There are some great self-hosted tools out there, but many simply get abandoned.

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...

Grab's security team built Palana, a Kubernetes-native secure execution platform, to run autonomous AI agents safely. Unlike ...

With the advent of AI-mediated APIs, the era of manually hard-coding every integration between every microservice may be ...

Wordfence has blocked 17M+ exploit attempts targeting a Gravity SMTP bug that leaks API keys, OAuth tokens, and full system reports without authentication.

Update 6/10/26: Added details below from a new ServiceNow advisory regarding the observed activity and bug bounty submissions. ServiceNow is warning about a security incident after attackers exploited ...

Broadcom rolled out security updates to the Spring and Java ecosystems tied to helping organizations navigate a surge in AI-detected security threats. The updates are through Broadcom’s Tanzu business ...

Oliver Sild, founder of Patchstack WordPress security company, shared concerns about the security of AI API keys in WordPress 7.0, sharing that there “will be an absolute rush by hackers to steal API ...

A flaw in Google's API key system has reportedly exposed mobile applications to unintended access to its Gemini AI platform. According to a CloudSEK advisory published on April 8, the issue affects ...

Abstract: This paper presents a comprehensive solution for enhancing security and traceability in web applications by auditing mutating REST operations (PUT, POST, PATCH, DELETE). The proposed ...