Unlocking API Security: 10 Common Vulnerabilities Every Tester Must Know

This article explains the most frequent API security flaws—including information disclosure, broken object and function level authorizations, excessive data exposure, rate‑limiting gaps, mass‑assignment, misconfigurations, asset‑management errors, and business‑logic bugs—while providing practical examples, detection techniques, and code snippets for each vulnerability.

API SecurityBFLABOLA

0 likes · 16 min read

Unlocking API Security: 10 Common Vulnerabilities Every Tester Must Know

IT Architects Alliance

Mar 23, 2025 · Information Security

Cloud Architecture Security: Overlooked Hidden Vulnerabilities and Mitigation Strategies

The article examines the often‑ignored hidden vulnerabilities in cloud architectures—such as API flaws, misconfigurations, and third‑party service risks—illustrates real‑world incidents, explains why enterprises neglect these issues, and offers concrete measures to strengthen cloud security.

API vulnerabilitiescloud securityinformation security

0 likes · 10 min read

Cloud Architecture Security: Overlooked Hidden Vulnerabilities and Mitigation Strategies

ITPUB

Feb 18, 2024 · Information Security

How Misconfigured Cloud Buckets Exposed BMW and Mercedes Secrets – Lessons for Secure Cloud Practices

Recent reports reveal that misconfigured Azure storage buckets and exposed GitHub keys leaked sensitive BMW and Mercedes data, highlighting how simple cloud configuration errors can lead to massive breaches and underscoring the need for strict security controls and best‑practice cloud management.

AzureGitHubbest practices

0 likes · 7 min read

How Misconfigured Cloud Buckets Exposed BMW and Mercedes Secrets – Lessons for Secure Cloud Practices

Liangxu Linux

Jul 30, 2023 · Information Security

Top 12 Common API Vulnerabilities Every Tester Should Know

Understanding the most frequent API weaknesses—from information disclosure and broken object-level authorization to injection, misconfiguration, and business logic flaws—helps security testers identify, exploit, and report issues such as over‑exposed data, missing rate limits, and improper authentication across modern web services.

API SecurityBOLAbusiness logic

0 likes · 17 min read

Top 12 Common API Vulnerabilities Every Tester Should Know

Java High-Performance Architecture

Dec 12, 2015 · Information Security

How Hackers Exploit Redis Misconfigurations to Gain SSH Password‑less Access

This article explains how attackers generate an SSH key pair, use an unsecured Redis server to store the public key, modify Redis's working directory and filename settings, and ultimately create an authorized_keys file on the target system to achieve password‑less SSH login.

Securitymisconfigurationpasswordless login

0 likes · 3 min read

How Hackers Exploit Redis Misconfigurations to Gain SSH Password‑less Access