%term

The Hidden Security Risks Living Inside Your APIs

Mar 12, 2026 By SecuritySenses In SecuritySenses

Most organisations spend serious money on firewalls, endpoint protection, and threat monitoring. Yet one of the most commonly exploited attack surfaces gets far less attention: the APIs quietly running underneath almost every modern application. APIs are the connective tissue of today's digital infrastructure. They allow apps to talk to each other, enable third-party integrations, and power the real-time data exchanges that businesses depend on daily. They are also a favourite target for attackers who know that many organisations have not secured them properly.

Read Post

SecuritySenses

Read more about The Hidden Security Risks Living Inside Your APIs

The CISO's Dilemma: How To Scale AI Securely

Mar 11, 2026 By Wallarm In Wallarm

Your board wants AI. Your developers are building with it. Your budget committee is asking for an ROI timeline. But as CISO, you're the one who has to answer when the inevitable question comes up: "How do we know this is secure?" If you're like most security leaders, you're caught between two impossible positions. Say yes to AI initiatives without proper security controls, and you're responsible when something goes wrong.

Read Post

Wallarm

Read more about The CISO's Dilemma: How To Scale AI Securely

The Economic Argument: The Real Cost of Insecure APIs in the AI Era

Mar 10, 2026 By Eric Schwake In Salt Security

When cybersecurity teams talk about risk, they usually speak in technical terms like vulnerabilities, exploits, and attack vectors. But when they walk into the boardroom, they need to speak a different language. They need to speak about cost. In the era of AI, the cost of insecure APIs has shifted from a potential liability to a tangible line item on the balance sheet. It is no longer just about the cost of a data breach.

Read Post

Salt Security

Read more about The Economic Argument: The Real Cost of Insecure APIs in the AI Era

Active defense: introducing a stateful vulnerability scanner for APIs

Mar 9, 2026 By John Cosgrove In Cloudflare

Security is traditionally a game of defense. You build walls, set up gates, and write rules to block traffic that looks suspicious. For years, Cloudflare has been a leader in this space: our Application Security platform is designed to catch attacks in flight, dropping malicious requests at the edge before they ever reach your origin. But for API security, defensive posturing isn’t enough. That’s why today, we are launching the beta of Cloudflare’s Web and API Vulnerability Scanner.

Read Post

Cloudflare

Read more about Active defense: introducing a stateful vulnerability scanner for APIs

Agent-to-Agent Attacks Are Coming: What API Security Teaches Us About Securing AI Systems

Mar 6, 2026 By Wallarm In Wallarm

AI systems are no longer just isolated models responding to human prompts. In modern production environments, they are increasingly chained together – delegating tasks, calling tools, and coordinating decisions with limited or no human oversight. Almost all that communication happens through APIs. This shift offers enormous productivity benefits. But it has also complicated security. Because as soon as systems can talk to each other, they can be attacked through each other.

Read Post

Wallarm

Read more about Agent-to-Agent Attacks Are Coming: What API Security Teaches Us About Securing AI Systems

From Prompts to APIs: Why LLMs Change Everything

Mar 3, 2026 By Cloudflare In Cloudflare

In this clip from This Week in NET, Matt Carey explains why LLMs act as a fuzzy translation layer — turning unstructured human prompts into structured API calls, and back again.

View Video

Cloudflare

Read more about From Prompts to APIs: Why LLMs Change Everything

Everyone Knows About Broken Authorization - So Why Does It Still Work for Attackers?

Mar 2, 2026 By Wallarm In Wallarm

Broken authorization is one of the most widely known API vulnerabilities. It features in the OWASP Top 10, AppSec conversations, and secure coding guidelines. Broken Object Level Authorization (BOLA) and Broken Function Level Authorization (BFLA) account for hundreds of API vulnerabilities every quarter. According to the 2026 API ThreatStats report, authorization issues ranked ninth in the API Top 10, “reflecting chronic difficulty in managing roles and permissions at scale.”

Read Post

Wallarm

Read more about Everyone Knows About Broken Authorization - So Why Does It Still Work for Attackers?

Citizen Developer: The Threat From Within

Feb 26, 2026 By Salt Security In Salt Security

As AI adoption accelerates, a new security risk is emerging from inside organizations, driven not by attackers, but by well-intentioned employees. Across the business, teams are rapidly building AI-powered applications, workflows, and automations using low-code/no-code platforms, custom scripts, and MCP servers.

View Video

Salt Security

API
Security

Read more about Citizen Developer: The Threat From Within

API ThreatStats Report 2026: The Year of AI APIs

Feb 25, 2026 By Wallarm In Wallarm

In this webinar, you’ll learn how attackers are targeting APIs that power AI applications and agents.

View Video

Wallarm

API
Security

Read more about API ThreatStats Report 2026: The Year of AI APIs

The Coming Regulatory Wave for AI Agents & Their APIs

Feb 24, 2026 By Eric Schwake In Salt Security

For the past two years, the adoption of Generative AI has felt like a gold rush. Organizations raced to integrate Large Language Models and build autonomous agents to assist employees. They often bypassed standard governance processes in the name of speed and innovation. That era of unrestricted experimentation is rapidly drawing to a close. A massive regulatory wave is forming worldwide. Frameworks like the EU AI Act and the new ISO/IEC 42001 standard are forcing a corporate reckoning.

Read Post