Akamai Is the 2026 Gartner® Peer Insights™ Customers’ Choice for API Protection

Read why Akamai was named the only Customers’ Choice in the 2026 Gartner Peer Insights Voice of the Customer for API Protection...

Enterprise-Grade Application Security, Cloud-Native Speed: Introducing Imperva for Google Cloud

In today’s dynamic digital environment, the pressure to innovate has never been greater. Development teams are pushing for native cloud tools to maximize performance and cost-efficiency, while security teams require best-of-breed, enterprise-grade protection to defend against an ever-evolving...

PT-2026-25364

Dagu is a workflow engine with a built-in Web user interface. Prior to 2.2.4, when Dagu is configured with HTTP Basic authentication DAGU AUTH MODE=basic, all Server-Sent Events SSE endpoints are accessible without any credentials. This allows unauthenticated attackers to access real-time DAG...

Web Technologies Security in the AI Era: A Survey of CDN-Enhanced Defenses

The modern web stack, which is dominated by browser-based applications and API-first backends, now operates under an adversarial equilibrium where automated, AI-assisted attacks evolve continuously. Content Delivery Networks CDNs and edge computing place programmable defenses closest to users and...

EUVD-2019-3137

Malware in sbrugna...

EUVD-2021-19573

Malware in sbrugna...

EUVD-2023-58850

Malicious code in bioql PyPI...

CVE-2025-4302

The CVE-2025-4302 issue affects the Stop User Enumeration WordPress plugin prior to version 1.7.3, where an authentication bypass is possible by URL-encoding the REST API path /wp-json/wp/v2/users/. This bypass defeats the plugin’s user-enumeration protections, and may facilitate brute-force atte...

Compliance Insights: How to Stop Lateral Movement and Boost Authorization

Stop lateral movement before it starts. Learn how to meet security compliance regulations with layered security, microsegmentation, and smart API protection...

CVE-2025-32968

XWiki is a generic wiki platform. In versions starting from 1.6-milestone-1 to before 15.10.16, 16.4.6, and 16.10.1, it is possible for a user with SCRIPT right to escape from the HQL execution context and perform a blind SQL injection to execute arbitrary SQL statements on the database backend...

The AI-Powered Reboot: Rethinking Defense for Web Apps and APIs

...

Mitigate Http/2 continuations with Imperva WAF

As the threat landscape continues to grow, with new breaches being announced every day, Imperva continues to stay one step ahead of attackers. HTTP/2 exploits seem to be growing every quarter as more attackers use this vulnerability in new ways. We previously wrote about how Imperva protected its...

K75431121: BIG-IP APM OAuth Bearer with SSO does not process HTTP headers as expected

Security Advisory Description BIG-IP APM OAuth Bearer Single Sign-On SSO may forward HTTP headers as-is without the expected processing when all of the following conditions are met: Bearer SSO configured API Protection profile in use OAuth token failure occurs Impact HTTP headers are forwarded...

Mastering API Security: Learn the 3 Key Principles at Kong API Summit 2023

In an era where APIs Application Programming Interfaces are the lifeblood of digital interactions, the need for robust API security has never been more critical. According to Gartner research, a staggering 90% of web-enabled applications are predicted to harbor vulnerabilities related to APIs. To...

Protect Every API Anywhere with API Security

...

Wallarm at Black Hat USA 2023 Booth #3131

Wallarm is excited to be back at Black Hat USA this year and meet with our friends in the community wanting or perhaps needing to learn more about integrated web app and API protection. We look forward to seeing you there! Expo Hours If you’re attending in person, the Business Hall is open for tw...

Rockwell Automation Enhanced HIM 跨站请求伪造漏洞

The Rockwell Automation Enhanced HIM is an advanced human interface module from Rockwell Automation. It is a device used to interact with Rockwell Automation control systems, providing a more intuitive and convenient interface for operation and monitoring. A cross-site request forgery vulnerabili...

Preventing Bot Attacks and Online Fraud on APIs

The rapid proliferation of Application Programming Interfaces APIs is spearheading digital transformation, leading to explosive growth in adoption of APIs in recent years. In fact, it’s hard to think of any software that doesn’t use or is in itself, an API. By supporting swift development and...

6 Top API Security Risks! Favored Targets for Attackers If Left Unmanaged

Security threats are always a concern when it comes to APIs. API security can be compared to driving a car. You must be cautious and review everything closely before releasing it into the world. By failing to do so, you're putting yourself and others at risk. API attacks are more dangerous than...

Akamai Named a 2022 Gartner® Magic Quadrant Leader for Cloud Web Application and API Protection

Akamai was named a Leader in the 2022 Gartner® Magic Quadrant for Cloud Web Application and API Protection WAAP report, and was positioned highest for Ability to Execute and furthest for Completeness of Vision...