The Hidden Complexity In AI Infrastructure: Why Credentials Are The Real Attack Surface

The Weaviate incident in 2025 illustrated this clearly. A researcher discovered an exposed OpenAI API key in a public ...
techtimes

ServiceNow Data Breach: Gated Advisory Left Customers Unaware of Exploited Zero-Auth API

Enterprise security teams are auditing logs and rotating credentials this week after ServiceNow confirmed that attackers successfully queried sensitive customer instance data through an ...
StateTech Magazine

The Biggest Identity Risk for State and Local Agencies Isn’t a Person — It’s a Script

Government security teams must manage and authenticate nonhuman identities that require access to their systems.
CSO Online

ServiceNow fixes API issue after reports of suspicious tenant activity

ServiceNow says security researchers were behind activity linked to a newly patched authentication flaw, but the company ...
The Hacker News

ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Code Patch + 28 New Stories

Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...

Microsoft patches YellowKey, GreenPlasma, MiniPlasma zero-days

On Tuesday, Microsoft patched two zero-day vulnerabilities that let attackers gain SYSTEM privileges on fully patched Windows ...

CISA Warning: LiteLLM Flaw Could Expose Enterprise AI Gateways

CISA’s LiteLLM warning shows why AI gateways and agents need service account governance, scoped access, credential rotation, ...