OpenSea NFT suffers a Breach
OpenSea has reportedly experienced a compromise in its API, attributed to a breach by an unidentified third-party vendor. This incident has raised concerns and prompted urgent notifications to platform users.…
API Security 2023 Status Check
API security company Traceable has unveiled its 2023 State of API Security Report. The study provides a comprehensive global perspective on the state of API security, exposing critical vulnerabilities and…
DuoLingo Scrapped User Data is for sale
Threat actors have exposed 2.6 million DuoLingo users` data on the dark web. The sale was posted on August 22nd for a cost of only $2.13. The scraped DuoLingo data…
Owasp API Security Top 10 2023
The OWASP API Security Project has just released an updated version of the OWASP Top 10 for APIs. The first edition was published four years ago (2019). Since then, a…
Twitter Breach Brings API weakness in to limelight
Cybercriminals began selling the user data of more than 5.4 million Twitter users on a hacking forum after exploiting an API vulnerability disclosed in December 2021. Recently, a hacker released…
API Keys and User data leaked by faulty Apps
Security researchers have uncovered more than 1,500 apps leaking the Algolia API key and application ID, potentially exposing user data. 32 applications were found to have critical administrative secrets hardcoded,…
Google Advanced API Security Management
Google Cloud has announced a preview of Advanced API Security built on Apigee – an application programming interface management platform for detecting and fixing API misconfigurations and thwarting malicious bots.…
TruffleHog 3.0 ! Supports 600 Key Types
The newest version of TruffleHog has launched with support for more than 600 key types, furthering the tool’s ability to hunt for credential leaks. Leaked credentials, including secret key pairs,…