%term

Inside the biggest API breaches (and how to stop the next one)

Nov 6, 2025 By Astra Security In Astra

APIs power the modern digital world — but they’re also the fastest-growing attack surface. In this webinar, we break down the biggest API breaches, their root causes, and how they could have been prevented. What's covered: Featuring: Live insights and a product demo by the Astra Engineering Team.

View Video

Astra

API
Security

Read more about Inside the biggest API breaches (and how to stop the next one)

The Business of API Security: Unpacking the Q3 API ThreatStats Report

Nov 5, 2025 By Wallarm In Wallarm

Q3 provided us with another opportunity to dig into API vulnerabilities, exploits, and breaches. We'll dive into the details, picking out the trends that impact how you defend your APIs. This quarter's report includes a special focus on business logic abuse. Join the webinar to learn.

View Video

Wallarm

API
Security

Read more about The Business of API Security: Unpacking the Q3 API ThreatStats Report

When APIs Become Attack Paths: What the Q3 2025 ThreatStats Report Tells Us

Oct 30, 2025 By Wallarm In Wallarm

Wallarm’s latest Q3 2025 API ThreatStats report reveals that API vulnerabilities, exploits, and breaches are not just increasing; they’re evolving. Malicious actors are shifting from code-level weaknesses to business logic flaws, from web apps to partner integrations, and from REST to AI-powered APIs. Here’s what stood out this quarter, and what security leaders should do about it.

Read Post

Wallarm

Read more about When APIs Become Attack Paths: What the Q3 2025 ThreatStats Report Tells Us

The API vulnerabilities nobody talks about: excessive data exposure

Oct 28, 2025 By Joviane Jardim In Detectify

TLDR: Excessive Data Exposure (leaking internal data via API responses) is the silent, pervasive threat that is more dangerous than single dramatic flaws like SQL Injection. It amplifies every other API vulnerability (like BOLA) and happens everywhere because developers prioritize speed over explicit data filtering. Fixing it means systematically checking hundreds of endpoints for unneeded PII and sensitive internal data.

Read Post

Detectify

Read more about The API vulnerabilities nobody talks about: excessive data exposure

API Attack Awareness: Business Logic Abuse - Exploiting the Rules of the Game

Oct 27, 2025 By Wallarm In Wallarm

As Cybersecurity Awareness Month continues, we wanted to dive even deeper into the attack methods affecting APIs. We’ve already reviewed Broken Object Level Authentication (BOLA), injection attacks, and authentication flaws; this week, we’re exploring business logic abuse (BLA). Unlike technical flaws, business logic flaws exploit how an API is designed to behave.

Read Post

Wallarm

Read more about API Attack Awareness: Business Logic Abuse - Exploiting the Rules of the Game

How to get a Brave Search API Key

Oct 24, 2025 By Snyk In Snyk

How to get a Brave Search API Key.

View Video

Snyk

Read more about How to get a Brave Search API Key

New API testing category now available

Oct 23, 2025 By Detectify In Detectify

Our API scanner can test for dozens of vulnerability types like prompt injections and misconfigurations. We’re excited to share today that we’re releasing vulnerability tests for OAuth API authorization for organizations that use JWT tokens. These JWT, or JSON Web Tokens, are meant to prove that you have access to whatever it is you are accessing. One of the most critical JWT vulnerabilities is algorithm confusion.

Read Post

Detectify

Read more about New API testing category now available

After the AWS Outage: How to Build Systems That Survive

Oct 23, 2025 By Wallarm In Wallarm

When AWS goes down, the ripple effects are global, from authentication failures to service disruptions that bring businesses to a standstill. But while every outage makes headlines, the real question is: Why are so many organizations still unprepared? In this live fireside chat, Wallarm’s Field CTO, and STO of Security Edge, Tim Ebbers, unpacks the architectural lessons behind the latest AWS outage — and what engineering, DevOps, and security leaders can do today to prevent history from repeating itself.

View Video

Wallarm

Read more about After the AWS Outage: How to Build Systems That Survive

How I 'Hacked' an Online Store #businesslogic #ecommerce #cybersecurity #apisecurity

Oct 23, 2025 By Wallarm In Wallarm

A $10,000 Order for $1? Your Business Logic is Broken Attackers aren't just breaking code; they're exploiting the rules of your business to commit fraud. When your application's logic is flawed: Your payment and fulfillment systems can be desynchronized. You can lose massive revenue to easily preventable abuse. Your inventory and financial reporting become unreliable. Watch how a simple business logic flaw can lead to catastrophic financial loss in this real-world example. Is your e-commerce platform safe?

View Video