A defense technology company with Department of Defense contracts exposed user records and military training materials through API endpoints that lacked meaningful authorization checks, according to an account published by Strix, an open-source autonomous security testing project.

The issue affected Schemata, an AI-powered virtual training platform used in military and defense settings. According to Strix, an ordinary low-privilege account was able to access data across multiple tenants, including user listings, organization records, course information, training metadata and direct links to documents hosted on the Schemata’s Amazon Web Services instances.

Strix said the exposed materials included a 3D virtual training course for naval maintenance personnel with documentation marked confidential and proprietary, a course containing Army field manuals on explosive ordnance handling and tactical deployment, and hundreds of user records linked to bases and training enrollments. Additionally, the exposed information included names, email addresses, enrollment details and the military bases where U.S. service members were stationed. 

Schemata acknowledged the affected endpoints were exposed May 1, after what Strix described as a 150-day disclosure process. Strix said it verified remediation before publication and published its account earlier this week, 152 days after its initial disclosure attempt.

The reported vulnerability did not require a complex exploit. Strix said it used a low-privilege account to watch normal browser traffic, identify API endpoints exposed through the application, and request high-value data using the same session. According to Strix, those requests returned records from outside the account’s own organization, suggesting the API was not properly enforcing tenant boundaries or user permissions.

In multi-tenant software, authorization controls are intended to ensure users can access only the data and functions assigned to their account or organization. The failure described by Strix would represent a basic breakdown in that model. The firm said some routes also appeared “write-enabled,” meaning a malicious actor could potentially modify or delete courses through update or delete requests, though the account does not say Strix performed destructive testing.

Strix did not respond to CyberScoop’s request for comment. 

Schemata’s platform serves military and defense training environments, where user identities, assignments and course enrollments can reveal sensitive operational context. Even when information is not classified, records showing where service members are based, what training they are enrolled in and which materials they can access may create risks if exposed outside intended channels.

In a statement posted on the company’s website, Schemata said it did not have “evidence that any third party exploited the vulnerability to access customer data.”

The disclosure timeline also raises questions about how companies handling sensitive government-related data receive and respond to vulnerability reports. Strix said it first contacted Schemata on Dec. 2, 2025. According to the account, Schemata’s CEO initially responded, “I would love to hear what the vulnerability is, but I assume you want to get paid for it. Is that the play?”

Strix said it clarified the same day that compensation was not required and that its priority was user safety. It said it sent multiple follow-ups from Dec. 8-29, warning that the vulnerability was critical and asking where to send details. Five months later, after telling Schemata that researchers were publishing the information publicly, Schemata responded, acknowledged the exposed endpoints and said it would patch the issue immediately.

“After we received actionable details about the vulnerability and confirmed the security researcher appeared to be legitimate, our team remediated the vulnerability the same day, and the researcher independently verified the fix before publishing their findings,” Schemata’s statement reads. “We appreciate the security researcher bringing this to our attention and their contribution to the security of our platform.”

Schemata said it’s working with cybersecurity consultants to assist with its response and improve its security posture. The company also said it is in contact with government authorities about the vulnerability.

Defense contractors that handle Controlled Unclassified Information, or CUI, must report cyber incidents to the Department of Defense Cyber Crime Center (DC3). The center did not respond to CyberScoop’s request for comment. 

According to contracting data, the company holds $3.4 million in contracts with the Department of Defense. In May 2025, Schemata announced $5 million in venture funding from several firms, including Andreessen Horowitz. 

The post A DOD contractor’s API flaw exposed military course data and service member records appeared first on CyberScoop.

Dozens of such keys can be extracted from apps’ decompiled code to gain access to all Gemini endpoints.

The post Google API Keys in Android Apps Expose Gemini Endpoints to Unauthorized Access appeared first on SecurityWeek.

Hackers published 36 NPM packages posing as Strapi plugins to execute shells, escape containers, and harvest credentials.

The post Guardarian Users Targeted With Malicious Strapi NPM Packages appeared first on SecurityWeek.

