API - API Security Blog

New Self-Spreading Malware Infects Docker Containers to Mine Dero Cryptocurrency

Misconfigured Docker API instances have become the target of a new malware campaign that transforms them into a cryptocurrency mining botnet. The attacks, designed to mine for Dero currency, is notabl ...

May 27, 2025

CVE-2025-5272

creation_timestamp| type| source ---|---|--- 2025-05-27 13:16:28+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lq5rexii3yz2 2025-05-27 14:1 ...

May 27, 2025

CVE-2025-5271

creation_timestamp| type| source ---|---|--- 2025-05-27 13:16:29+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lq5rf525f7z2 2025-05-27 13:5 ...

May 27, 2025

CVE-2025-48796

creation_timestamp| type| source ---|---|--- 2025-05-27 14:36:40+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114580298063221861 2025-05-27 15:50:55+00:00| seen|...Read More ...

May 27, 2025

CVE-2025-5100

creation_timestamp| type| source ---|---|--- 2025-05-27 14:30:01+00:00| seen|...Read More ...

May 27, 2025

auth-js Vulnerable to Insecure Path Routing from Malformed User Input

Impact The library functions getUserById, deleteUser, updateUserById, listFactors and deleteFactor did not require the user supplied values to be valid UUIDs. This could lead to a URL path traversal, ...

May 27, 2025

CVE-2025-27700

creation_timestamp| type| source ---|---|--- 2025-05-27 17:01:18+00:00| seen|...Read More ...

May 27, 2025

CVE-2025-5266

creation_timestamp| type| source ---|---|--- 2025-05-27 13:16:32+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lq5rfncbduz2 2025-05-27 14:1 ...

May 27, 2025