APIsecurity.io

Newsletter Image

Messages

1/13/2022
15 : 24

APISecurity.io Newsletter: Issue 167

Hi, this week, we have a long-standing vulnerability on a public-facing internal API on Uber, which allowed attackers to spoof emails. APISecurity 42C Email Header 900x128px-26 The Latest API Security
1/7/2022
8 : 4

APISecurity.io Newsletter: Issue 166

Hi, this week, we have a comprehensive article on approaches to securing large API ecosystems, how to create OpenAPI from HTTP traffic APISecurity 42C Email Header 900x128px-26 The Latest API Security
12/23/2021
15 : 14

APISecurity.io Newsletter: Issue 165

Hi, this week, we have news of another high severity vulnerability in a WordPress plugin, this time the popular All in One allowing compromise APISecurity 42C Email Header 900x128px-26 The Latest API
12/17/2021
2 : 4

APISecurity.io Newsletter: Issue 164

Hi, this week, we have news on the Log4Shell vulnerability affecting applications and infrastructure using the ubiquitous Log4j library. APISecurity 42C Email Header 900x128px-26 The Latest API
12/9/2021
14 : 4

APISecurity.io Newsletter: Issue 163

Hi, this week, we have an article on seven reasons why API security strategies are failing, details on the recent keynote by Werner Vogels. APISecurity 42C Email Header 900x128px-26 The Latest API
12/2/2021
15 : 14

APISecurity.io Newsletter: Issue 162

Hi, this week, we have details of compromised Google Cloud accounts being used to mine cryptocurrency (with weak or no passwords on APIs) APISecurity 42C Email Header 900x128px-26 The Latest API
11/25/2021
15 : 4

APISecurity.io Newsletter: Issue 161

Hi, this week, we have details of a vulnerability in the AI platform Wipro Holmes Orchestrator, allowing the download of arbitrary files. 42Crunch APISec EmailTemplate Header v3 The Latest API Security
11/18/2021
9 : 14

APISecurity.io Newsletter: Issue 160

Hi, this week, we have a vulnerability in the AWS API gateway that allows a potential cache-poisoning attack, disclosed at a recent conference APIsecurity.io The Latest API Security News,
11/11/2021
15 : 24

APISecurity.io Newsletter: Issue 159

Hi, this week, we have news of a high criticality vulnerability on GoCD, a common open-source CI/CD system. APIsecurity.io The Latest API Security News, Vulnerabilities and Best Practices Issue: #159
11/4/2021
14 : 24

APISecurity.io Newsletter: Issue 158

Hi, this week, we have news on a breach affecting 400 000 users of a popular German school app, and another vulnerability in a popular WordPress plugin. APIsecurity.io The Latest API Security News,
10/28/2021
14 : 24

APISecurity.io Newsletter: Issue 157

Hi, this week, we have details of a potential vulnerability in existing Prometheus installations, a tool to map their API attack surface APIsecurity.io The Latest API Security News, Vulnerabilities and
10/21/2021
14 : 14

APISecurity.io Newsletter: Issue 156

Hi, this week we have a report from Alissa Knight on Fast Healthcare Interoperability and Resources APIs being vulnerable to abuse APIsecurity.io The Latest API Security News, Vulnerabilities and Best
10/14/2021
14 : 24

APISecurity.io Newsletter: Issue 155

Hi, this week, we have a vulnerability in the BrewDog mobile app exposing users' PII, Cisco has announced the arrival of their APIClarity APIsecurity.io The Latest API Security News,
10/7/2021
14 : 14

APISecurity.io Newsletter: Issue 154

Hi, this week, we have a viewpoint on what security officers can do to address API security. There's also a report from IBM. APIsecurity.io The Latest API Security News, Vulnerabilities and Best
9/30/2021
14 : 34

APISecurity.io Newsletter: Issue 153

Hi, this week, we have an article on how API proliferation is opening up security holes, another vulnerability in WordPress REST API, again through a third-party plugin. In addition, we look into the
9/23/2021
14 : 24

APISecurity.io Newsletter: Issue 152

Hi, this week, we have a breach involving exposed API keys for payment integration, leaked API tokens on Travis CI. APIsecurity.io The Latest API Security News, Vulnerabilities and Best Practices Issue
9/16/2021
14 : 34

APISecurity.io Newsletter: Issue 151

Hi, this week, we have details on the security patch in WordPress 5.8.1 fixing an issue on the REST API, a report on the rise of botnet attack APIsecurity.io The Latest API Security News,
9/9/2021
14 : 14

APISecurity.io Newsletter: Issue 150

Hi, this week, we have recent vulnerabilities in the Fortress home security system that allowed an attacker to remotely disable the system APIsecurity.io The Latest API Security News, Vulnerabilities
9/2/2021
5 : 4

APISecurity.io Newsletter: Issue 149

Hi, this week we have vulnerabilities on Cisco routers allowing device takeover, a vulnerability on the Bumble app disclosing user's location APIsecurity.io The Latest API Security News,
8/26/2021
14 : 34

Issue 148: Microsoft Power Apps breach, BOLA on Topcoder portal, RFC 9101 released, API hacking guide

Hi this week, we have Microsoft Power Apps demonstrating the dangers of lax default settings e, yet another (BOLA/IDOR) vulnerability. APIsecurity.io The Latest API Security News, Vulnerabilities and