Top 5 Best Customer Identity and Access Management (CIAM) Solutions in 2026

Compare the top 5 customer identity and access management (CIAM) platforms in 2026 to find the right fit for your product's ...
CSO Online

APIs are the new perimeter: Here’s how CISOs are securing them

Today’s attack surface is shifting from the endpoint to the API, and AI and third-party SaaS are worsening the issue. CISOs offer advice for API defense.
Digital Trends

A simple coding mistake is exposing API keys across thousands of websites

After analyzing 10 million webpages, researchers have found thousands of websites accidentally exposing sensitive API credentials, including keys linked to major services like Amazon Web Services, ...
Security Boulevard

Azure APIM Signup Bypass: 97.9% of Developer Portals Still Exploitable Anonymously and from the Internet

The Azure APIM signup bypass is a critical vulnerability affecting 97.9% of internet-facing Developer Portals. Azure API Management (APIM) exposes APIs to external consumers through a Developer Portal ...
TechSpot

A stolen Gemini API key turned a $180 bill into $82,000 in two days

AI Economy: A team of three developers in Mexico is facing a roughly 455× increase in monthly AI service expenses after an API key associated with their project was allegedly compromised. The key was ...
Windows Report

Hackers Could Exploit Exposed Google API Keys to Access Gemini AI

Google is facing renewed security scrutiny after researchers revealed that publicly exposed API keys can be abused to access Gemini AI services. The issue centers on Google API keys embedded in client ...
Reuters

'Moltbook' social media site for AI agents had big security hole, cyber firm Wiz says

WASHINGTON, Feb 2 (Reuters) - A buzzy new social network where artificial intelligence-powered bots appear to swap code and gossip about their human owners had a major flaw that exposed private data ...
cryptopolitan

10,000 users’ OpenAI API keys have found stolen by fake Chrome AI extension

A Chrome extension posing as an AI assistant exposed more than 10,000 users, secretly harvesting OpenAI API keys and sending data to attacker-controlled servers. Researchers say at least 459 API keys ...
thecyberexpress

Critical IBM API Connect Vulnerability Enables Authentication Bypass

IBM has released security updates to address a critical IBM API Connect vulnerability that could allow remote attackers to bypass authentication controls and gain unauthorized access to affected ...
The Hacker News

Critical CVSS 9.8 Flaw Found in IBM API Connect Authentication System

IBM has disclosed details of a critical security flaw in API Connect that could allow attackers to gain remote access to the application. The vulnerability, tracked as CVE-2025-13915, is rated 9.8 out ...
CSOonline

Coupang breach of 33.7 million accounts allegedly involved engineer insider

South Korea’s worst data breach in over a decade raises concerns about poor authentication key management and a potential insider threat. A prolonged lack of management of valid authentication keys ...