Collecting Cyber-News from over 60 sources

Tag: api

PCI DSS 4.0 Compliance Requires a New Approach to API Security

Mar 27, 2025 9:37 PM

Tags: api, compliance, data, exploit, finance, malicious, PCI, service, threat

Retailers, Financial Services, and the API Security Wake-Up Call With the PCI DSS 4.0 compliance deadline fast approaching, Cequence threat researchers have uncovered troubling data: 66.5% of malicious traffic is targeting retailers. And attackers aren’t just after payment data. They’re weaponizing APIs to exploit every stage of the digital buying process. The conclusions in this……
CVE-2025-29927: Next.js Middleware Authorization Bypass Flaw

Mar 27, 2025 7:34 PM

Tags: access, api, attack, control, cve, cvss, data, exploit, flaw, malicious, risk, router, theft, unauthorized, update, vulnerability

IntroductionOn March 21, 2025, a critical vulnerability, CVE-2025-29927, was publicly disclosed with a CVSS score of 9.1, signifying high severity. Discovered by security researcher Rachid Allam, the flaw enables attackers to bypass authorization checks in Next.js Middleware, potentially granting unauthorized access to protected resources. This poses a risk to applications that rely on Middleware to…
Reality Bites: You’re Only as Secure as Your Last API Deployment

Mar 27, 2025 1:34 PM

Tags: access, api, application-security, attack, authentication, best-practice, breach, business, compliance, control, data, data-breach, endpoint, exploit, finance, fintech, flaw, framework, governance, guide, healthcare, mobile, monitoring, risk, service, startup, strategy, threat, tool, unauthorized, update, vulnerability

In agile and DevOps-driven environments, APIs are frequently updated to meet evolving business demands, from adding new features to addressing performance issues. However, each deployment introduces potential security risks, as new code, configurations, and endpoints can expose vulnerabilities. In an environment of continuous integration and continuous deployment (CI/CD), the security of an organization’s APIs hinges…
CoffeeLoader: A Brew of Stealthy Techniques

Mar 26, 2025 10:34 PM

Tags: access, antivirus, api, attack, backup, cloud, communications, computer, control, data, detection, edr, encryption, endpoint, group, Hardware, iphone, malware, mobile, network, open-source, RedTeam, software, threat, tool, vulnerability, windows

IntroductionZscaler ThreatLabz has identified a new sophisticated malware family that we named CoffeeLoader, which originated around September 2024. The purpose of the malware is to download and execute second-stage payloads while evading detection by endpoint-based security products. The malware uses numerous techniques to bypass security solutions, including a specialized packer that utilizes the GPU, call…
Securing Canada’s Digital Backbone: Navigating API Compliance

Mar 26, 2025 8:35 PM

Tags: api, attack, authentication, best-practice, breach, compliance, cyber, data, detection, encryption, flaw, framework, governance, government, infrastructure, monitoring, regulation, risk, service, strategy, threat, vulnerability

Highlights: Understanding Canadian API Standards: Key principles for secure government API development. Critical Importance of API Security: Why robust protection is vital for citizen data. Compliance and Trust: How adherence to standards builds public confidence. Key Security Considerations: Essential practices for Canadian organizations. Salt Security’s Alignment: How the Salt API Security Platform supports Canadian government…
Understanding RDAP: The Future of Domain Registration Data Access

Mar 26, 2025 6:13 AM

Tags: access, api, attack, authentication, china, compliance, control, cyber, cybercrime, cybersecurity, data, detection, exploit, framework, fraud, GDPR, incident response, infrastructure, intelligence, Internet, law, malicious, malware, phishing, privacy, regulation, service, threat, tool, vulnerability
The Unseen Battle: How Bots and Automation Threaten the Web

Mar 25, 2025 6:13 PM

Tags: api, automation, control

New research from F5 Labs examined over 200 billion web and API traffic requests from businesses with bot controls in place. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/the-unseen-battle-how-bots-and-automation-threaten-the-web/
API Security: Another Critical Asset Under Threat

