Upcoming Webinar - Join us on 26 Nov for "API Security: Your No. 1 Cyber Initiative in 2025"
At FireTail, we usually say that two or more things need to go wrong in order for attackers to be successful. So what went wrong with Spoutible's leaky API? Basically, everything.
As we approach the end of the year, it's often the case that we look back and chat with colleagues about the highs and lows of the last twelve months. One such friend recently shared a story with us about the worst API they found in the wild during 2023. Could this be the worst API ever?
Various APIs belonging to a data service are leaking their Git repositories, at a backend API which contain the APIs' source code.
Unauthorized users could gain access to sensitive financial information via an application's API using the data leaked via Github.
FireTail researcher Viktor Markopoulos discovered a vulnerability in a European Shipping Company’s APIs that allowed him to download internal files without authentication.
Poorly secured APIs at Points.com resulted in serious vulnerabilities that could have exposed the loyalty programs of some of the world’s best-known airlines and hospitality brands.
During Defcon, a security researcher presented his findings from assessing a global transportation system, leveraging APIs.
A file transfer software called moveIT experienced a vulnerability starting in mid-2023 that created a mass breach across many organizations and geographies. The breach is started by injection against an API administrative endpoint, and data is exfiltrated via administrative API calls.
An unauthenticated API belonging to a fast food company exposed receipts from all of its stores in India.
By using this website, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