For teams managing dozens, or even hundreds, of tenants, API access quickly becomes operational overhead. Managed Security Service Providers and large enterprises often find themselves maintaining separate credentials for every environment, adding friction to automation, reporting, and day-to-day operations.

To address this, we are excited to announce multi-tenant API access, a new authentication capability designed to drive operational efficiency and consistent security outcomes across all your customers or environments.

Whether you are a MSSP or an enterprise managing multiple tenants, this new capability transforms how you programmatically access and manage data, allowing you to focus on security outcomes rather than script maintenance.

Managing API keys across multiple tenants to eliminate key sprawl

Without multi-tenant capabilities, a security team managing 50 tenants requires 50 unique credentials that need to be generated, named, and stored. This key sprawl creates overhead for rotation, increased risk of credential leakage, and makes cross-tenant reporting a challenge to automate effectively.

Meaning basic tasks, such as creating a consolidated compliance report, could turn into a multi-day integration project involving brittle scripts and large configuration files.

A centralized approach to multi-tenant API access

Multi-tenant API access introduces a centralized way to programmatically access data across all managed tenants with a single API key. Instead of maintaining individual tenant-specific credentials, you can use one key for many tenants.

At Rapid7, we’re introducing new multi-tenant admin keys that enable access to all current and future tenants, ensuring that new tenants require zero additional API configuration - saving security teams valuable time and effort.

Reducing operational overhead with multi-tenant API access

By removing the authentication bottleneck, our multi-tenant API keys enable security engineers to build a single integration that "loops" through tenants automatically, reducing the time they would otherwise have spent manually configuring API keys per tenant and the maintenance overhead that comes with this.

Using one key to provide seamless access to all tenant data, operations are simplified and the impact on efficiency is measurable: teams reclaim days of effort onboarding new tenants and rotating credentials experiencing 98% time savings overall.

Strengthening API security and compliance across tenants

Beyond efficiency, multi-tenant API access improves security visibility, reducing an organization’s attack surface by utilizing a single multi-tenant key. Fewer keys mean fewer opportunities for developers to accidentally hardcode credentials or leave orphaned keys active after a tenant is decommissioned.

This feature also streamlines compliance. It allows teams to run a single script to pull critical vulnerabilities or alerts across hundreds of tenants into a single dashboard, and enables efficient exports of audit logs across all tenants. 

Simplifying cross-tenant automation and reporting

Multi-tenant API access is about freeing security teams to focus on what matters. By centralizing credential control and simplifying automation, we are empowering analysts and engineers to act faster and reduce risk.

Want to see how multi-tenant API access can streamline your operations? Administrators can leverage this new capability by utilizing the new multi-tenant API key type and our new managed organizations API to retrieve details of your managed tenants, enabling you to create or update automation scripts to retrieve or manage data for any (or all) of your managed tenants via existing Rapid7 APIs.

The rise of malicious bots is changing how the internet operates, underscoring the need for stronger safeguards that keep humans firmly in control. Bots now account for more than half of global web traffic, and a new class of “predator bots” has emerged, unleashing self-learning programs that adapt in real time, mimic human behavior, and exploit APIs and business logic in order to steal data, scalp goods, and hijack transactions.

The economic fallout is staggering: bots and API attacks drain up to $186 billion annually, driven by credential theft, scalping, and fake account creation that fuel large-scale fraud and distort online markets. This represents one of the fastest-growing forms of cyber-enabled economic harm, and it’s happening mostly out of sight.

Security teams can’t afford to let hackers have the upper hand with automation. Addressing the growing bot crisis requires a deep knowledge of APIs and their vulnerabilities, as well as the ability to leverage automation in ways that match and counter attackers’ growing arsenals.

The new bot economy

Over the last few years, AI has accelerated malicious automation from simple scripts to adaptive systems that evolve in real time. Today’s predator bots blend seamlessly into normal traffic patterns, dramatically increasing the volume of legitimate-appearing bot traffic and making it harder for security teams to spot.

