Previously harmless Google API keys now expose Gemini AI data

Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI ...
SecurityWeek

OpenClaw Security Issues Continue as SecureClaw Open Source Tool Debuts

OpenClaw faces security vulnerabilities and misconfiguration risks despite rapid patches and its transition to an ...
Morningstar

Sysdig Advances Its Vision for an Open Source Cloud Security Platform

New features unite detection, investigation, and response across Falco and Stratoshark, creating a seamless workflow for a global community of users KubeCon + CloudNativeCon North America 2025 – ...
Bleeping Computer

CISA open-sources Thorium platform for malware, forensic analysis

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) today announced the public availability of Thorium, an open-source platform for malware and forensic analysts across the government, ...
SecurityWeek

API Threats Grow in Scale as AI Expands the Blast Radius

Most API vulnerabilities are fast, remote, and easy to exploit. Attackers take full advantage of these attributes.
Forbes

Connecting The Dots: Does Your API Security Play Well With Others?

Application programming interfaces (APIs) form the connective tissue in our digital world. Ensuring their security is a top priority for organizations. But in today’s fragmented digital environments, ...
Computer Weekly

Open source security and sustainability remain unsolved problem

The ease with which developers can integrate third-party open source code has created a security and sustainability crisis, according to a senior executive at edge cloud platform Fastly. Speaking to ...
VentureBeat

CrowdStrike & NVIDIA’s open source AI gives enterprises the edge against machine-speed attacks

Every SOC leader knows the feeling: drowning in alerts, blind to the real threat, stuck playing defense in a war waged at the speed of AI. Now CrowdStrike and NVIDIA are flipping the script. Armed ...
CSO Online

Open source maintainers being targeted by AI agent as part of ‘reputation farming’

“Once contribution and reputation building can be automated, the attack surface moves from the code to the governance process around it. Projects that rely on informal trust and maintainer intuition ...