Tabit Addresses API Vulnerabilities Before Major Exploit
Tabit Technologies is a leading mobile hospitality solution provider with a robust product ecosystem that has revolutionized the payments industry. Celebrated globally for streamlining processes for both businesses and end-users, their unique software suite has challenged many of the traditional approaches to point-of-sale, reservation management, wayfinding, dining, and delivery. Consumers ... Read More
Critical Vulnerability Reported by WSO2
Well known open-source technology provider, WSO2, recently reported a critical vulnerability that would allow for remote code execution by cybercriminals. Known as CVE-2022-29464, the vulnerability received a 9.8 CVSS score and has been added to CISA’s Known Exploited Vulnerabilities Catalog. According to the company’s security advisory, “due to improper validation ... Read More
Lessons Learned from Gitlab’s GraphQL API Vulnerability
At the beginning of March, Rapid7 disclosed a vulnerability in Gitlab’s GraphQL API (CVE-2021-4191) showing several common mistakes in the GraphQL API design, which exposed usernames, names, and email addresses to unauthenticated attackers. This information may seem trivial, but as outlined in the disclosure, it is the first step in ... Read More
