Cybersecurity firm Salt Labs discovered a GraphQL API authorization vulnerability in a large B2B financial technology platform. It would give attackers the ability to submit unauthorized transactions ...

Security has been somewhat of an afterthought as part of the Java EE development environment. Developers have either had to implement security at the server level or use a third-party framework. This ...

API Gateways effectively manage the authentication of the user and provide service orchestration capabilities, but if sensitive data is involved, additional fine-grained authorization capabilities are ...

Attack surface management company Intruder Solutions Ltd. today announced the launch of AutoSwagger, a free, open-source tool that scans OpenAPI-documented application programming interfaces for ...

Attack Surface Management Leader Enables Organizations to Check APIs for Common and Easily Exploitable API Vulnerabilities Autoswagger automatically detects authorization weaknesses in APIs and ...

Attack Surface Management Leader Enables Organizations to Check APIs for Common and Easily Exploitable API Vulnerabilities Intruder, a leader in attack surface management, has launched Autoswagger—a ...

Java’s code-signing requirements have proven to be a bust, security researchers say, and now even longtime developers are losing faith in the programming language. Why would a software company require ...

Cox Communications has fixed an authorization bypass vulnerability that enabled remote attackers to abuse exposed backend APIs to reset millions of Cox-supplied modems' settings and steal customers' ...