API - API Security Blog

Kubernetes API limitations in finding non-standard pods and containers

Gain a deeper understanding of why it's essential to monitor non-standard pods and containers, including static pods, mirror pods, init containers, pause containers, and ephemeral containers within yo ...

July 19, 2023

Microsoft Office 365 18.2305.1222.0 Remote Code Execution

Post ContentRead More ...

July 19, 2023

CVSS3 - HIGH

CVSS2 - MEDIUM

RWS WorldServer 11.7.3 Session Token Enumeration

Post ContentRead More ...

July 19, 2023

Why are there so many malware-as-a-service offerings?

![Why are there so many malware-as-a-service offerings?](https://blog.talosintelligence.com/content/images/2023/07/need-to-know_malwareservice.jpg) Whether known as commodity malware or "as-a-service, ...

July 19, 2023

Comprehensive analysis of initial attack samples exploiting CVE-2023-23397 vulnerability

![](https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2022/10/05080519/abstract_binary_connection-990x400.jpg) On March 14, 2023, Microsoft published [a blogpost]() describing an Outlo ...

July 19, 2023

CVSS3 - CRITICAL

CVSS2 - HIGH

Exposed Gits: 10 Years on

![](https://www.pentestpartners.com/content/uploads/2023/07/10yrsgit-headline.png) Nearly 10 years ago my colleague wrote a cracking post on exposed [Git repositories](). 10 years is a long time in cy ...

July 19, 2023

CVE-2023-2913

An executable used in Rockwell Automation ThinManager ThinServer can be configured to enable an API feature in the HTTPS Server Settings. This feature is disabled by default. When the API is enabled a ...

July 18, 2023

Security alert: social engineering campaign targets technology industry employees

GitHub has identified a low-volume social engineering campaign that targets the personal accounts of employees of technology firms, using a combination of repository invitations and malicious npm pack ...

July 18, 2023