The Hacker News

OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps

CVE-2025-59363 "allowed attackers with valid API credentials to enumerate and retrieve client secrets for all OIDC ...
DevPro Journal

Five critical API security flaws developers must avoid

Learn how you can implement essential best practices - from strict authorization to rate limiting - to secure APIs and ...
Insurance Business America

API vulnerabilities drive new wave of cyber threats

APIs have become a primary entry point for cyber attacks in 2025, according to new research from Thales. The company’s latest API Threat Report, covering the first half of the year, documents more ...

APIs become primary target for cybercriminals - Over 40,000 API incidents in first half of 2025: report

Aerospace and defence corporation Thales has announced the findings of its latest API Threat Report (H1 2025), warning that ...

Apple iOS apps are worse at leaking sensitive data than Android apps, worrying research finds - here's what you need to know

Zimperium research finds many Android and iOS apps leak sensitive data, exposing enterprises to API attacks and hidden malware risks.