The Hacker News

OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps

CVE-2025-59363 "allowed attackers with valid API credentials to enumerate and retrieve client secrets for all OIDC ...
DevPro Journal

Five critical API security flaws developers must avoid

Learn how you can implement essential best practices - from strict authorization to rate limiting - to secure APIs and ...