Mar 24, 2025 6:13 PM

Tags: api, cyber, defense, threat, vulnerability

Adam Arellano of Traceable by Harness on Creating Multi-Layered Defense. Increasingly, APIs are in cyber adversaries’ crosshairs. What creates vulnerability complexities in API environments, and what can be done to create a more effective, multi-layered defense? Adam Arellano of Traceable by Harness discusses how AWS and Traceable tackle this challenge. First seen on govinfosecurity.com Jump…
Cloudflare now blocks all unencrypted traffic to its API endpoints

Mar 23, 2025 10:13 PM

Tags: api, endpoint

Cloudflare announced that it closed all HTTP connections and it is now accepting only secure, HTTPS connections for api.cloudflare.com. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cloudflare-now-blocks-all-unencrypted-traffic-to-its-api-endpoints/
Imperva Named a Leader in Forrester Wave: Web Application Firewall (WAF) Solutions: A Continued Legacy of Excellence

Mar 21, 2025 3:13 PM

Tags: api, firewall, waf

In today’s digital-first environment, protecting web applications and APIs is a critical priority for businesses. Organisations seek trusted solutions that balance robust protection, scalability, and ease of use. It’s no surprise that Imperva has been named a Leader in the Forrester Wave: Web Application Firewall (WAF), Q1 2025. For us, this recognition further solidifies Imperva’s……
Cloudflare Shifts to HTTPS-Only for APIs, Closing All HTTP Ports

Mar 21, 2025 7:13 AM

Tags: api, cyber, data, privacy, unauthorized

Cloudflare has announced that it will shift its APIs to HTTPS-only connections, effectively closing all HTTP ports. This strategic decision aims to protect sensitive data from being intercepted by unauthorized parties during transmission. The change marks a crucial step forward in the company’s mission to safeguard users’ privacy and ensure the integrity of online communications.…
70% of leaked secrets remain active two years later

Mar 20, 2025 7:13 AM

Tags: api, breach, credentials, data-breach

Long-lived plaintext credentials have been involved in most breaches over the last several years, according to GitGuardian. When valid credentials, such as API keys, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/20/leaked-secrets-threats-in-cybersecurity/
How to detect Headless Chrome bots instrumented with Playwright?

Mar 20, 2025 6:14 AM

Tags: api, browser, chrome, credentials, tool

Headless Chrome bots powered by Playwright have become a go-to tool for bot developers due to their flexibility and efficiency. Playwright’s cross-browser capabilities, coupled with an API similar to Puppeteer and the lightweight nature of Headless Chrome, make it a powerful choice for tasks like web scraping, credential First seen on securityboulevard.com Jump to article:…
Critical vulnerability in AMI MegaRAC BMC allows server’ takeover

Mar 19, 2025 1:52 AM

Tags: access, advisory, api, apt, attack, authentication, control, credentials, cve, cyberespionage, cybersecurity, data, data-breach, endpoint, exploit, firewall, firmware, flaw, group, infrastructure, Internet, linux, malicious, malware, network, ransomware, supply-chain, technology, training, update, vulnerability

th vulnerability that Eclypsium researchers found in MegaRAC, the BMC firmware implementation from UEFI/BIOS vendor American Megatrends (AMI). BMCs are microcontrollers present on server motherboards that have their own firmware, dedicated memory, power, and network ports and are used for out-of-band management of servers when their main operating systems are shut down.Administrators can access BMCs…
Tomcat PUT to active abuse as Apache deals with critical RCE flaw

Mar 18, 2025 1:53 PM

Tags: apache, api, attack, authentication, backdoor, cve, cvss, data, encryption, exploit, flaw, malicious, rce, remote-code-execution, tactics, threat, update, vulnerability

) exploit released for the flaw, CVE-2025-24813, just 30 hours after it was publicly disclosed.”A devastating new remote code execution (RCE) vulnerability is now actively exploited in the wild,” Wallarm said in a blog post. “Attackers need just one PUT API request to take over vulnerable Apache Tomcat servers.”PUT API requests are used to update…
Top 10 Non-Human Identities Risks by OWASP

Mar 18, 2025 12:52 PM

Tags: api, application-security, risk

The Open Worldwide Application Security Project (OWASP) has just unveiled its Top 10 Non-Human Identities (NHI) Risks for 2025. While OWASP has long provided resources on application and API security, none have specifically addressed the unique challenges associated with NHIs. This new document bridges that gap, highlighting critical yet often overlooked risks that pose significant……
UK NHS API Flaw Exposes Critical Mobile Security Risks

