Hackers could edit popular LLMs through exposed API tokens on Hugging Face
Exposed API tokens from Meta, Microsoft, Google, and VMware, among others, were found on Hugging Face. The leak gave hackers access to hundreds of corporate accounts, but the impact could carry into the millions of users.
More than 1,500 API tokens could be viewed on Hugging Face. That poses a ... Read more
Expert talks
API Security Threats Rising As Confidence Also Increases
APIs are the connective tissue linking applications and services in the modern enterprises that fuel today’s digital economy. But unfortunately, APIs are a lucrative target for attackers and our latest API Security report reveals these connections may be more vulnerable than companies realise.
... Read more
API security doesn’t get the priority treatment it needs
Research by API security company Traceable and Ponemon Institute shows that API security is not yet getting the attention it deserves. While threats are only increasing, organizations aren't getting their APIs tested for vulnerabilities nearly enough.
Traceable warns of the inherent potential th... Read more
OWASP lists the 10 biggest API dangers, help is on the way
APIs are an essential component of modern applications. An enterprise organization has more than 10,000 of them in use, including many self-designed APIs. External users communicate with them in abundance, but malicious actors can cause many headaches for the organization running the API. OWASP (Op... Read more
Akamai addresses API cyber threat with new solution
Akamai is coming out with a new solution for API security. The company promises to use the tool to monitor API activity and detect suspicious signals.
API security has needed to improve for ages: it's an enormously varied branch, with both legacy and newer cloud applications communicating back a... Read more
AppSec is a fundamental requirement, but does it get enough attention?
OpenText Cybersecurity research on code security shows that organizations are only just beginning to adapt their security strategies to change. Meanwhile, the software development life cycle (SDLC) is becoming more complex and the number of threats is increasing. It raises the question of whether y... Read more
Noname Security and IBM strengthen API security partnership
API security company Noname Security continues to find partners. This time it is announcing a partnership with IBM to further protect customers from software vulnerabilities, misconfigurations and design flaws.
The two companies cite research from Gartner, which shows that the explosive growth o... Read more
Intel to accelerate Noname Security software
Noname Security promises better performance thanks to a partnership with Intel. The security company expects fast API responses by using dedicated acceleration on Intel Xeon processors.
Noname Security will receive the so-called Accelerated by Intel label. Intel described this program on a Linke... Read more
Noname and Wiz join forces for better cyber resilience
Noname Security and Wiz are teaming up to combine their expertise in API and cloud security. In the process, the parties hope to strengthen customers' cyber resilience.
In the press release, the two partners refer to research done by investment firm Battery Ventures. Findings include there being... Read more
Noname Security gives API Security Platform more features
Noname Security wants to help companies build better cyber resilience for their API environments. The security specialist's API Security Platform and the underlying solutions and applications are getting new functionality for this purpose.
For companies, APIs are increasingly critical parts of t... Read more