Tag: api
-
Verizon Business DBIR 2025 zeigt Einzelhandel zunehmend im Visier
Auch Angriffe auf Webshops mittels manipulierter Skripte (z. B. Magecart) bleiben ein Risiko. Dabei werden Kundendaten direkt im Bezahlprozess abgegriffen, zunehmend auch über APIs und Session-Tokens. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/verizon-business-dbir-2025-zeigt-einzelhandel-zunehmend-im-visier/a41977/
-
Shift from Reactive to Proactive: Leveraging Tenable Exposure Management for MSSP Success
Tags: access, ai, api, application-security, attack, best-practice, breach, business, cloud, compliance, control, cyber, cybersecurity, data, endpoint, exploit, framework, guide, identity, infrastructure, iot, mitre, mssp, risk, risk-management, service, technology, threat, tool, vulnerability, vulnerability-managementAn Exposure Management as a Service offering allows MSSPs to unify security visibility, insight and action across the attack surface to prioritize exposure and enable innovation that is secure and compliant. Whether you’re already leveraging Tenable Vulnerability Management as a Service or you’re just starting a service offering, we’ve got guidance for you. Key takeaways…
-
Imperva API Security: Authentication Risk Report”, Key Findings Fixes
An in-depth analysis of common JSON Web Token (JWT) mistakes, basic auth, long-lived tokens, and quick, high-impact fixes to secure your APIs. Introduction APIs are the backbone of modern digital services”, from mobile apps and e-commerce to banking and IoT. That scale and utility also make them prime targets. In our recent study of authentication-related…
-
Adobe Commerce and Magento users: Patch critical SessionReaper flaw now
app/etc/env.php and injecting malicious JavaScript via the REST API to harvest customer data.Adobe stated in its advisory that no active exploitation of SessionReaper has been observed so far. However, given the history of Magento and Adobe Commerce vulnerabilities, this could change quickly.”SessionReaper is among the most severe Magento vulnerabilities to date, comparable to Shoplift (2015),…
-
We’ve crossed the security singularity – Impart Security
Tags: access, ai, api, attack, authentication, breach, ciso, compliance, credentials, cyber, cyberattack, cybersecurity, data, data-breach, defense, detection, exploit, framework, group, hacker, incident response, injection, intelligence, Internet, msp, password, penetration-testing, ransomware, risk, risk-assessment, skills, software, sql, strategy, supply-chain, threat, update, vulnerability, zero-day, zero-trustThe Bottom Line: We’ve Crossed the Security Singularity “ The Security Singularity: When AI Democratized Cyberattacks We’ve crossed a threshold that fundamentally changes cybersecurity forever. Not with fanfare or headlines, but quietly, in the background of our AI-powered world. The expertise barrier that once separated script kiddies from sophisticated threat actors has simply… vanished. I…
-
What the Salesloft Drift breaches reveal about 4th-party risk
Tags: access, ai, api, attack, breach, control, data, data-breach, email, exploit, google, hacker, incident response, intelligence, monitoring, risk, risk-assessment, saas, soc, software, startup, supply-chain, technology, threat, tool, zero-trustFebruary 2024: SalesLoft acquires Drift, an AI-powered chatbot companyThe hidden legacy: Drift’s existing OAuth tokens to thousands of Salesforce and Google Workspace instances probably remained activeTime passes: Tokens and app permissions remain valid unless explicitly rotated or revoked.August 2025: Attackers abuse OAuth tokens associated with the Drift application to enumerate and exfiltrate Salesforce data; a…
-
Hackers hide behind Tor in exposed Docker API breaches
A threat actor targeting exposed Docker APIs has updated its malicious tooling with more dangerous functionality that could lay the foundation for a complex botnet. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-hide-behind-tor-in-exposed-docker-api-breaches/
-
Hackers hide behind Tor in exposed Docker API breaches
A threat actor targeting exposed Docker APIs has updated its malicious tooling with more dangerous functionality that could lay the foundation for a complex botnet. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-hide-behind-tor-in-exposed-docker-api-breaches/
-
Massive npm supply chain attack hits 18 popular packages with 2B weekly downloads
Tags: api, attack, blockchain, breach, crypto, data, detection, email, finance, github, malicious, malware, monitoring, network, open-source, phishing, risk, strategy, supply-chain, theft, tool, update, vulnerabilityFinancial impact surprisingly limited: Despite affecting packages with 2 billion weekly downloads, the actual financial impact was surprisingly modest. “We were tracking approximately $970 in stolen funds to attacker-controlled wallets,” Eriksen said, highlighting a significant disconnect between the attack’s potential reach and its realized damage.This limited financial impact reflected both the attackers’ operational carelessness and…
-
New Docker Malware Strain Spotted Blocking Rivals on Exposed APIs
Akamai finds new Docker malware blocking rivals on exposed APIs, replacing cryptominers with tools that hint at early botnet development. First seen on hackread.com Jump to article: hackread.com/new-docker-malware-blocking-rivals-exposed-apis/
-
New Docker Malware Strain Spotted Blocking Rivals on Exposed APIs
Akamai finds new Docker malware blocking rivals on exposed APIs, replacing cryptominers with tools that hint at early botnet development. First seen on hackread.com Jump to article: hackread.com/new-docker-malware-blocking-rivals-exposed-apis/
-
New Docker Malware Strain Spotted Blocking Rivals on Exposed APIs
Akamai finds new Docker malware blocking rivals on exposed APIs, replacing cryptominers with tools that hint at early botnet development. First seen on hackread.com Jump to article: hackread.com/new-docker-malware-blocking-rivals-exposed-apis/
-
Massive npm supply chain attack hits 18 popular packages with 2B weekly downloads