Mar 18, 2025 5:52 AM

Tags: access, api, flaw, healthcare, mobile, programming, risk, service, unauthorized, vulnerability
Privacy Roundup: Week 11 of Year 2025

Mar 18, 2025 12:52 AM

Tags: android, api, apple, apt, attack, backdoor, breach, business, cctv, ceo, cloud, control, cve, cybersecurity, data, data-breach, detection, exploit, firmware, flaw, google, government, group, hacker, Internet, leak, mail, malicious, malware, microsoft, network, north-korea, phishing, privacy, regulation, remote-code-execution, router, scam, service, software, spy, spyware, technology, threat, tool, unauthorized, update, virus, vulnerability, wifi, windows, zero-day

This is a news item roundup of privacy or privacy-related news items for 9 MAR 2025 – 15 MAR 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things may overlap;…
Wazuh SIEM Vulnerability Enables Remote Malicious Code Execution

Mar 17, 2025 2:52 PM

Tags: access, api, cve, cyber, flaw, malicious, siem, vulnerability

A critical vulnerability, identified as CVE-2025-24016, has been discovered in the Wazuh Security Information and Event Management (SIEM) platform. This vulnerability affects versions 4.4.0 to 4.9.0 and allows attackers with API access to execute arbitrary Python code remotely, potentially leading to complete system compromise. The flaw stems from the unsafe deserialization of Distributed API (DAPI)…
AI development pipeline attacks expand CISOs’ software supply chain risk

Mar 17, 2025 9:52 AM

Tags: access, ai, api, application-security, attack, backdoor, breach, business, ciso, cloud, container, control, cyber, cybersecurity, data, data-breach, detection, encryption, exploit, flaw, fortinet, government, infrastructure, injection, intelligence, LLM, malicious, malware, ml, network, open-source, password, penetration-testing, programming, pypi, risk, risk-assessment, russia, saas, sbom, service, software, supply-chain, threat, tool, training, vpn, vulnerability

development pipelines are exacerbating software supply chain security problems.Incidents of exposed development secrets via publicly accessible, open-source packages rose 12% last year compared to 2023, according to ReversingLabs (RL).A scan of 30 of the most popular open-source packages found an average of six critical-severity and 33 high-severity flaws per package.Commercial software packages are also a…
7 misconceptions about the CISO role

Mar 17, 2025 7:52 AM

Tags: api, attack, breach, business, ceo, ciso, compliance, control, corporate, cyber, cyberattack, cybersecurity, defense, exploit, finance, firewall, governance, infrastructure, insurance, jobs, network, password, phishing, resilience, risk, risk-assessment, risk-management, saas, software, startup, strategy, technology, threat, tool, training, update, vulnerability

Katie Jenkins, EVP and CISO, Liberty Mutual Insurance Liberty Mutual InsuranceThe field is changing so rapidly, Jenkins adds, she needs to commit time to keeping up on research and connecting with other CISOs for knowledge exchange.In addition to securing infrastructure, an effective CISO focuses on securing the business, experts say. This requires understanding how security…
Invisible C2″Š”, “Šthanks to AI-powered techniques

Mar 15, 2025 10:52 AM

Tags: ai, api, attack, breach, business, chatgpt, cloud, communications, control, cyberattack, cybersecurity, data, defense, detection, dns, edr, email, encryption, endpoint, hacker, iot, LLM, malicious, malware, ml, monitoring, network, office, openai, powershell, service, siem, soc, strategy, threat, tool, update, vulnerability, zero-trust

Invisible C2″Š”, “Šthanks to AI-powered techniques Just about every cyberattack needs a Command and Control (C2) channel”Š”, “Ša way for attackers to send instructions to compromised systems and receive stolen data. This gives us all a chance to see attacks that are putting us at risk. LLMs can help attackers avoid signature based detection Traditionally, C2…
Beyond Checkboxes: The Essential Need for Robust API Compliance

