Category - API Security Blog

Constrained environment breakout. .NET Assembly exfiltration via Internet Options

![](https://www.pentestpartners.com/content/uploads/2022/05/dotNET-breakout-headline.png) Its not uncommon for developers to find that they need to help their end users. For starter, the business re ...

May 30, 2022

Graphql-Threat-Matrix – GraphQL Threat Framework Used By Security Professionals To Research Security Gaps In GraphQL Implementations

# [![](https://blogger.googleusercontent.com/img/a/AVvXsEjct_YmCLc-18AnApBUspPpG3TqJm6idF8kXXzhip6ehKOT6BfkPAmSl5giOn-9YO41mRxa2ob3NpNTpGXMABoNhKw0JstsaRZ3T1geeh-tAfUjm8ZGP37g1AXeTCjWlmatsSLJ1BcN1C4jA ...

May 30, 2022

GitLab 13.10 < 14.4.5 / 14.5.0 < 14.5.3 / 14.6.0 < 14.6.2 Unauthorized Access

According to its self-reported version, the instance of GitLab running on the remote web server is 13.10 prior to 14.4.5, 14.5.0 prior to 14.5.3, or 14.6.0 prior to 14.6.2. It is, therefore, vulnerabl ...

May 30, 2022

RST Threat feed. IOC: api.dom-ua.online

Found **api[.]dom-ua.online** in [RST Threat Feed](https://rstc...Read More ...

May 30, 2022

RST Threat feed. IOC: api.elementaryprocess.com

Found **api[.]elementaryprocess.com** in [RST Threat Feed](http...Read More ...

May 30, 2022

RST Threat feed. IOC: api.essentialarchive.com

Found **api[.]essentialarchive.com** in [RST Threat Feed](https...Read More ...