Connect with us
The REST API of Plesk was vulnerable to client-side request forgery (CSRF), which could lead to multiple potential attacks, including malicious file upload and the takeover of the...
The hacker who claimed to have breached Optus and stolen the data of 11 million customers has withdrawn their extortion demands after facing increased attention by...
API-related security vulnerabilities continue to be a thorn in the side of organizations, with access control flaws now associated with high-severity CVEs. According to a new...
Popular open source hacking tool GoTestWAF has become the first utility of its type to evaluate API security platforms, Black Hat USA attendees have learned. Launched in April 2020,...
Cybersecurity researchers have uncovered a set of 3,207 mobile apps that are exposing Twitter API keys to the public, potentially enabling a threat actor to take...
A poor implementation of Ed25519, a popular digital signature algorithm, has left dozens of cryptography libraries vulnerable to attacks. According to Konstantinos Chalkias, a cryptographer at...
API insecurity is responsible for between 4.1% and 7.5% of cybersecurity incidents, according to a new study. The study, conducted by the Marsh McLennan Cyber Risk...
More than 60 instances of a web security flaw in the Swagger-UI library that potentially leads to account takeover have been reported to impacted organizations. Bug...
The Open Web Application Security Project (OWASP) has fixed a vulnerability in its Enterprise Security API (ESAPI) that, if left unresolved, might have been abused to run path traversal attacks. The issue,...
Docker APIs on Linux servers are being targeted by a large-scale Monero crypto-mining campaign from the operators of the Lemon_Duck botnet. Cryptomining gangs are a constant threat to...
Recent Comments