News • Insights • Analysis
A security flaw in OpenAI’s ChatGPT application programming interface could be used to initiate a distributed denial-of-service attack on websites, according to a researcher. The discovery was made by Benjamin Flesch, a security researcher in Germany, who detailed the vulnerability Read More …
This Trend Micro research discusses real-world API vulnerabilities and shows the risks companies face every day. We start our journey with two popular API gateways: APISIX and Kong. The researchers found over 600 APISIX instances and hundreds of thousands of Read More …
An increasing number of threats have begun to leverage the Microsoft Graph API, usually to facilitate communications with command-and-control (C&C) infrastructure hosted on Microsoft cloud services. The technique was most recently used in an attack against an organization in Ukraine, Read More …
Today’s browsers are almost operating systems unto themselves. They can run software programs and encrypt files. These capabilities, combined with the browser’s access to the host computer’s files – including ones in the cloud, shared folders and external drives – Read More …
Like much Android malware today, this malware abuses the Accessibility API. This API is used to automatically perform UI actions. For example, the malicious sample uses the Accessibility API to record device unlocking gestures. Newer, this SpyNote sample uses the Read More …
Real-time chat and video services available within telemedicine, finance, and smart IoT device applications used by millions of people, rely on the popular QuickBlox framework. QuickBlox supplies mobile and web application developers with a SDK and APIs to deliver not Read More …
A data leak described as containing email addresses for over 200 million Twitter users has been published on a popular hacker forum for about $2. BleepingComputer has confirmed the validity of many of the email addresses listed in the leak. Read More …
A bug in Google Home smart speaker allowed installing a backdoor account that could be used to control it remotely and to turn it into a snooping device by accessing the microphone feed. While experimenting with his own Google Home Read More …
Application programming interface (API) security vulnerabilities have been discovered in a LEGO resale platform owned by LEGO® Group, which could have put sensitive customer information at risk. An investigation by Salt Security’s research team, Salt Labs, found two API security Read More …
The connectivity that we’ve experienced of late has improved at an unprecedented speed and scale largely because application programming interfaces (APIs) enable the seamless integration of different systems from different entities. APIs integrate data and services between businesses and third-party Read More …