InfoWorld

Build an authentication handler for a minimal API in ASP.NET Core

ASP.NET Core offers a simplified hosting model, called minimal APIs, that allows us to build lightweight APIs with minimal dependencies. However, “minimal” doesn’t mean minimal security. Minimal APIs ...
Dark Reading

4 Main API Security Risks Organizations Need to Address

Security vulnerabilities in the application programming interfaces (APIs) powering modern digital services and applications have emerged as a major threat to enterprise systems and data. A recent ...
WeLiveSecurity

All eyes on APIs: Top 3 API security risks and how to mitigate them

The application programming interface (API) is an unsung hero of the digital revolution. It provides the glue that sticks together diverse software components in order to create new user experiences.
Bleeping Computer

Google: Malware abusing API is standard token theft, not an API issue

Google is downplaying reports of malware abusing an undocumented Google Chrome API to generate new authentication cookies when previously stolen ones have expired. In late November 2023, ...
CSOonline

Why API attacks are increasing and how to avoid them

Australian energy company Jemena has been using APIs, in some form, for about a decade. Its use of APIs — application programming interfaces — has jumped recently and is expected to increase fivefold ...
Linux Journal

WebAuthn Web Authentication with YubiKey 5

A look at the recently released YubiKey 5 hardware authenticator series and how web authentication with the new WebAuthn API leverages devices like the YubiKey for painless website registration and ...
Bleeping Computer

Hackers abused API to verify millions of Authy MFA phone numbers

Twilio has confirmed that an unsecured API endpoint allowed threat actors to verify the phone numbers of millions of Authy multi-factor authentication users, potentially making them vulnerable to SMS ...