Security Boulevard

API Keys vs. JWTs: Choosing the Right Auth Method for Your API

A developer needs to connect a service to an API. The documentation says to generate an API key, store it in an environment variable and pass it in a header. Five minutes later, the integration works.

Over 100 Chrome extensions caught stealing Google and Telegram data: How to stay safe?

Cybersecurity experts have reported a coordinated attack involving 108 Google Chrome extensions that steal user data and ...
Microsoft

Inside an AI‑enabled device code phishing campaign

A new wave of device code phishing shows how threat actors are scaling account compromise using AI and end‑to‑end automation.
NewsBytes

Attention! These Chrome extensions may steal your Telegram, Google data

Over 108 Google Chrome extensions have been implicated in a coordinated data theft, compromising Google and Telegram user ...
The Hacker News

Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover

CVE-2026-33032 exposes nginx-ui to unauthenticated takeover via MCP endpoint, impacting 2,600+ instances with active ...

Over 100 Chrome Web Store extensions steal user accounts, data

More than 100 malicious extensions in the official Chrome Web Store are attempting to steal Google OAuth2 Bearer tokens, ...
Communications of the ACM

Subscription Bombing: Email under Attack

Email subscription bombing (also known as subscription flooding or email spam bombing) is an attack technique that overwhelms ...
Microsoft

Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise

The Microsoft Defender Security Research Team uncovered a sophisticated macOS intrusion campaign attributed to the North ...
Security Boulevard

46 Vulnerability Statistics 2026: Key Trends in Discovery, Exploitation, and Risk

Vulnerability attacks rose 56% in 2025. Explore 46 statistics on CVE disclosure, exploitation patterns, and industry impact to guide your 2026 security strategy. The post 46 Vulnerability Statistics ...
TechAnnouncer

Your Comprehensive Guide to Building a REST API in Python

All in all, your first RESTful API in Python is about piecing together clear endpoints, matching them with the right HTTP ...

Google Ads API to require multi-factor authentication

Google’s new MFA requirement for the Ads API strengthens security but may require advertisers to adjust authentication ...

Security study finds thousands of API credentials exposed on the web for years

Researchers scan 10 million websites and uncover thousands of exposed API keys quietly granting access to cloud systems and critical infrastructure ...