Governance-Driven Automation: How Flowable Is Redefining Digital Process Management
A newly published independent research report highlights Flowable’s rise in the digital process automation market. Built on open-source…
API
Top 10 Best API Penetration Companies In 2025
Securing APIs is a critical cybersecurity challenge in 2025 as they are the backbone of modern applications and a prime target for attackers. API penetration testing is no longer an optional check; it’s a necessity for finding business logic flaw…
New APIsec University Training Modules Now Available in KnowBe4’s Diamond Library
We’re excited to announce the addition of six new training modules from APIsec University, now available at the Diamond Level in KnowBe4’s Security Awareness Training (KSAT) library.
Azure API Vulnerabilities Expose VPN Keys and Grant Over-Privileged Access via Built-In Roles
Token Security experts recently conducted a thorough investigation that exposed serious security weaknesses in Microsoft Azure’s Role-Based Access Control (RBAC) architecture. Azure RBAC, the backbone of permission management in the cloud platfor…
Insomnia API Client Vulnerability Enables Arbitrary Code Execution via Template Injection
A severe security vulnerability in the Insomnia API Client, a widely used tool by developers and security testers for interacting with APIs, has been uncovered by researchers at an offensive security consultancy. Discovered by Technical Director Marcio…
APIContext Releases Guide to Enterprise API Readiness for Autonomous AI Agents
In 2025, agentic AI has rapidly moved from theoretical promise to real-world implementation, reshaping the digital infrastructure of enterprises worldwide. These autonomous systems, capable of making decisions, initiating actions, and interacting with APIs at machine speed, are unlocking extraordinary efficiencies across industries. But with innovation comes risk and with that in mind, APIContext have today […]
The post APIContext Releases Guide to Enterprise API Readiness for Autonomous AI Agents appeared first on IT Security Guru.
Chrome Extensions Flaw Exposes Sensitive API Keys, Secrets and Tokens
A critical security flaw has been uncovered in numerous popular Chrome extensions, affecting millions of users worldwide by exposing sensitive credentials such as API keys, secrets, and tokens directly within their source code. This alarming oversight …
Over 50,000 Azure AD Users’ Access Tokens Exposed via Unauthenticated API Endpoint
CloudSEK’s BeVigil platform has uncovered a critical security vulnerability affecting an aviation giant, where an exposed JavaScript file containing an unauthenticated API endpoint led to unauthorized access to Microsoft Graph tokens with elevate…
Streamline Operations with Cisco Meraki and Red Hat Ansible Automation
This blog explores streamlining operations with Cisco Meraki and Red Hat Ansible Automation Platform, highlighting key use cases and opportunities to learn more at Cisco Live.
Threat Actor Selling 1.2 Billion Facebook Records, But Details Don’t Add Up
Threat actor ‘ByteBreaker’ claims to sell 1.2B Facebook records scraped via API abuse, but inconsistencies in data size and identity raise doubts.