Aggregator

Coinbase, the largest cryptocurrency exchange in the United States, has disclosed a significant cybersecurity incident that could cost the company up to $400 million. The breach, revealed in a regulatory filing and confirmed by company officials, stemmed from a sophisticated insider campaign targeting the firm’s overseas support contractors and employees. Coinbase Data Breach On May […]

The post Coinbase Data Breach – Customers Personal Info, Government‑ID & Transaction Data Exposed appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Multiple firms are tracking the zero-day attacks on Europe’s top software firm.

The post SAP cyberattack widens, drawing Salt Typhoon and Volt Typhoon comparisons appeared first on CyberScoop.

May 15, 2025 - Lina Romero - APIs power the modern internet as we know it. AI is grabbing the headlines, but less time is spent reporting on the APIs that connect these AI models behind the scenes to users, apps and data. As a result, API security remains a vital, but often overlooked, issue in 2025. And API testing is a crucial component of API security.
The Importance of Testing
API testing ensures that APIs perform as expected, process only the correctly formatted requests and return only the correct types of output. Without API testing, it is impossible to validate the various outputs and ensure both accuracy and functionality. This is especially true for fast-moving organizations that produce and consume a high number of APIs as a normal part of their technology strategy. Secure-by-design, as championed by CISA, would normally advocate for starting security even a few steps before API testing, for example with secure coding practices based around a threat model. However, once an organization is confident that the code of an API is acceptable (functionally / security requirements), the next step is to run this API and test it. Testing is vital for identifying errors such as incorrect formats, invalid responses, or other flaws that may not be caught manually and vulnerabilities that could lead to unauthorized access, data breaches, and other exploitation. API testing can fall into lots of different categories, even if only focusing on security testing of APIs: Each of these categories of tests will check for a different set of security risks. And it may be important to run these tests either as a completely external user, modeling an anonymous threat actor, or as a valid authenticated user. Catching these early can allow for faster fixes before a faulty API gets to production, and saves the developers both time and money during the build process. That’s why it’s important that each test comes with as much actionable contextual information for a developer or a responsible party to make the necessary fixes. Testing also identifies performance roadblocks and areas that could be optimized for efficiency. It ensures that the APIs can perform well, even at scale or with unpredictable traffic volumes or patterns. Without API, the internet as we know it would simply cease to operate. And without API testing, the APIs that help our internet function could be open to outside manipulation, leading to attacks at a scale we’ve never seen before. At FireTail, we believe strongly in the power and importance of frequent API testing. In fact, we test our own APIs with our product all the time! To see how FireTail can work for you and help you simplify your API security posture, schedule a demo or start your free trial today.

The post Closing the Loop: Continuous API Security Testing – FireTail Blog appeared first on Security Boulevard.

You must login to view this content