Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

squarex

Fullscreen BitM Attack Discovered by SquareX Exploits Browser Fullscreen APIs to Steal Credentials in Safari

May 29, 2025 By SquareX
Today, SquareX released new threat research on an advanced Browser-in-the-Middle (BitM) attack targeting Safari users. As highlighted by Mandiant, adversaries have been increasingly using BitM attacks to steal credentials and gain unauthorized access to enterprise SaaS apps. BitM attacks work by using a remote browser to trick victims into interacting with an attacker-controlled browser via a pop-up window in the victim's browser.
Read Post
salt security

Is Your API Security Just "Good Enough"? Why That's Not Enough Anymore

May 28, 2025 By Eric Schwake In Salt Security
APIs serve as the foundation for modern digital innovation, supporting everything from mobile applications to intricate business integrations. However, as their numbers soar, with many companies experiencing annual growth rates of 50-100%, they have also become a significant target for cyber attackers. Relying on "good enough" API security could leave your most vital assets perilously unprotected.
Read Post
appsentinels

Web API Authentication and Authorization Step By Step

May 28, 2025 By AppSentinels In AppSentinels
In an era where APIs are the connective tissue of enterprise ecosystems, authentication and authorization can no longer be treated as mere checklist items. They must become strategic disciplines—crafted thoughtfully to align security with business velocity, regulatory expectations, and evolving threat landscapes.
Read Post
wallarm

CISO Spotlight: Mike Wilkes on Building Resilience in an Evolving Threat Landscape

May 28, 2025 By Wallarm In Wallarm
Mike Wilkes has had a career many cybersecurity professionals could only dream of. An adjunct professor, former CISO of Marvel and MLS, member of the World Economic Forum, drummer, and board member at the National Jazz Museum in Harlem, his interests and achievements are as eclectic as they are impressive.
Read Post
appsentinels

CRUD API vs REST API - Beyond the Basics to Strategic Security Implications

May 27, 2025 By AppSentinels In AppSentinels
The conversation around API design often defaults to technical preferences—developers choosing CRUD APIs for simplicity or REST APIs for structure. However, for enterprise leaders responsible for risk, compliance, and digital resilience, the implications of this choice are far more profound. The CRUD vs. REST debate is not merely architectural; it’s strategic.
Read Post
appsentinels

Open Banking API Aggregator - The Hidden Risk and Strategic Opportunity

May 23, 2025 By AppSentinels In AppSentinels
Open banking has evolved from a regulatory obligation into a competitive imperative. What began as a movement to give consumers control over their financial data has become the engine powering innovation in fintech. At the heart of this transformation sits an often-underestimated player: the API aggregator.
Read Post
appsentinels

Open Banking API Management

May 23, 2025 By AppSentinels In AppSentinels
Open banking is often mischaracterized as a purely technical transformation—an initiative to expose financial services through APIs to third parties. But framing it this way overlooks the more profound shift underway. At its core, open banking is a re-architecture of digital trust, where customer data, once locked behind proprietary systems, becomes mobile, programmable, and subject to constant third-party interaction.
Read Post
appsentinels

What is API Latency?

May 22, 2025 By AppSentinels In AppSentinels
API latency is often an unnoticed threat in the vast digital landscape, quietly wreaking havoc on system performance, user experience, and—perhaps most critically—security. For security leaders, understanding and mitigating API latency should be more than a performance enhancement goal; it’s a foundational part of any robust cybersecurity strategy.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.