Security News

Details have emerged about three now-patched security vulnerabilities in Dynamics 365 and Power Apps Web API that could result in data exposure. The flaws, discovered by Melbourne-based...

The United States Treasury Department said it suffered a "major cybersecurity incident" that allowed suspected Chinese threat actors to remotely access some computers and unclassified documents. ...

Many customer-facing APIs remain unprotected, leaving businesses vulnerable to breaches. To address these threats, a comprehensive approach to API security, covering every stage of the lifecycle,...

Cybersecurity researchers are warning that thousands of servers hosting the Prometheus monitoring and alerting toolkit are at risk of information leakage and exposure to denial-of-service (DoS) as...

In this Help Net Security video, Tristan Kalos, CEO of Escape, discusses the results of its 2024 State of API Exposure report. The study highlights significant API security gaps affecting Fortune...

Why? Because that's where the money is Business email compromise scammers are trying to up their success rate by using a DocuSign API.…

Threat actors are abusing DocuSign's Envelopes API to create and mass-distribute fake invoices that appear genuine, impersonating well-known brands like Norton and PayPal. [...]

With the proliferation of APIs, and the speed at which AI functionality is helping fuel innovation, a strategic approach for securing APIs is no longer a nice to have, it’s a criticality. Without...

Attacks on unprotected servers reach 'critical level' An unknown attacker is abusing exposed Docker Remote API servers to deploy perfctl cryptomining malware on victims' systems, according to...

Bad actors have been observed targeting Docker remote API servers to deploy the SRBMiner crypto miner on compromised instances, according to new findings from Trend Micro. "In this attack, the...