The influx of bots has led to an unprecedented scale credential theft, account takeover, scraping, scalping, and promotion fraud. With malicious bots now accounting for roughly 37% of all web traffic, security teams are left feeling like they’re playing a giant game of bot whack-a-mole.

Predator bots are not only causing financial impact; they’re also slowly eroding customer confidence and overall societal trust in our digital infrastructure. These bots are targeting every sector, from financial services to citizen services and beyond, further chipping away at public trust in critical infrastructure capabilities. Even small disruptions can now be amplified through automation, turning minor weaknesses into large-scale outages or fraud events.

As predator bots continue to grow in influence and scale, defenders are left with a shrinking window of time to secure today’s digital infrastructure for tomorrow’s customers.

APIs are the front line

APIs are the fabric that connects the internet, powering functions like identity management, payments, checkout carts, inventory, and customer access. The very essence of how APIs connect the internet is also what makes them the most vulnerable targets. While APIs represent roughly 14% of attack surfaces, they attract 44% of advanced bot traffic, highlighting the imbalance of risk.

Predator bots differ from attacks focused on code vulnerabilities, as they exploit business logic to reshape workflows against organizations. This manifests in API-driven abuse that exploits legitimate workflows, from manipulating checkout flows to large-scale data abuse.  As AI enables both high-volume brute force attacks and low-and-slow stealth attacks, security teams are quickly realizing traditional defenses are no longer up to par.

With hackers zeroing in on API abuse to drive predator bot attacks, visibility, classification, and behavior monitoring are now core to digital trust. Shadow APIs and forgotten endpoints only widen the attack surface, giving predators more places to hide. Shining a light on AI-powered bots requires layered defense strategies that combine human insight with advanced, adaptive technology.

Defending at machine speed

As automated attacks continue to mature and evolve, traditional defense tactics like static rules, CAPTCHAs, and IP blocking can no longer keep pace. To defend against bots at machine speed, security teams must pair modern defense tactics rooted in autonomy and agility with human expertise.

Bots don’t act in isolation, and neither should security teams. Autonomous controls can take over detection and response, automatically flagging suspicious bot behavior and enforcing protections like adaptive MFA. This allows human analysts to focus on high-value adds like threat modeling and strategic risk reduction.

Security teams should first start with a complete API discovery, including endpoints, to ensure they know their digital environment inside and out. Next, teams must adopt proactive security measures like behavioral bot detection, MFA, machine-speed anomaly detection, and business logic monitoring. These measures ensure that bots are caught before damage can be inflicted.

Today’s defense must operate, to some degree, like attacks: continuous, context-aware, and capable of adapting in real time. By augmenting human capabilities with autonomous tools, security teams shift from being overwhelmed and responding to threats reactively to operating proactively and intelligently. Security cannot afford to lag behind; it must evolve in lockstep with the threats teams face.

Automation is the new battleground

As AI accelerates attack automation, defenders need modern, AI-powered tools that match the speed of attackers and free security teams to concentrate on the complex, judgement-driven work that machines can’t replicate.

The future is about more than keeping bots out. Security’s next phase will be defined by behavior-driven insight, intent-based detection, and defense at machine speed.

Tim Chang is the global vice president of application security at Thales.

The post Predator bots are exploiting APIs at scale. Here’s how defenders must respond. appeared first on CyberScoop.

The recent Salesloft Drift breach offered a sobering reminder of how easily trust can be weaponized in today’s SaaS and AI-integrated environments. In this incident, hackers exploited the Drift chatbot, stole OAuth tokens, and used them to obtain data from CRM systems before the tokens could be revoked. In the wake of the incident, many deemed the weak spot to be the tokens, but they are missing the bigger issue. Namely, identity and permission sprawl, and a misuse of excessive trust.

Inside the Salesloft Drift Attack

With Drift, attackers used OAuth tokens to make legitimate API calls against CRM environments, and since the tokens were valid, the fraudulent activity didn’t raise any flags. In the eyes of all, it was simply business as usual. Organizations later confirmed that data was stolen before tokens could be revoked. This includes sensitive business records, contact information, support data, and, in some cases, embedded credentials across more than 700 organizations using the compromised integration with Salesforce. 

