Cybercriminals Ramp Up Attacks on Web APIs ...attacks and security incidents targeting APIs continue to grow. https://www.darkreading.com/threat-intelligence/cybercriminals-ramp-up-attacks-on-web-apis Press Release: Akamai Finds API Vulnerabilities to be a High-Stakes Game for Companies and Individuals Worldwide Akamai: Report "API: The Attack Surface That Connects Us All" (PDF): https://www.akamai.com/content/dam/site/en/documents/state-of-the-internet/soti-security-api-the-attack-surface-that-connects-us-all.pdf
Why is API security failing? In part, because we're over-rotating on 'shift left' October 28, 2021 https://betanews.com/2021/10/28/why-is-api-security-failing/
API attacks are both underdetected and underreported October 28, 2021 https://www.helpnetsecurity.com/2021/10/28/security-concerns-api/
New tool helps enterprises find and fix API vulnerabilities November 9, 2021 https://betanews.com/2021/11/09/tool-enterprises-find-api-vulnerabilities/ Veracode Releases Enhanced API Scanning to Tackle Fastest-Growing Cyber Attack Vector
API security ‘arms race’ heats up November 19, 2021 https://venturebeat.com/2021/11/19/api-security-arms-race-heats-up/ Salt Security: API attacks are increasing at an alarming rate - up 348% in six months
API security moves mainstream The heavyweights are now moving into API security, cementing it as “A Thing” July 14, 2022 Google: Announcing Apigee Advanced API Security for Google Cloud
94% of survey respondents experienced API security incidents in 2021 August 3, 2022 Salt Security: API Security Incidents Nearly Universal Finds Latest “State of API Security” Report
API breaches prevalent despite development efforts August 19, 2022 VentureBeat: 20% of developers and IT pros say API security breaches happen monthly Postman: 2022 State of the API Report
API security: Broken access controls, injection attacks plague the enterprise security landscape in 2022 Spring4Shell and Veeam RCE exploit topped the list in Q1 2022 August 19, 2022 Wallarm: Whitepaper: API Vulnerabilities Discovered And Exploited in Q1-2022 (PDF): https://static.wallarm.com/wallarm-webflow/resources/api-vulnerabilities-discovered-and-exploited-in-q1-2022/API%20vulnerabilities%20discovered%20and%20exploited%20in%20Q1-2022.pdf
Wallarm: API Vulnerabilities Jump Up 3.7x in Q2-2022 Infographic - API Vulnerabilities And Exploits in Q2-2022 (PDF): https://hubspot.wallarm.com/hubfs/2022-Q2_API_vuln_report_infographic.pdf
Toyota, Mercedes, BMW API flaws exposed owners’ personal info By Bill Toulas @billtoulas - January 4, 2023 Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More
DuoLingo investigating dark web post offering data from 2.6 million accounts By Jonathan Greig @jgreigj - January 24, 2023