4 Main API Security Risks Organizations Need to Address
Misconfigurations, weak authentication and logic flaws are among the main drivers of API security risks at many organizations.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Misconfigurations, weak authentication and logic flaws are among the main drivers of API security risks at many organizations.
An attack flow that combines API flaws within "log in with" implementations and Web injection bugs could affect millions of websites.
Threat actor dropped in to Dropbox Sign production environment and accessed emails, passwords, and other PII, along with APIs, OAuth, and MFA info.
Apple adds API that will enable sharing of passkeys across platforms, and Google offers passkey authentication in beta for Google Workspace and Google Cloud.
Current authentication methods are based on the bearer model, but lack of visibility into the entities leveraging API secrets has made this untenable.
Improper implementations of authentication APIs at a global crypto wallet service provider could have resulted in the loss of account control — and millions of dollars — from personal and business accounts.