CSO Online

Old Docker authorization bypass pops up despite previous patch

A 10-year-old issue involving Docker Engine and the AuthZ authorization plug-in lives again to enable attackers to gain ...
The Hacker News

Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access

Docker CVE-2026-34040 enables AuthZ bypass via padded requests, risking host compromise; fixed in version 29.3.1.
Security Boulevard

Your API Has Authorization Bugs. Hadrian Finds Them.

Authorization vulnerabilities are the most common critical finding in our API penetration tests. We find them on nearly every engagement: a user changes an ID in the URL and gets back another user’s ...

Naftiko Launches Alpha of Open-Source Framework That Turns API Sprawl Into Governed Capabilities for AI

Large enterprises manage an average of 1,295 SaaS applications and over 14,000 internal APIs. PARIS, ÎLE-DE-FRANCE, ...

MCP Code Mode: How Bifrost Cuts Token Usage by 50%

Bifrost stands out as the leading MCP gateway in 2026, pairing native Model Context Protocol support with Code Mode to cut ...
Crypto Briefing

Bankr launches x402 cloud on 4/02 day as x402 protocol joins the Linux Foundation

Bankr x402 Cloud gives developers a complete platform to deploy pay-per-request API endpoints with hosting, agentic payments, ...

TutorFlow Launches Agent Platform with API and MCP Integration for AI-Powered Education

Developers and AI agents can generate courses, evaluate answers, and run learning workflows through a single API, with ...
The Next Web

LinkedIn is secretly scanning your browser for 6,000 extensions, and you weren’t told

LinkedIn runs a hidden JavaScript script called Spectroscopy that silently probes over 6,000 Chrome extensions and collects ...
CSO Online

APIs are the new perimeter: Here’s how CISOs are securing them

Today’s attack surface is shifting from the endpoint to the API, and AI and third-party SaaS are worsening the issue. CISOs offer advice for API defense.

Nevermined Launches AI Agent Card Payments with x402, Opening a New Market

Developed by Coinbase, x402 is an open, HTTP-native payment standard that enables instant, automated microtransactions for AI ...

Critical Cisco IMC auth bypass gives attackers Admin access

Cisco has patched several critical and high-severity vulnerabilities, including an Integrated Management Controller (IMC) ...

Hackers exploit React2Shell in automated credential theft campaign

Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell ...