API Security News Hub

South Africa's central bank is dismantling payment infrastructure monopolies through API-driven initiatives like PayShap. This comprehensive analysis explores how regulatory vision is opening the National Payment System to fintechs, the economic benefits of democratized payment access, the API security risks that must be addressed, and the infrastructure requirements for building secure, inclusive payment ecosystems.

The Hidden Infrastructure Behind Africa's Digital Revolution

With 92% of organizations experiencing API-related security incidents and only 10% maintaining complete API documentation, the gap between API proliferation and API visibility has become a strategic vulnerability. This comprehensive analysis explores the challenges of API discovery, the risks of shadow and zombie APIs, regulatory compliance requirements, and the path forward for enterprises seeking to secure their API ecosystems.

OpenAI previously confirmed that it's testing ads in ChatGPT for free and $8 Go accounts, and now we're seeing early signs of that rollout, at least on Android. [...]

OpenAI has confirmed that it's retiring ChatGPT's most popular model called GPT-4o and several other models, including GPT-5 Instant, GPT-5 Thinking, GPT-4.1, GPT-4.1 mini, and o4-mini. [...]

KuppingerCole's 2025 Leadership Compass delivers a critical message: you cannot secure AI without securing APIs. With 92% of organizations increasing API usage and shadow APIs proliferating, the report identifies Salt Security among the overall leaders and emphasizes that API security has evolved from best practice to regulatory requirement.

A U.S. federal jury has convicted Linwei Ding, a former software engineer at Google, for stealing AI supercomputer data from his employer and secretly sharing it with Chinese tech firms. [...]

Over the past few months, a large-scale cloud storage subscription scam campaign has been targeting users worldwide with repeated emails falsely warning recipients that their photos, files, and accoun...

Mandiant says a wave of recent ShinyHunters SaaS data-theft attacks is being fueled by targeted voice phishing (vishing) attacks and company-branded phishing sites that steal single sign-on (SSO) cred...

Hackers compromised a MicroWorld Technologies update server and fed a malicious file to eScan customers. The post eScan Antivirus Delivers Malware in Supply Chain Attack appeared first on SecurityWeek...

A Farsi-speaking threat actor aligned with Iranian state interests is suspected to be behind a new campaign targeting non-governmental organizations and individuals involved in documenting recent huma...

Google-owned Mandiant on Friday said it identified an "expansion in threat activity" that uses tradecraft consistent with extortion-themed attacks orchestrated by a financially motivated hacking group...

CERT Polska, the Polish computer emergency response team, revealed that coordinated cyber attacks targeted more than 30 wind and photovoltaic farms, a private company from the manufacturing sector, an...

Investors poured $140 million into Torq's Series D Round, bringing the startup's valuation to $1.2 billion, to bring AI-based "hyper automation" to SOCs.

Dark Reading asked readers whether agentic AI attacks, advanced deepfake threats, board recognition of cyber as a top priority, or password-less technology adoption would be most likely to become a tr...

Security teams need to be thinking about this list of emerging cybersecurity realities, to avoid rolling the dice on enterprise security risks (and opportunities).

The Tenable One AI Exposure add-on discovers unsanctioned AI use in the organization and enforces policy compliance with approved tools.

Other noteworthy stories that might have slipped under the radar: Apple updates platform security guide, LastPass detects new phishing wave, CISA withdraws from RSA Conference. The post In Other News:...

Google's dual-purpose crawler creates an unfair AI advantage. To protect publishers and foster competition, the UK’s Competition and Markets Authority must mandate crawler separation for search and AI...

The popular open source AI assistant (aka ClawdBot, MoltBot) has taken off, raising security concerns over its privileged, autonomous control within users' computers.