API - API Security Blog

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaThunderbird (SUSE-SU-2023:2064-1)

The remote SUSE Linux SLED15 / SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2064-1 advisory. - OCSP revocation sta ...

May 01, 2023

CVE-2023-31485

GitLab::API::v4 through 0.26 does not verify TLS certificates when connecting to a GitLab server, enabling machine-in-the-middle attacks.Read More ...

May 01, 2023

CVE-2023-31485

GitLab::API::v4 through 0.26 does not verify TLS certificates when connecting to a GitLab server, enabling machine-in-the-middle attacks.Read More ...

May 01, 2023

CVE-2023-2418

A vulnerability was found in Konga 2.8.3 on Kong. It has been classified as problematic. This affects an unknown part of the component Login API. The manipulation leads to insufficiently random values ...

May 01, 2023

Google Blocks 1.43 Million Malicious Apps, Bans 173,000 Bad Accounts in 2022

[![Google](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASUVORK5CYII=)]() Google disclosed that its improved security features and app review pr ...

May 01, 2023

APT28 Targets Ukrainian Government Entities with Fake “Windows Update” Emails

[![Windows Update](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASUVORK5CYII=)]() The Computer Emergency Response Team of Ukraine (CERT-UA) has ...

May 01, 2023

CVSS3 - CRITICAL

What does ChatGPT know about phishing?

![](https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2023/04/28131602/sl-digital-face-artificial-intelligence-blue-red-1200-990x400.jpg) ## Can ChatGPT detect phishing links? Hearing ...

May 01, 2023

CVE-2023-25492

A valid, authenticated user may be able to trigger a denial of service of the XCC web user interface or other undefined behavior through a format string injection vulnerability in a web interface API. ...

May 01, 2023