New Wallarm report exposes API security risks for companies including Netflix and WordPress

Nov 7, 2023 06:00 pm Cyber Security 76
New Wallarm report exposes API security risks for companies including Netflix and WordPress

New Wallarm report exposes API security risks for companies including Netflix and WordPress


Wallarm announced the release of its Q3-2023 Wallarm API ThreatStats™ report. The quarterly report details the surge in threats centered around APIs and uncovers critical vulnerabilities, like injections and API data leaks, that have recently impacted leading firms, including Netflix, VMware and SAP.



“We saw in recent months that even major players like Netflix and VMware aren’t exempt from significant data exposures”
Post this


The new report introduces a revamped “Top 10 API Security Threats” compilation, a real-time data-driven list covering the 239 vulnerabilities discovered during the quarter. Injections, which involve malicious data or code being inserted into an API that leads to unauthorized access and data breaches, ranked first on the list, attacking vectors like SQL and XML. Also making the list were cross-site attacks, broken access control and poor session and password management.


Of the 239 vulnerabilities, 33% (79 out of 239) were associated with authentication, authorization and access control (AAA) — foundational pillars of API security. Open authentication (OAuth), single-sign on (SSO) and JSON Web Token (JWT), safeguards for API security, were compromised in reputable tech organizations such as Sentry and WordPress. Sentry experienced incorrect credential validation on OAuth token requests, potentially exposing developers’ projects to unauthorized access, while WordPress’ SSO was subject to plugin broken authentication, leaving its millions of users’ data vulnerable to theft.


The growing issue of API data leaks, as company tech stacks get more complicated, was also a focal point of this quarter’s report. Although relatively new, API data leaks ranked fourth on the security threats list due to their potential for unrestrained disclosure of sensitive data, often through negligent methods. Evidence of these risks is found in the recent serious data breaches suffered by N ..

Support the originator by clicking the read the rest link below.

wallarm report exposes security risks companies including netflix wordpress
Read The Rest from the original source
globalsecuritymag.fr

Related News

Be in Touch

All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
Powered By The Internet!!!!