Bleeping Computer

Hackers abused API to verify millions of Authy MFA phone numbers

Twilio has confirmed that an unsecured API endpoint allowed threat actors to verify the phone numbers of millions of Authy multi-factor authentication users, potentially making them vulnerable to SMS ...
Dark Reading

5 Security Challenges to API Protection

All APIs are different inside, even if they're using similar frameworks and architectures, such as REST. Under whatever architectural "roof," the data protocols are always different — even when the ...