Latest
Trending
Cyber Attacks
Data Breaches
Threat Intelligence
Critical Infrastructure
Policy & Government
Cybersecurity 101
Vulnerabilities
About Us
Weekly Briefing

API Security

Analysis of threats targeting Application Programming Interfaces (APIs). Covers broken object-level authorization (BOLA), mass assignment, and strategies for securing the modern data perimeter against unauthorized exfiltration.

Cracked browser window exposing API key with email icons leaking outward, representing ClickUp hardcoded API key flaw exposing enterprise and government data.

Data Breaches

ClickUp Hardcoded API Key Exposed Enterprise and Government Emails for Over a Year with No Fix

A hardcoded third-party API key embedded in ClickUp's publicly accessible website JavaScript exposed hundreds of corporate and government email addresses — along with thousands of internal product development flags — for more than a year with no authentication required to access the data. ClickUp has not issued a public statement.

29 Apr 2026

An API breach. A digital hand extracts Social Security cards and birth dates from a network vault labeled "Navia API.".

Data Breaches

Navia Discloses Data Breach Affecting 2.7 Million

Navia Benefit Solutions, a prominent administrator of health and employee benefits, has disclosed a major data breach affecting approximately 2.7 million people. The incident, involving unauthorized access to a database containing sensitive personal and health-related information, underscores the growing vulnerability of third-party benefit administrators in the healthcare supply chain.

20 Mar 2026

The CyberSignal

The CyberSignal delivers breaking cybersecurity news, data breach reports, vulnerability alerts, and threat intelligence for CISOs, IT leaders, and security professionals.

The CyberSignal

Daily Briefing
Weekly Briefing
Corrections
Privacy Policy

Powered by Ghost