Tips, Expertise, Articles and Advice from the Pro's for Your Website or Blog to Succeed
This week, we check out the API vulnerabilities in the WordPress Rank Math plugin, Tapplock smartlock, and TicTocTrack, another kids’ smartwatch.
In addition, an update to VS Code OpenAPI extension that adds static application security testing (SAST) for composite API contracts has been released.
This week, GitLab has fixed several vulnerabilities, including API vulnerabilities, and the draft for OAuth 2.1 has been released.
If you find yourself stuck at home with extra time in your hands, why not check out the free course on web security that Stanford University is offering?
This week, we look at the recently patched API vulnerabilities in Microsoft Azure Stack and Azure Cloud infrastructure, and in Cisco TelePresence and RoomOS. In addition, there is a recorded conference talk on API pentesting, and Yelp has released an open-source tool for API fuzzing.
Ronen Shustin from Checkpoint Research has reported two API vulnerabilities in Azure Cloud infrastructure and has written a very detailed description of them. Microsoft has already fixed both vulnerabilities.