API Archives - Security Affairs

Pierluigi Paganini February 02, 2023

API management (APIM): What It Is and Where It’s Going

Analyzing the concept of API management (APIM), its benefits, and what it will look like as the API landscape continues to evolve. There are two fundamental truths in the API landscape. So, where does this leave businesses that want to leverage the power of APIs? For starters, they need to invest in an API security […]

Pierluigi Paganini June 14, 2022

API Security Best Practices

Organizations face the constant need to protect these APIs from attacks so they can protect organizational data. Organizations are rapidly opening their ecosystem through Application Programming Interfaces (API) by ensuring seamless access to data and interaction with external software components and services. APIs are the gateway to providing the high security of data in an […]

Pierluigi Paganini September 25, 2020

Twitter warns developers of possible API keys leak

Twitter is warning developers that their API keys, access tokens, and access token secrets may have been exposed in a browser’s cache. Twitter is sending emails to developers to warn them that their API keys, access tokens, and access token secrets may have been exposed in a browser’s cache. According to the social media firm, […]

Pierluigi Paganini February 04, 2020

Hackers abused Twitter API to match usernames to phone numbers

Twitter discloses a security incident involving third-parties that exploited its official API to match phone numbers with Twitter usernames. On December 24, 2019 the company discovered that its API were exploited by a large network of fake accounts to match Twitter usernames to phone numbers. The company immediately suspended the involved accounts. “On December 24, 2019 we […]

Pierluigi Paganini January 01, 2020

Expert finds Starbucks API Key exposed online

Developers at Starbucks left exposed an API key that could be used by an attacker to access internal systems and manipulate the list of authorized users. The development team at Starbucks left exposed an API key that could be used by an attacker to access company internal systems and manipulate the list of authorized users. […]

Pierluigi Paganini October 09, 2018

Project Strobe, what will change after the Google security breach?

Google announced a security breach that may have exposed data of over 500,000 users of its Google+ social network, these are the measures in response to the incident. Yesterday Google announced a security breach that may have exposed data of over 500,000 users of its Google+ social network. Security experts and privacy advocated criticized the […]

Pierluigi Paganini August 12, 2015

Facebook API flaw Left 1.44 Billion Users’ Identities at risk

A security flaw in the Facebook API allows hackers to decrypt and scan user IDs, nearly 1.44 billion Facebook users are at risk of identity theft. The security researcher Reza Moaiandin, Technical Director at Salt Agency, discovered a flaw in Facebook’s API that can allow hackers to scan for user ID, and that leaves about […]

Pierluigi Paganini April 01, 2015

A researcher discovered two security issues in the GITHUB platform

A security researcher discovered a couple of security issues on GitHub platform explaining how it is possible to exploit them in real attack scenarios. The researcher David Sopas (@dsopas) from Websegura discovered a couple of security issues in the coding website GitHub that were ranked by the company as minor, but that could expose users to cyber attacks. […]

Pierluigi Paganini March 25, 2015

Instagram API could be exploited to serve malicious links

A security researcher has discovered a reflected filename download vulnerability affecting the Instagram API that could be exploited to share malicious links. The security researcher David Sopas from WebSegura has discovered a serious vulnerability in the Instagram API that could be exploited by hackers to post a link to a web resource they manage. By exploiting […]

API

API management (APIM): What It Is and Where It’s Going

API Security Best Practices

Twitter warns developers of possible API keys leak

Hackers abused Twitter API to match usernames to phone numbers

Expert finds Starbucks API Key exposed online

Project Strobe, what will change after the Google security breach?

Facebook API flaw Left 1.44 Billion Users’ Identities at risk

A researcher discovered two security issues in the GITHUB platform

Instagram API could be exploited to serve malicious links

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Severe Hikvision HikCentral product flaws: What You Need to Know

U.S. CISA adds TP-Link Archer C7(EU) and TL-WR841N flaws to its Known Exploited Vulnerabilities catalog

Crooks turn HexStrike AI into a weapon for fresh vulnerabilities

Google addressed two Android flaws actively exploited in targeted attacks

U.S. CISA adds WhatsApp, and TP-link flaws to its Known Exploited Vulnerabilities catalog

QUICK LINKS

API

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!