Insights and Protections On November 16, 2023, a significant security concern was published by Google’s Threat Analysis Group (TAG). They revealed an alarming vulnerability in Zimbra Collaboration, a widely-used email hosting tool for organizations. This vulnerability, designated with an identifier, CVE-2023-37580, is a glaring example of a reflected cross-site scripting (XSS) issue. It allows malicious scripts to be injected into unsuspecting users’ browsers through a deceptively simple method: clicking on a harmful link. Campaigns Exploiting…
In early November, the cybersecurity community witnessed the exploitation of a zero-day vulnerability in Confluence Data Center and Server. This…
The world of digital technology is perpetually evolving, positioning cybersecurity as a frontline defense in safeguarding essential digital assets. A…
The 2023 SANS Survey on API Security (Jun-2023) found that less than 50 percent of respondents have API security testing…
If you’re involved in securing APIs, applications and web applications, or looking to learn about these, then the OWASP Global…
In an age characterized by digital transformation, APIs serve as the backbone of modern applications, enabling diverse systems to communicate…
Over the past several months, we’ve taken a journey through the new 2023 OWASP API Security Top-10 list. In the…
Welcome to the 12th post in our weekly series on the new 2023 OWASP API Security Top-10 list, with a…
Welcome to the 11th post in our weekly series on the new 2023 OWASP API Security Top-10 list, with a…
In today’s digital landscape, ensuring the security of web applications and APIs is paramount. The journey to find the right…