The Hacker News

OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps

CVE-2025-59363 "allowed attackers with valid API credentials to enumerate and retrieve client secrets for all OIDC ...

Alpaca rolls out network enabling direct tokenization of US stocks

Alpaca’s new network enables institutions to mint and redeem tokenized US stocks directly, offering in-kind settlement and around-the-clock access.