Vercel confirms a security incident after a threat actor claims internal access and demands a $2M ransom, raising concerns about API keys, CI/CD pipelines, and cloud security.

Vercel confirms a security incident after a threat actor claims internal access and demands a $2M ransom, raising concerns about API keys, CI/CD pipelines, and cloud security.

A new report found that bots have surpassed human internet traffic. HUMAN Security's State of AI Traffic report found that automated traffic grew eight times faster than human traffic year-over-year.

OpenClaw is a 24/7 AI assistant designed to support workflows, but its default settings can pose security challenges if not configured correctly. Kevin Stratvert and team explain how to set up ...

Google has officially discontinued its Dark Web Report feature, a free tool that once scanned known dark web breach dumps for personal information tied to a user's Google account. The service ...

Google Cloud API keys, normally used as simple billing identifiers for APIs such as Maps or YouTube, could be scraped from websites to give access to private Gemini AI project data, researchers from ...

Mobile platforms operate under fundamentally different trust assumptions than we relied on for web security. Your mobile pipeline could be missing these threats. We know that mobile development in ...

The 62nd Munich Security Conference opened on 13 February 2026 in Munich, Germany, and this year’s gathering feels different from past editions. For decades, Munich was about jets, troops, and ...

Your Social Security number goes for $1. Your complete identity? Under $100. Here’s what’s being sold, who’s buying and why medical records are now worth more than credit cards. ⚡ TL;DR (THE SHORT ...

OpenClaw, the open-source AI assistant formerly known as Clawdbot and then Moltbot, crossed 180,000 GitHub stars and drew 2 million visitors in a single week, according to creator Peter Steinberger.

APIs are powering the new agentic era and underpinning nearly every digital platform from customer apps to back-end integrations. But as they multiply, they are expanding the attack surface ...

A malicious package in the Node Package Manager (NPM) registry poses as a legitimate WhatsApp Web API library to steal WhatsApp messages, collect contacts, and gain access to the account. A fork of ...