API security is becoming more important by the day and skilled practitioners are in high demand. Now’s the time to level up your API security skillset. Wallarm University, our free training course, provides security analysts, engineers, and practitioners with hands-on skills you can’t get from documentation, videos, or traditional courses. Run real attacks, investigate real signals, and learn exactly how to defend API environments when it counts. Here are the 7 reasons you should register. …
Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator series of movies? Well, maybe not! Researchers recently discovered that one AI agent can “inject malicious instructions into a conversation, hiding them among otherwise benign client requests and server responses.” While known AI threats involve tricking an agent with malicious data, this new threat exploits a property of the Agent2Agent (A2A) protocol to remember recent interactions and maintain coherent conversations.…
Lefteris Tzelepis, CISO at Steelmet /Viohalco Companies, was shaped by cybersecurity. From his early exposure to real-world attacks at the Greek Ministry of Defense to building and leading security programs inside complex enterprises, his career mirrors the evolution of the CISO role itself. Now a group CISO overseeing security across multiple organizations, Lefteris brings a practitioner’s mindset to leadership and incident response. In this spotlight, he shares how military-grade security thinking influenced his approach, why…
This is a predictions blog. We know, we know; everyone does them, and they can get a bit same-y. Chances are, you’re already bored with reading them. So, we’ve decided to do things a little bit differently this year. Instead of bombarding you with just our own predictions, we’ve decided to cast the net far and wide. We’ve spoken to cybersecurity experts from around the world to answer what’s, for us, the most pressing question…
The attack landscape has been dynamic following the disclosure of the React Server Components RCE vulnerability. New information has emerged regarding the initial Proof-of-Concept exploit, as well as improved detection methods, exploitation mechanics observed in the wild, and rapidly growing attack activity. This update summarizes the changes and observations we have made across Wallarm customers. The First PoC Exploit Was Not Real Soon after the vulnerability was disclosed, an early PoC began circulating on GitHub.…
As the year draws to a close, it’s worth pausing to look back on what has been an extraordinary year for Wallarm and, more importantly, for the businesses we protect. If 2024 was about laying the groundwork (tracking API sessions to understand behavioral attacks), then 2025 was the year we built upon that foundation, turning insight into action and visibility into measurable business impact. API Sessions: From Observation to Action We started the API sessions…
