Dark Reading

OAuth+XSS Attack Threatens Millions of Web Users With Account Takeover

Critical API security flaws have put millions of users at risk for account takeover, by using a modern authentication standard to resurrect a longtime vulnerability. The bugs were found in the Hotjar ...
SecurityWeek

SesameOp Malware Abuses OpenAI API

A threat actor has abused the OpenAI Assistants API as a communication mechanism between its C&C server and a stealthy ...
CSOonline

Web app, API attacks surge as cybercriminals target financial services

Web application and application programming interface (API) attacks against the global financial services industry grew by 65% in Q2 2023 compared to Q2 2022, accounting for nine billion attacks in 18 ...
Bleeping Computer

CISA: Roundcube email server bug now exploited in attacks

CISA warns that a Roundcube email server vulnerability patched in September is now actively exploited in cross-site scripting (XSS) attacks. The security flaw (CVE-2023-43770) is a persistent ...
Nasdaq

Financial Services: Akamai Research Shows Web Application and API Cyber Attacks Grew By 257 Percent Year Over Year

CAMBRIDGE, Mass., Nov. 28, 2022 /PRNewswire/ -- Akamai Technologies, Inc. (NASDAQ: AKAM), the cloud company that powers and protects life online, today released a new State of the Internet report that ...
TechRepublic

Akamai’s new study: Bots, phishing and server attacks making commerce a cybersecurity hotspot

Akamai’s new study: Bots, phishing and server attacks making commerce a cybersecurity hotspot Your email has been sent Bots raining on retail drive flood in commerce attacks Led by LFI attacks, web ...