates API keys This morning, BleepingComputer received a tip off from an anonymous reader alerting us to a potential security incident at JumpCloud.

FireTail published The State of APIs and API Security in 2023, a comprehensive analysis of significant API breaches and incidents in the last decade.

Analysis of 600 apps on the Google Play store by CloudSEK’s BeVigil security search engine found that 50% were leaking application programming interface (API) keys of three popular transactional and ...

Akamai Technologies has completed the acquisition of Noname Security for about $450 million to expand its API security offerings.

GitHub is now automatically blocking the leak of sensitive information like API keys and access tokens for all public code repositories.