API security

40% of COVID-19 contact tracing apps lack basic protections
Guardsquare announced the release of a report which reassesses the levels of security protections and privacy risks of COVID-19 contact tracing apps. The report found that of …

Three immediate steps to take to protect your APIs from security risks
In one form or another, APIs have been around for years, bringing the benefits of ease of use, efficiency and flexibility to the developer community. The advantage of using …

Credential stuffing is just the tip of the iceberg
Credential stuffing attacks are taking up a lot of the oxygen in cybersecurity rooms these days. A steady blitz of large-scale cybersecurity breaches in recent years have …

Swap Detector: Open source tool for detecting API usage errors
GrammaTech has released Swap Detector, an open source tool that enables developers and DevOps teams to identify errors due to swapped function arguments, which can also be …

Meetup vulnerabilities enabled group takeovers, payment redirections
Two high-risk vulnerabilities in Meetup, a popular online service that’s used to create groups that host local in-person events, allowed attackers to easily take over …

Running ConnectWise Automate on-prem? Fix this high-risk API vulnerability
ConnectWise has fixed a high-severity vulnerability affecting a ConnectWise Automate API and is urging users who run the solution on their premises to implement the provided …

Understanding cyber threats to APIs
This is the fourth of a series of articles that introduces and explains API security threats, challenges, and solutions for participants in software development, operations, …

Factors driving API growth in industry
This is third in a series of articles that introduces and explains application programming interfaces (API) security threats, challenges, and solutions for participants in …

Application threats and security trends you need to know about
Applications are a gateway to valuable data, so it’s no wonder they are one of attackers’ preferred targets. And since modern applications aren’t a …

Growth of APIs for new services
This is the second of a series of articles that introduces and explains API security threats, challenges, and solutions for participants in software development, operations, …

Understanding the basics of API security
This is the first of a series of articles that introduces and explains application programming interfaces (API) security threats, challenges, and solutions for participants in …

Most credential abuse attacks against the financial sector targeted APIs
From May 2019 and continuing on until the end of the year, there was a dramatic shift by criminals who started targeting APIs, in an effort to bypass security controls. …
Featured news
Resources
Don't miss
- Google patches actively exploited Chrome (CVE‑2025‑6554)
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)