Dark Reading

Lock Down APIs to Prevent Breaches

Web and mobile application developers need to take more care in creating secure applications, as attackers are increasingly testing Web application programming interfaces (APIs) to compromise cloud ...
Bleeping Computer

CISA warns of breach risks from IDOR web app vulnerabilities

CISA warned today of the significant breach risks linked to insecure direct object reference (IDOR) vulnerabilities impacting web applications in a joint advisory with the Australian Cyber Security ...
Infosecurity-magazine.com

PII Exposed: Unauthenticated IDOR in WooCommerce Stripe Plugin

A critical security vulnerability has been discovered in the popular WooCommerce Stripe Gateway plugin, potentially exposing users’ personally identifiable information (PII). The vulnerability, an ...
techtimes

Florida’s Tax Website Exposes Hundreds of Sensitive Data: Filers’ Bank Accounts, Social ...

Security Researcher Kamran Mohsin revealed a now fixed security flaw that has been detected on Florida's Department of Revenue website. According to a report from TechCrunch, it exposed taxpayers' ...