Tags: api, attack, blockchain, breach, crypto, data, detection, email, finance, github, malicious, malware, monitoring, network, open-source, phishing, risk, strategy, supply-chain, theft, tool, update, vulnerabilityFinancial impact surprisingly limited: Despite affecting packages with 2 billion weekly downloads, the actual financial impact was surprisingly modest. “We were tracking approximately $970 in stolen funds to attacker-controlled wallets,” Eriksen said, highlighting a significant disconnect between the attack’s potential reach and its realized damage.This limited financial impact reflected both the attackers’ operational carelessness and…
-
SessionReaper Vulnerability Puts Magento Adobe Commerce Sites in Hacker Crosshairs
Adobe has broken its regular patch schedule to address CVE-2025-54236, a critical vulnerability in Magento Commerce and open-source Magento installations. Dubbed “SessionReaper,” this vulnerability allows attackers to bypass input validation in the Magento Web API, enabling automated account takeover, data theft, and fraudulent orders without requiring valid session tokens. Adobe will release an emergency fix…
-
SessionReaper Vulnerability Puts Magento Adobe Commerce Sites in Hacker Crosshairs
Adobe has broken its regular patch schedule to address CVE-2025-54236, a critical vulnerability in Magento Commerce and open-source Magento installations. Dubbed “SessionReaper,” this vulnerability allows attackers to bypass input validation in the Magento Web API, enabling automated account takeover, data theft, and fraudulent orders without requiring valid session tokens. Adobe will release an emergency fix…
-
TOR-Based Cryptojacking Attack Expands Through Misconfigured Docker APIs
Cybersecurity researchers have discovered a variant of a recently disclosed campaign that abuses the TOR network for cryptojacking attacks targeting exposed Docker APIs.Akamai, which discovered the latest activity last month, said it’s designed to block other actors from accessing the Docker API from the internet.The findings build on a prior report from Trend Micro in…
-
New Malware Exploits Exposed Docker APIs to Gain Persistent Root SSH Access
The Akamai Hunt Team has uncovered a new strain of malware that targets exposed Docker APIs with expanded infection capabilities. First observed in August 2025 within Akamai’s honeypot infrastructure, this variant diverges from the June 2025 Trend Micro report by blocking other attackers from accessing the Docker API and delivering a modular payload rather than…
-
Argo CD Security Flaw Rated 9.8 Leaves GitOps Repositories Exposed
Tags: api, cloud, credentials, cve, cvss, data-breach, flaw, kubernetes, open-source, password, tool, vulnerabilityA security flaw in Argo CD, the popular open-source GitOps tool for Kubernetes, has been targeted at the DevOps and cloud-native communities. Tracked as CVE-2025-55190, the vulnerability has been rated critical with a CVSS score of 9.8 out of 10, as it allows attackers to retrieve sensitive repository credentials, including usernames and passwords, through a…
-
Critical Argo CD API Flaw Exposes Repository Credentials to Attackers
A major security flaw has been discovered in Argo CD, a popular open-source tool used for Kubernetes GitOps deployments. The vulnerability allows project-level API tokens to expose sensitive repository credentials, such as usernames and passwords, to attackers. The issue has been classified as critical with a CVSS score of 9.8/10 and is tracked asCVE-2025-55190. The…
-
MeetC2 A serverless C2 framework that leverages Google Calendar APIs as a communication channel
MeetC2 is a PoC C2 tool using Google Calendar to mimic cloud abuse, helping teams test detection, logging, and response. Background:Modern adversaries increasingly hide command-and-control (C2) traffic inside cloud services. We built this proof of concept (PoC) to study and demonstrate those techniques in a controlled way, emulating those tactics so red and blue teams…
-
Max severity Argo CD API flaw leaks repository credentials
An Argo CD vulnerability allows API tokens with even low project-level get permissions to access API endpoints and retrieve all repository credentials associated with the project. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/max-severity-argo-cd-api-flaw-leaks-repository-credentials/
-
10 Best Attack Surface Management (ASM) Companies in 2025
Attack Surface Management (ASM) is a proactive cybersecurity discipline that helps organizations identify, analyze, and remediate all of their internet-facing assets and potential vulnerabilities. It goes beyond traditional vulnerability scanning to find and continuously monitor unknown or unmanaged assets, such as rogue cloud instances, misconfigured APIs, and shadow IT, that attackers use as entry points.…
-
Hackers Exploit Google Calendar API with Serverless MeetC2 Framework
A novel serverless command-and-control (C2) technique that abuses Google Calendar APIs to obscure malicious traffic inside trusted cloud services. Dubbed MeetC2, this lightweight, cross-platform proof-of-concept demonstrates how adversaries can seamlessly blend C2 communications into everyday SaaS usage, presenting fresh detection, telemetry, and response challenges for red and blue teams alike. In a recent internal purple-team…
-
SHARED INTEL QA: Inside the mind of a hacker, shadowing adversaries across API pathways
In today’s digital economy, business starts with the application. Increasingly, the critical activity lives in the APIs that support it. Related: The hidden cost of API security laspses For Jamison Utter, Field CISO at A10 Networks, this moment marks… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/shared-intel-qa-inside-the-mind-of-a-hacker-shadowing-adversaries-across-api-pathways/
-
Reflecting on Wallarm’s Journey: Growth, Resilience, and What Comes Next
By Ivan Novikov and Stepan Ilyin When we started Wallarm, we focused on the APIs that power modern apps. We built an API-first platform, used AI from day one, and secured early patents in behavior-based detection and automated policy creation. The result: real-time, inline blocking with automatic API discovery that protects production, not just dashboards.…