Researcher Corner
Introducing the Wallarm 2024 API ThreatStatsTM Report
The Wallarm Security Research team is pleased to share the latest version of our API ThreatStats report. This report serves as a key resource for API, Application security practitioners. It emphasizes the ...
Navigating Threats – Insights from the Wallarm API ThreatStats™ Report Q3’2023
The world of digital technology is perpetually evolving, positioning cybersecurity as a frontline defense in safeguarding essential digital assets. A primary challenge in this sector, accentuated by the Wallarm API ThreatStats™ report ...
Q2-2023 API ThreatStats™ Report: API Exploits Are Everywhere: from NVIDIA to Reddit and more!
Our Q2-2023 API ThreatStats™ report is out. It provides API builders, defenders, breakers, and decision-makers with a comprehensive look at the API security vulnerabilities, threats and exploits reported this past quarter. This ...
ChatGPT Injection: a new type of API Abuse attack may steal your OpenAI API credits
ChatGPT is spreading like wildfire all over the internet, being used in everything from casual tools to cybersecurity and even industrial applications. It’s so popular, I wouldn’t be shocked if it starts ...
Octopus Strike! Three Argo CD API Exploits In Two Weeks
Argo CD is a popular Continuous Deployment tool that enables DevOps teams to manage their applications across multiple environments. However, in the past two weeks, three critical vulnerabilities have been detected in ...
Slack GitHub Account Hacked via Stolen Employee API Token
On December 29, 2022, Slack was alerted to suspicious activity on their GitHub account. Upon investigation, the company discovered that a limited number of employee tokens had been stolen and misused to ...
Best of 2022: New text2shell RCE vulnerability in Apache Common Texts CVE-2022-42889
Yet another RCE with a CVSS score of 9.8 out of 10 was disclosed a few hours ago. This issue looks like the same Log4shell and it seems even more dangerous since ...
Best of 2022: 16 Best DDOS Attack Tools in 2022
What are DDOS attack tools? DDOS attacks are cyber- attacks targeted at rendering certain computers, network systems and servers non-functional. The processes involved in its execution can be however complicated. Attackers have ...
How Uber was hacked in 2022
What happened? The first information about the incident was issued yesterday, September 15th, 2022. We know that a hacker called “Tea Pot” successfully accessed Uber infrastructure and critical cloud services such as ...
GitLab Security Issues: Six Months of Vulnerabilities
Have you ever thought the most popular CI/CD platform – GitLab – may have security issues? In fact, it is inevitable with such a massive infrastructure. Don’t worry! The platform is still ...
