Threat Post

Cryptomining Attack Exploits Docker API Misconfiguration Since 2019

Campaign exploits misconfigured Docker APIs to gain network entry and ultimately sets up a backdoor on compromised hosts to mine cryptocurrency. Hackers behind a cryptomining campaign have managed to ...
Mashable

Twitter exploit let 'bad actors' match phone numbers to accounts

For dissidents around the globe, Twitter remains the tool of choice for speaking out against their repressive governments. With that in mind, it's easy to see why today's announcement from the social ...
SDxCentral

AI, Machine Learning Are the New Battleground for API Exploits, According to New Wallarm Report

Findings uncover rapid acceleration in API vulnerabilities in new AI-related dev and infrastructure products like NVIDIA’s Triton Inference Server, and API incidents that impact major brands like ...
Dark Reading

Researchers Pioneer PoC Exploit for NSA-Reported Bug in Windows CryptoAPI

Researchers have developed a proof-of-concept (PoC) exploit for a public x.509 certificate-spoofing vulnerability in the Windows CryptoAPI that the NSA and the National Cyber Security Center (NCSC) ...
Forbes

API Penetration Testing And API Vulnerability Assessment: Use The Right Tool For The Right Job

API vulnerability scanning and API penetration testing are both important methods for ensuring the security of an API, but they have distinct differences in terms of their scope, methodology and ...