Security Boulevard

What are Refresh Tokens? Complete Implementation Guide & Security Best Practices

Learn how refresh tokens work in enterprise SSO. This guide covers implementation, rotation, and security best practices for CIAM systems.
InfoWorld

Open WebUI bug turns the ‘free model’ into an enterprise backdoor

The bug allows attacker-controlled model servers to inject code, steal session tokens, and, in some cases, escalate to remote ...
Security Boulevard

Bearer Token vs JWT: Understanding the Relationship & Differences

Explore the relationship between Bearer Tokens and JWTs in Enterprise SSO and CIAM. Understand their differences, security aspects, and how they're used in authentication and authorization.
Dark Reading

150,000 Packages Flood NPM Registry in Token Farming Campaign

Amazon researchers discovered more than 150,000 malicious packages in the NPM registry, in what they called "a defining moment in supply chain security." The packages were part of a token farming ...
Insider Monkey

HUB Cyber Security Outlines Visionary HUB Token Roadmap to Enable Frictionless Stablecoin, Crypto, and Remittance Transactions Through Self-Sovereign Identity

Platform Targets $1.2 Trillion in Digital Financial Transactions by Enabling Seamless, Compliant Value Transfer With this roadmap, HUB will integrate its AI-native Secured Data Fabric (SDF) with ...
Business Insider

Token Security Named One of the Top 50 Most Promising Startups of 2025 by The Information

NEW YORK, Nov. 05, 2025 (GLOBE NEWSWIRE) -- Token Security, the leader in agentic AI and Non-Human Identity (NHI) security, today announced it has been named one of The Information’s “50 Most ...
Bleeping Computer

Open VSX rotates access tokens used in supply-chain malware attack

The Open VSX registry rotated access tokens after they were accidentally leaked by developers in public repositories and allowed threat actors to publish malicious extensions in a supply chain attack.
TechCrunch

The glaring security risks with AI browser agents

New AI-powered web browsers such as OpenAI’s ChatGPT Atlas and Perplexity’s Comet are trying to unseat Google Chrome as the front door to the internet for billions of users. A key selling point of ...
IEEE

Enhancing Security in Data Exchange: Mitigating Risks Solutions in Base64 Encoding and JSON Web Tokens

Abstract: This paper evaluates the relationship between Base64 encoding and JSON Web Tokens (JWTs) in the context of authentication and authorization and proposes solutions for reducing security risks ...
Forbes

Why Non-Human Identity Security Is A Big Data Problem

Itamar Apelblat is the CEO and Co-Founder of Token Security, a serial entrepreneur and former IDF Unit 8200 cybersecurity leader. The convergence of AI and non-human identities (NHIs) has created an ...
Bleeping Computer

GitHub tightens npm security with mandatory 2FA, access tokens

GitHub is introducing a set of defenses against supply-chain attacks on the platform that led to multiple large-scale incidents recently. The attacks led to the compromise of thousands of accounts and ...