And while those impacted have traced the chain of compromise, the next step is to address the larger underlying problem of the chatbots and the excessive scopes they are given. 

Consider the following:

• Exceedingly Broad Scopes: The chatbots don’t just have access to what they need; they have access to everything, including users’ credentials.
• Ongoing Authorization: Chatbot credentials often remain valid indefinitely in the name of speed, in essence creating a permanent open door.
• Standing Privileges: Permanent credentials mean chatbots stay connected even when not in use, making them targets ready to be exploited at any time.

Add it all up, and you can see how a single compromised credential can create significant exposure. And the risk is only growing, thanks to SaaS and AI-powered integrations that are creating an unimaginable number of vulnerabilities. Still, businesses treat integrations and agents as background utilities that have no ownership, governance, or lifecycle management. Ironically, it’s the absence of these controls that gives them greater operating privileges and reach than any human would ever be granted, while making them ideal targets for attackers.

The identity and access wake-up call

Whether or not an organization was impacted by Drift, it’s time to reassess all SaaS and AI integration footprints. This includes verifying every connected app, API bridge, and automation workflow. 

Start with addressing hygiene, including the following:

• Remove and rotate any old tokens, as well as those with excessive permissions, especially those connected to third-party integrations. Where possible, static tokens should be eliminated entirely in favor of short-lived tokens with a narrow window of operation.
• Replace blanket-scoped permissions with narrowly defined access that is tied to specific roles and actions. 
• Audit logs and event data for unusual exports, API surges, or unexpected user agents. These actions can help surface silent compromises before they grow.

This tactical cleanup is not a one-time exercise. Everything must be re-evaluated on an ongoing basis. Even then, your work is not done. 

From static access to runtime authorization

The next generation of security requires using adaptive access models such as Zero Standing Privileges (ZSP), where “always-on” automation is replaced by dynamic, ephemeral identities and permissions that are enforceable at runtime.  With ZSP, every integration or AI agent receives temporary, just-in-time access that is created at runtime, bound by clear time-to-live parameters and contextual conditions. When the task ends, the permission disappears.

Because these are enabled through runtime authorization, businesses can easily verify not only who or what is making a request, but also why, for how long, and under what conditions. When paired with continuous monitoring, organizations can quickly spot anomalous activities and revoke privileges instantly when behavior deviates from policy.

Treat all integrations as identities

Another key to success is treating all integrations, whether they are human, machine, agentic AI, or AI-driven assistants, equally. Each of these should have a distinct identity, a defined purpose, ownership, and lifecycle stages. These controls provide teams with critical visibility across all identities and, when irregular activities are spotted, the answers to critical questions—who had access, what they did, and for how long?

Pay special attention to AI-driven tools, ensuring that agents operating on behalf of humans only act within the parameters set by their sponsor. Helpful tools here include allowlisting and runtime guardrails that can keep agents in their assigned lane and, in doing so, prevent them from veering off and initiating unauthorized actions. This includes those that have been compromised or manipulated through prompt injection.

The bigger picture: trust as a dynamic perimeter

The Drift incident wasn’t an anomaly—it was a preview. As AI-driven automations and SaaS integrations multiply, every organization will face the same question: can you truly see, control, and verify who or what has access to your data at any given moment?

Security can no longer depend on static controls or the assumption that trusted systems will stay trustworthy. The future belongs to those who treat identity as the new perimeter and access as a living, breathing condition—not a one-time approval. When every token, credential, and agent is governed by context, time, and intent, trust becomes measurable—and defensible.

Because in a world where automation never sleeps, trust can’t either.

Art Poghosyan is the CEO of Britive, a cloud privileged access management software company. 

The post When trust turns toxic: Lessons from the Salesloft Drift incident appeared first on CyberScoop.

Isaac Burton // For as long as we have known about prototype pollution vulnerabilities, there has been confusion on what they are and how they can be exploited. We’re going […]

The post Hit the Ground Running with Prototype Pollution   appeared first on Black Hills Information Security, Inc..