Mar 14, 2025 6:52 PM

Tags: access, api, attack, authentication, automation, banking, breach, business, cloud, compliance, control, credentials, cyber, cybersecurity, data, detection, encryption, exploit, finance, framework, fraud, GDPR, governance, government, HIPAA, infrastructure, injection, insurance, least-privilege, malicious, mfa, mitre, monitoring, nist, PCI, privacy, regulation, risk, service, tactics, technology, theft, threat, tool, unauthorized, vulnerability, zero-trust

APIs serve as essential links in today’s digital infrastructure, enabling data sharing and application integration. However, their widespread use has made them prime targets for attackers. Hence, strict compliance with security regulations is not just optional; it is imperative for business success. The increasing frequency of data breaches and the sophistication of cyber threats highlight…
OBSCURE#BAT Malware Highlights Risks of API Hooking

Mar 14, 2025 2:52 PM

Tags: api, attack, malware, powershell, risk

Researchers discovered an attack chain that uses several layers of obfuscated batch files and PowerShell scripts to deliver an advanced and persistent rootkit. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/obscurebat-malware-highlights-api-hooking
One PUT Request to Own Tomcat: CVE-2025-24813 RCE is in the Wild

Mar 14, 2025 6:52 AM

Tags: apache, api, china, cve, exploit, rce, remote-code-execution, vulnerability

A devastating new remote code execution (RCE) vulnerability, CVE-2025-24813, is now actively exploited in the wild. Attackers need just one PUT API request to take over vulnerable Apache Tomcat servers. The exploit, originally published by a Chinese forum user iSee857, is already available online: CVE-2025-24813 PoC by iSee857. Exploit Breakdown: How a Simple PUT Request…
What role do APIs play in automating NHI management?

Mar 14, 2025 5:52 AM

Tags: api, automation, cloud, strategy

Could API Automation Be The Missing Piece In Your NHI Management? One critical question stands out: Could the underutilized potential of API automation be the missing piece in your Non-Human Identities (NHI) management strategy? With the increasing complexity of cloud environments and the mounting demand for robust security measures, the answer is a resounding yes….…
DeepSeek Deep Dive Part 1: Creating Malware, Including Keyloggers and Ransomware

Mar 13, 2025 7:52 PM

Tags: ai, antivirus, api, chatgpt, china, cloud, computer, cryptography, cybercrime, cybersecurity, data, detection, encryption, google, guide, injection, intelligence, law, LLM, malicious, malware, monitoring, network, north-korea, open-source, openai, privacy, programming, ransomware, service, software, strategy, threat, tool, training, unauthorized, vulnerability, windows

Tenable Research examines DeepSeek R1 and its capability to develop malware, such as a keylogger and ransomware. We found it provides a useful starting point, but requires additional prompting and debugging. Background As generative artificial intelligence (GenAI) has increased in popularity since the launch of ChatGPT, cybercriminals have become quite fond of GenAI tools to…
F5 Integrates API Security and Networking to Address AI Onslaught

Mar 13, 2025 3:52 PM

Tags: ai, api, cloud, service

The new The F5 Application Delivery Controller and Security Platform combines BIG-IP, NGNIX and Distributed Cloud Services and new AI Gateway and AI Assistants. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/f5-api-security-networking-ai-onslaught
How to detect Headless Chrome bots instrumented with Puppeteer?

Mar 13, 2025 11:52 AM

Tags: api, attack, browser, chrome, credentials, tool

Headless Chrome bots powered by Puppeteer are a popular choice among bot developers. The Puppeteer API’s ease of use, combined with the lightweight nature of Headless Chrome, makes it a preferred tool over its full-browser counterpart. It is commonly used for web scraping, credential stuffing attacks, and the First seen on securityboulevard.com Jump to article:…
Ollama Unauthorized Access Vulnerability Due to Improper Configuration (CNVD-2025-04094)

Mar 13, 2025 10:52 AM

Tags: access, api, authentication, control, cyber, network, service, unauthorized, vulnerability

Overview Recently, NSFOCUS detected that Ollama improperly configured and unauthorized access vulnerabilities were disclosed online (CNVD-2025-04094); Because Ollama does not have authentication and access control functions by default, when a user opens the service (port 11434 by default) to the public network, an unauthenticated attacker can directly call its API interface to steal sensitive model…The…