-
Issue 184: RCE in F5 BIG-IP suite, API security maturity, hardening GCP implementations Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 183: API vulnerability in VeryFitPro, exposed Docker APIs targeted by botnets, TruffleHog finds stored credentials Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 182: Drupal patches API vulnerability, Google Cloud on API security challenges, guide to OAuth2 Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 181: Vulnerability in Wavlink router, API exposing system passwords, views on internal APIs Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 180: API vulnerability in Easy!Appointments platform, new APIs compromising security Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 179: Spring4Shell zero-day, CRI-O container runtime vulnerability, and REST API security reference Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 178: Six areas for Cloud-native security, API governance, DevOps for improved API security, locking down APIs Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 177: Vulnerabilities in Veeam product, RCE in Parse Server module, insecure API threat to mobile apps Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 176: Case study of API vulnerabilities, Riverbed vulnerability, API abuse, JWT safety Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 175: Vulnerabilities affecting Cisco platforms, GitLab instances, and campus access control Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 174: APIs increasingly used for account takeover, API hacking book, OAuth in Postman Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 173: Coinbase vulnerability, AuthN/AuthZ best practices, bad bots, Elgato Key light hack Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 172: Argo CD vulnerability, state of API security survey, API testing with Zap and Postman Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 171: DPD parcel tracking flaw, Apache Pulsar and Casdoor vulnerabilities, trends in API industry Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 170: DevSecOps approach to API security, F5 vulnerabilities, ten API integration trends Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 169: Insecure API in WordPress plugin, Tesla 3rd party vulnerability, introducing vAPI Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 168: Safari 15 IndexedDB API vulnerability, a pair of AWS vulnerabilities, and an API security podcast Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 167: Uber bug allows spoof emails, partner-facing APIs on the rise, omnichannel APIs increase risk Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 166: Securing large API ecosystems, creating OpenAPI from HTTP traffic, Frankenstein APIs, and API proliferation Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 165: Vulnerability in All in One WordPress plugin, why to treat all APIs as public, a beginner’s guide to API security Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 164: Log4Shell vulnerability, API sprawl an increasing threat, API security design best practices, Zero Trust for APIs Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 163: Why API security strategies fail, AWS keynote on good API design, biggest breaches in 2021 Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 162: Compromised Google Cloud accounts, GraphQL as API gateway, API security guide and training Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 161: Vulnerability in Wipro Holmes Orchestrator, report into vulnerabilities in FinTech and banking apps Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 160: Vulnerability in AWS API gateway, Kubernetes API access hardening guide Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 159: Vulnerability in GoCD CI/CD platform, views on full lifecycle API security, articles on API security and sprawl Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 158: Data of 400 000 students exposed, 1 million sites affected by plugin vulnerabilities, views on GraphQL Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 157: Unsafe defaults in Prometheus, mapping API attack surfaces, OpenAPI file trend analysis Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 156: FHIR APIs vulnerable to abuse, 3D printers facing hijacking risk, API security webinar Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 155: Vulnerability in BrewDog mobile app, APIClarity at KubeCon, API attacks in Open Banking Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 154: Views on APIs and security, report into API misconfiguration, detecting malicious API activity Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 153: Rapid proliferation of APIs, WordPress API vulnerability, false-negative API scanning Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 152: Exposed API keys and tokens, SAST/DAST for API security testing, the value of API specifications Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 151: WordPress 5.8.1 security patch, API botnet attacks report, articles on API tokens and API discovery Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 150: Vulnerability in Fortress home security system, API fuzzing techniques, hardening GraphQL implementations, and central governance for APIs Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 149: Vulnerabilities on Cisco routers and Bumble, adopting Zero Trust for APIs, a hacker’s view on API security challenges Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 148: Microsoft Power Apps breach, BOLA on Topcoder portal, RFC 9101 released, API hacking guide Posted on by Colin Domoney
in
Newsletter Archive
-
Issue 147: Vulnerabilities in SEOPress plugin and Steam portal, results from an application security survey Posted on by Colin Domoney
in
Newsletter Archive