Weekly

This week, we learn about the recent serious API vulnerability in VMware vCenter (if you have one, update ASAP!), why query and path …

This week, we take a look at the recent data spill incident at Clubhouse, the (poor) state of API security in major healthcare mobile …

This week, we take a look at the recent API vulnerability at chess.com, resources for GraphQL API security, and some API security advice …

This week, we take a look at the recently discovered API attack in NoxPlayer, the latest annual “State of Web Application Security” …

This week, we check out a potential exposure of APIs developed with Spring Framework and OAuth 2.0 attack classification. There’s also a …

This week, we look into some recent API vulnerability reports on YouTube and Amazon’s Ring Neighbors app, there is a new proposed …

This week, we check out the recent API vulnerabilities at Facebook and Parler, there is a new GraphQL discovery tool called clairvoyance, …

This week, we revisit the API aspects of the SolarWinds breach and check out how APIs featured in the recent Ledger breach. There is also …

This week, we check out the API aspects of the recent SolarWinds and PickPoint breaches. Also, we have a review on how to shift API …

This week, we take a look at the recent API vulnerabilities reported at YouTube and 1Password, a detailed OpenID Connect (OIDC) security …

This week, we have the recently reported API vulnerability in Duffel’s Paginator, a new API fuzzer from Microsoft Research, an upcoming …

This week, we take a look at the recent API security issues with Resource-Based Policy APIs at Amazon Web Services (AWS), Backup Gateway …