#APIVulnerability

Microsoft Edge Bug Could Have Allowed Attackers to Silently Install Malicious Extensions

by

March 27, 2024 at 09:09AM A security flaw in Microsoft Edge browser, CVE-2024-21388, allowed attackers to covertly install browser extensions with broad permissions via a private API, impacting version 121.0.2277.83. The bug enabled installation of malicious extensions without user consent, posing a privilege escalation threat, emphasizing the need for balancing user convenience and security. Key … Read more

APIs Drive the Majority of Internet Traffic and Cybercriminals are Taking Advantage

by

March 19, 2024 at 01:12PM APIs play a crucial role in digital modernization, with a majority of internet traffic attributed to API calls. The State of API Security in 2024 Report highlights the risks related to inadequate API management, particularly in the banking and online retail sectors. It emphasizes the need for continuous monitoring and … Read more

Trello API abused to link email addresses to 15 million accounts

by

January 23, 2024 at 04:37PM An exposed Trello API allowed the creation of millions of data profiles, linking public and private information. A threat actor attempted to sell the data of 15,115,516 Trello members containing emails, usernames, and full names. The leaked email addresses were accessed through a publicly exposed API, elevating the severity of … Read more

Halara probes breach after hacker leaks data for 950,000 people

by

January 11, 2024 at 03:28PM Popular athleisure clothing brand Halara is investigating a data breach after the alleged leak of almost 950,000 customers’ data on a hacking forum. The Hong Kong-based company, known for its TikTok promotions, is working to address the situation. The leaked data is said to contain personal information, prompting concerns about … Read more