all InfoSec news
API Abuse – Lessons from the Duolingo Data Scraping Attack
Security Boulevard securityboulevard.com
It’s been reported that 2.6 million user records sourced from the Duolingo app are for sale. The attacker apparently obtained them from an open API provided by the company. There’s a more technical explanation available here. While we talk a lot about the vulnerabilities in the OWASP API Top-10 and the exploits associated with those [...]
The post API Abuse – Lessons from the Duolingo Data Scraping Attack appeared first on Wallarm.
The post API Abuse – Lessons from …
abuse api api abuse api discovery api security app application security attack data data scraping duolingo owasp owasp api owasp top 10 rate limiting sale scraping technical the company vulnerabilities