API Security stories

Experts say AI-driven attacks and rampant data leaks mean organisations must verify outputs, curb collection and harden identity controls.

Deutsche Telekom Security taps Akamai’s certified service scheme to bolster API defences and microsegmentation for high‑risk sectors.

Practical DevSecOps unveils a hands-on Certified Security Champion course to embed security advocates inside software development teams.

Attackers are already exploiting AI agents, extracting hidden prompts, bypassing safety checks and abusing tools tied to data and systems.

Ping Identity has launched Universal Services, a continuous trust layer to combat AI-driven fraud and secure risky interactions beyond login.

‘BodySnatcher’ bug let attackers hijack ServiceNow AI agents to mimic users and create backdoor admin accounts on on-premise systems.

Rapid7 partners with ARMO to embed cloud runtime detection into its Command Platform, unifying exposure management and live threat response.

F5 rolls out AI Guardrails and AI Red Team to harden runtime security, blending adversarial testing with real-time policy enforcement.

Ping Identity appoints former Slack executive Adnan Chaudhry as chief revenue officer to drive global go-to-market amid AI identity boom.

Hydrolix launches Bot Insights to reveal hidden AI bot traffic and six-figure cost leaks, promising real-time visibility across CDNs.

Astra launches a continuous cloud scanner for AWS, Azure and GCP, promising fewer false alerts by validating which risks are truly exploitable.

Intruder finds over 42,000 sensitive tokens hidden in JavaScript bundles, exposing a major blind spot in modern web app security tools.

F5 rolls out Distributed Cloud Services 7.0, boosting API discovery, threat detection and networking for complex hybrid multicloud setups.

Thales launches AI Security Fabric to shield enterprise LLM and agentic AI apps from runtime threats like prompt injection and data leakage.

OWASP has launched its first Top 10 list for agentic AI, warning autonomous systems act as a powerful but risky new digital workforce.

Nudge Security unveils expanded AI-in-SaaS controls to monitor chatbot use, browser activity and risky integrations across cloud apps.

Radware doubles its global DDoS cloud capacity to 30 Tbps, adding AI-driven DefencePro X to counter rising large-scale and complex attacks.

Technology leaders warn 2026 will be a make-or-break year as businesses demand tangible AI value, workflow redesign and tighter security.

AI security start-up Token Security warns AI agents will outnumber humans in firms by 2026, becoming the most privileged, risky identities.

Security chiefs warn CISOs to pivot from AI hype to systemic cloud risk as supply-chain attacks on major platforms are set to soar.