API Abuse – TheCyberThrone

BeyondTrust SaaS Breach Comprehensive Breakdown

Incident Discovery On December 2, 2024, BeyondTrust identified a significant security breach during a forensics investigation. This discovery set off a series of urgent actions to mitigate the impact and…

PravinKarthik December 23, 2024

GraphQL Vulnerability Could lead to Data Leakage

A vulnerability has been detected in GraphQL query language for application programming interfaces has been found to expose a leading business-to-business financial technology company. The vulnerability was identified by researching the…

PravinKarthik December 9, 2021

Brizy Vulnerability Affects 90k Sites

Researchers have unearthed Potentially exploitable bugs were found in the Brizy Page Builder, a WordPress plugin that is installed across more than 90,000 websites. The company’s Threat Intelligence team reported…

PravinKarthik October 16, 2021

Chrome Emergency !

Google has announced an emergency update for Chrome (94.0.4606.61), and in this update, it has addressed Chrome’s 11th ‘zero days’ exploit of the year. Tracked the zero-day vulnerability as CVE-2021-37973…

PravinKarthik September 26, 2021

Payment API Exposed Data

Researchers discovered API security flaws impacting several apps, potentially exposing the personal and financial information of millions of consumers. Around 250 of the 13,000 apps published to its BeVigil "security…

PravinKarthik September 21, 2021

Linkedin Leaks again

LinkedIn is leaking again. A massive data breach affecting some 700 million users more than 90 percent of the network’s overall user base. The entire collection of data is up for…

PravinKarthik June 29, 2021

cloudsecurity MobileApps

Telegram Credentials Harvest

A recently discovered phishing campaign attempted to steal victims' credentials by abusing the Telegram messaging app's API to create malicious domains that help bypass security tools such as secure email…

PravinKarthik February 23, 2021