Stablecoin payment firm Infini lost $50 million in an exploit suspected to have been conducted by a developer who retained administrative privileges after project delivery.

'Broken object level authorization' is the number one API vulnerability that attackers can exploit to gain access to an organization's data, according to a report from the independent Open Web ...

Threat protection: How can attackers exploit your APIs? API security programs must protect against three common attack patterns: denial of service, abuse of functionality and vulnerability exploits.

Alex Protocol, a Bitcoin decentralized finance (DeFi) platform on the Stacks blockchain, suffered an exploit on June 6, resulting in $8.3 million in digital asset losses. In an X announcement ...

Docker patched CVE-2025-9074 (CVSS 9.3), a flaw enabling container escape via unauthenticated API, risking host takeover.

A new wave of scam calls is targeting cryptocurrency exchange users to get them to change their application programming interface settings, granting attackers access to their funds, according to ...

Threat actors abused the legitimate Keitaro Traffic Direction System (TDS) to drive traffic to malware pushing RIG and Fallout exploit kits as part of both malvertising and malspam campaigns.

Independent security researcher, web designer, and Stanford Computer Science student Feross Aboukhadijeh has developed an attack concept that exploits the fullscreen application programming ...

Exploit released for 9.8-severity PaperCut flaw already under attack Code-execution flaw was patched in March but doesn't seem to be widely installed.