Microsoft

Addressing the OWASP Top 10 Risks in Agentic AI with Microsoft Copilot Studio

Agentic AI introduces new security risks. Learn how the OWASP Top 10 Risks for Agentic Applications maps to real mitigations ...
CSO Online

APIs are the new perimeter: Here’s how CISOs are securing them

Today’s attack surface is shifting from the endpoint to the API, and AI and third-party SaaS are worsening the issue. CISOs offer advice for API defense.
GovInfoSecurity

Agentic AI Ushers in New Era for API Security

As agentic artificial intelligence accelerates API use, security teams face rising exposure from shadow AI, bot traffic and autonomous agents. Akamai CEO Tom ...
heise online

Google's unprotected API keys a security and cost risk due to Gemini AI

Google is working to fix a problem with its API keys after security researchers pointed out possible misuse. This is because the keys for accessing Google's cloud services, such as Maps or Firebase, ...
The Hacker News

Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware

Cybersecurity researchers have discovered four malicious NuGet packages that are designed to target ASP.NET web application developers to steal sensitive data. The campaign, discovered by Socket, ...
ischool.berkeley.edu

Berkeley Cybersecurity Master’s Students Develop API Security Test for Different Users

Karl: It was Jenny who came up with the idea to look at APIs, which tend to live a somewhat hidden life inside many modern applications. As we began researching API usage and breach statistics, we ...
Reuters

'Moltbook' social media site for AI agents had big security hole, cyber firm Wiz says

WASHINGTON, Feb 2 (Reuters) - A buzzy new social network where artificial intelligence-powered bots appear to swap code and gossip about their human owners had a major flaw that exposed private data ...
Seeking Alpha

Radware Launches a New End-to-End API Security Service Delivering Runtime Protection and Posture Management of APIs

MAHWAH, N.J., Jan. 20, 2026 (GLOBE NEWSWIRE) -- Radware (RDWR) ® (NASDAQ: RDWR), a global leader in application security and delivery solutions for multi-cloud environments, today announced the launch ...
Forbes

The Future Of API Protection: Why Web And API Security Work Better Together

APIs are powering the new agentic era and underpinning nearly every digital platform from customer apps to back-end integrations. But as they multiply, they are expanding the attack surface ...
CSOonline

Hidden .NET HTTP proxy behavior can open RCE flaws in apps — a security issue Microsoft won’t fix

Researcher warns that many .NET applications might be vulnerable to arbitrary file writes because .NET’s HTTP client proxy classes also accept non-HTTP URLs, a behavior developers are responsible to ...
GitHub

Backend for frontend security architecture (BFF) using Vue.JS and ASP.NET Core

Implements an OpenID Connect confidential client client using Vue.JS and a UI and ASP.NET Core to implement the API. The application is secured using an OpenID Connect confidential client using OAuth ...
Bleeping Computer

Microsoft fixes highest-severity ASP.NET Core flaw ever

Earlier this week, Microsoft patched a vulnerability that was flagged with the "highest ever" severity rating received by an ASP.NET Core security flaw. This HTTP request smuggling bug (CVE-2025-55315 ...