Tag: Blog

APIs are the backbone of modern applications connecting critical microservices and enabling enterprises to turn data into context-aware business logic via AI across their digital services. As applications become more contextual, APIs expose the data, workflows, and model interactions attackers…

Read more →

APIs used to be the quiet backstage crew that made apps feel magical. Now attackers have learned the script — they walk onstage, deliver perfectly polite lines, and walk off with the props. In H1 2025 Imperva observed 40,000+ API…

Read more →

It starts with something simple: a CAPTCHA box on your screen. You type the number you see, because of course you do. That’s what humans do online. But what if that “CAPTCHA” wasn’t a CAPTCHA at all? In this post,…

Read more →

Introduction On July 16, 2025, Europol revealed the details of Operation Eastwood, a coordinated international strike against one of the most active pro-Russian cybercrime groups, NoName057(016). The announcement promised a major disruption to the group’s activities.  In this blog, we…

Read more →

You Don’t Know What You Don’t Know – And That’s the Problem Picture this: Your development team has built a robust e-commerce platform. Your security team has implemented comprehensive protection measures. Your compliance team has checked all the boxes. Yet…

Read more →

An in-depth analysis of common JSON Web Token (JWT) mistakes, basic auth, long-lived tokens, and quick, high-impact fixes to secure your APIs. Introduction APIs are the backbone of modern digital services—from mobile apps and e-commerce to banking and IoT. That…

Read more →

We recently mitigated a 1.55 terabit per second (Tbps), DDoS attack for a steady customer of ours. This particular customer is a reputable domain name service (DNS) provider. I’ve personally used them for over a decade to register domains for…

Read more →

Modern application environments are dynamic, distributed, and moving faster than ever. DevOps teams deploy new services daily, APIs multiply across regions, and traffic fluctuates by the hour. At the same time, organizations must uphold security, compliance, and availability without slowing…

Read more →

Modern application environments are dynamic, distributed, and moving faster than ever. DevOps teams deploy new services daily, APIs multiply across regions, and traffic fluctuates by the hour. At the same time, organizations must uphold security, compliance, and availability without slowing…

Read more →

Our research uncovered multiple critical vulnerabilities in Base44, an AI-powered platform that lets you turn any idea into a fully functional custom app. These flaws ranged from an open redirect that leaked access tokens, to stored cross-site scripting (XSS), insecure…

Read more →

Learn how Akamai is using marginal emissions rates to improve the transparency and accuracy of our emissions accounting. This article has been indexed from Blog Read the original article: Marginal Emissions Rates: See Carbon Emissions with Clarity in Real Time

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Blog Read the original article: A New Way to Manage Property Configurations: Dynamic Rule Updates

Read more →

A new HTTP request smuggling technique was recently discovered, where attackers take advantage of inconsistent parsing behaviors between front-end proxy servers and back-end application servers. This attack technique leverages ambiguous request formatting to inject malicious secondary requests that appear after…

Read more →

AI security is a business problem. Protect your LLM application investment and ROI by connecting your security team with business stakeholders. This article has been indexed from Blog Read the original article: Stop LLM Attacks: How Security Helps AI Apps…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Blog Read the original article: Akamai Beats Other WAAP Vendors in Third-Party Evaluation

Read more →

Imperva Offensive team discovered that threat actors could smuggle malformed packets to exhaust memory and crash QUIC servers even before a connection handshake is established, therefore, bypassing QUIC connection-level safeguards. Executive Summary  QUIC-LEAK (CVE-2025-54939) is a newly discovered pre-handshake memory…

Read more →

Learn how LKE-E solves critical problems while providing streamlined adoption, operational simplicity, and cost efficiency at scale. This article has been indexed from Blog Read the original article: Accelerating Secure Enterprise Kubernetes Adoption

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Blog Read the original article: Akamai Named an Overall Leader for API Security by KuppingerCole

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Blog Read the original article: The Reality of Modern Cyberattacks: Lessons from Recent Retail Breaches

Read more →

Discover how Akamai and Bitmovin?s partnership reduces costs, enhances performance, and delivers personalized video experiences to content providers. This article has been indexed from Blog Read the original article: Akamai and Bitmovin: Revolutionizing Live and On-Demand Video Streaming

Read more →