Security Boulevard

Secure Authentication Architecture for Ecommerce and Retail Platforms

Retail platforms that implement scalable authentication architecture, passwordless login systems, and adaptive security controls are better positioned to protect customer accounts while maintaining ...

OLOID Introduces Aura, an AI Identity Assurance Agent for Critical Workforce Identity Processes

Structured Enterprise Preview Program Now Open for Organizations Extending Identity Enforcement Beyond Login Aura ...
Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...
Security Boulevard

Everyone Knows About Broken Authorization – So Why Does It Still Work for Attackers?

Broken authorization is one of the most widely known API vulnerabilities.  It features in the OWASP Top 10, AppSec conversations, and secure coding guidelines. Broken Object Level Authorization (BOLA) ...

Previously harmless Google API keys now expose Gemini AI data

Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI ...

MojoAuth Surpasses Half-Billion Logins, Launches AI-Native Console for Developers

Passwordless authentication platform onboards 5,000+ companies in 2025 as enterprise demand accelerates We built ...

StarHub Selects Shush Inc.’s Sherlock Platform for Network API’s Proof of Concept

This Proof of Concept represents a pivotal move toward establishing mobile networks as the root of a secure, global ...
Bleeping Computer

IBM warns of critical API Connect auth bypass vulnerability

IBM urged customers to patch a critical authentication bypass vulnerability in its API Connect enterprise platform that could allow attackers to access apps remotely. API Connect is an application ...
InfoWorld

Critical vulnerability in IBM API Connect could allow authentication bypass

Rated 9.8 out of 10 in severity, the flaw could allow a remote attacker to gain unauthorized access to applications. IBM is urging customers to quickly patch a critical vulnerability in its API ...