CSOonline

Azure API Management flaws highlight server-side request forgery risks in API development

Microsoft recently patched three vulnerabilities in its Azure API Management service, two of which enabled server-side request forgery (SSRF) attacks that could have allowed hackers to access internal ...
Dark Reading

SSRF 101: How Server-Side Request Forgery Sneaks Past Your Web Apps

When it's time to talk attacks, it's hard to get more evil than a technique that uses victims' own systems against them. Server-side request forgery (SSRF) is one of those evil attacks, and it's one ...
Threat Post

WARDroid Uncovers Mobile Threats to Millions of Users Worldwide

An analysis of 10,000 mobile apps has found that a significant portion of them are open to web API hijacking – thanks to inconsistencies between app and server logic in web APIs. An analysis of 10,000 ...