This week, we have an interesting article on the dangers of API integrations in the education sector, and we cover recent incidents involving API vulnerabilities in two popular security platforms from Trellix and Aviatrix. We highlight a recent article by NordicAPIs on API misconfiguration vulnerabilities, and we share a useful list of recommended coding practices […]
Tag: api security
Issue 262: API incidents in Invoice Ninja, McDonald’s & Truecaller apps, Jetbrains survey, Postman data leaks
This week, we examine three recent API security incidents, uncovering valuable lessons to help you protect your APIs. We also highlight key insights from Jetbrains’ comprehensive developer survey, and explore an article on how teams inadvertently leak API keys and tokens through their Postman workspaces and what you can do about it. Breach: Black-listing fails […]
Issue 254: WhatsApp and IBM WebMethods vulnerabilities, 3rd-party API and LLM risks, API access controls
This week, we investigate a recent flaw in WhatsApp’s View Once privacy feature and also critical vulnerabilities reported in the IBM WebMethods integration platform. We highlight a NordicAPIs article on the risks from third-party API and LLMs, and an article on solving the challenges of fine-grained access control for APIs. There’s also an interesting webinar […]
Issue 246: Critical flaw in API portal, securing GraphQL, building bulletproof APIs
This week, we have news of a critical flaw with a popular API portal. We also have guides on securing GraphQL APIs and building bulletproof APIs and news of a new deliberately vulnerable API application. We also have an article on why fraud detection and API security must converge. Dana Epp wraps things up with […]