The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
Security Boulevard

Inside Modern API Attacks: What We Learn from the 2026 API ThreatStats Report

API security has been a growing concern for years. However, while it was always seen as important, it often came second to application security or hardening infrastructure.  In 2025, the picture ...
Security Boulevard

Integrating Advanced API Security with Imperva Gateway Environment

With APIs powering much of our modern applications, protecting them is no longer optional; it’s a necessity. This blog explores how to seamlessly integrate advanced API security into your Imperva ...

FireCompass Launches AI Agents for Autonomous Web and API Penetration Testing With Freemium Access

Start in minutes and validate exploitable paths across web apps, APIs, and external infrastructure. BOSTON, MA, UNITED ...
Morningstar

Salt Security Outpaces API Security Market with "12 Months of Innovation" in 2025, Delivering a New API and AI Security Breakthrough Every Month

Holiday-themed year-in-review highlights a dozen launches, partnerships, and research milestones that redefined the API fabric and API action layer in 2025. From discovering zombie APIs and blind ...

New Research Reveals APIs are the Single Most Exploited Attack Surface

Wallarm released today The 2026 API ThreatStats Report, a data-driven analysis of API attack telemetry, published vulnerabilities, confirmed exploitation, and API-related breaches disclosed in 2025.
KXAN

Wallarm Releases Q3 2025 API ThreatStats Report: API Vulnerabilities Up 20%, MCP Risks Surge 270%

SAN FRANCISCO, Oct. 30, 2025 /PRNewswire/ -- Wallarm, the leader in API and AI security, today announced the release of its Q3 2025 API ThreatStats Report, revealing that API-related vulnerabilities ...