Snyk Learn, our developer security education platform, now includes lessons on API security! Check out the new learning path that covers the OWASP Top 10 for API security risks. APIs power the modern web, connecting applications and services in ways that drive innovation and efficiency. However, with this interconnectivity comes significant security risks.

On March 4, 2025, Broadcom released patches for three zero-day vulnerabilities exploited in the wild, affecting ESXi, Workstation, and Fusion. These vulnerabilities, discovered by Microsoft, range in severity from high to critical. Details of the exploitation have not been revealed at this time, and Arctic Wolf has not identified a public Proof-of-Concept (PoC) exploit.

Measuring enterprise risk posture—its overall security readiness and resilience—is a complex challenge. Advanced security solutions, such as automated vulnerability management tools and unified risk dashboards, enable organizations to defend their networks with unprecedented efficiency. The rapid expansion of cloud environments and the intricacies of modern IT infrastructures, however, present an increasingly dynamic attack surface.

Vulnerability management has always been a challenge, but today’s security teams are feeling the pressure more than ever. With thousands of new CVEs reported every month, the sheer volume makes it difficult to know where to focus. In-use vulnerability prioritization is one of the most effective ways to cut through the noise, focusing only on vulnerabilities that are actively loaded in runtime. To focus on what really matters, security teams need better ways to prioritize risk.

JWTs are often used by developers who seek to implement authentication over traditional cookie-based sessions. However, what happens when developers misunderstand JWT security and risk a severe broken authentication vulnerability?

As developers continue to adopt AI tools to transform their workflows, AI-generated code has become more common. In fact, 96% of developers reported using AI coding assistants to streamline their work. Although generative AI (GenAI) tools like ChatGPT can speed up workflows and boost productivity, the security and quality of the outputs aren’t guaranteed.

Today, Outpost24 is excited to announce the launch of its new CyberFlex solution, a flexible combination of ASM and PTaaS. With two-thirds of organizations having experienced a cyberattack via unmanaged internet-facing assets, the CyberFlex solution provides an unmatched approach to the comprehensive discovery, risk management, and protection of all your external-facing applications.