all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Issue 187: RCE and API vulnerability in OAS platform, account takeover in Yunmai smart scale

Add to bookmarks
June 1, 2022, 7:51 p.m. | Colin Domoney

API Security News apisecurity.io

This week, we have two API vulnerabilities: the first is a critical remote code execution (RCE) and API access flaw in the Open Automation Software (OAS) platform, the second a mass account takeover vulnerability in the Yunmai smart scale API. We also have an article on preventing API abuse, and a write-up on how to [...]


Read More...


The post Issue 187: RCE and API vulnerability in OAS platform, account takeover in Yunmai smart scale appeared first on API Security …

account account takeover api newsletter archive oas platform rce scale smart takeover vulnerability

Visit resource

More from apisecurity.io / API Security News

Issue 245: Delinea patches API vulnerability, API vulnerability in Palo Alto devices 1 day, 12 hours ago | apisecurity.io
alto api api design api vulnerability +25
Issue 244: Threats to enterprises in the cloud, looming threats to APIs, API SDK generation … 2 weeks, 2 days ago | apisecurity.io
api apis articles challenges +13
Issue 243: Economics of API attacks, understanding CORS, blocking compromised API tokens 3 weeks, 4 days ago | apisecurity.io
api api attacks apis articles +20
Issue 242: API governance to avoid tech sprawl, API security in digital transformation, AI for … 1 month, 2 weeks ago | apisecurity.io
age api api governance apis +16
Issue 241: Two critical flaws in FortiSIEM product, making public APIs private, API security strategy 1 month, 4 weeks ago | apisecurity.io
api apis api security api security strategy +22
Issue 240: Spoutible API leakage, 15M Trello profiles scraped, API secret tokens leaked 2 months, 1 week ago | apisecurity.io
api api security atlassian big +19
Issue 239: Hugging Face API token breach, SonicWall firewalls exploit, Kubernetes API gateway guide 2 months, 3 weeks ago | apisecurity.io
api api gateway api security api security checklist +20
Issue 238: APIs used to target business, cloud-native for APIs, and APIs becoming attractive targets 3 months, 1 week ago | apisecurity.io
apis articles business businesses +10
Issue 237: Six API trends for 2024, API keys leading to vulnerabilities, the future of … 3 months, 3 weeks ago | apisecurity.io
api api discovery api keys discovery +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Security Officer

@ eSimplicity | Remote
View on infosec-jobs.com

Senior - Automated Cyber Attack Engineer

@ Deloitte | Madrid, España
View on infosec-jobs.com

Public Key Infrastructure (PKI) Senior Engineer

@ Sherwin-Williams | Cleveland, OH, United States
View on infosec-jobs.com

Consultant, Technology Consulting, Cyber Security - Privacy (Senior) (Multiple Positions) (1502793)

@ EY | Chicago, IL, US, 60606
View on infosec-jobs.com

Principal Associate, CSOC Analyst

@ Capital One | McLean, VA
View on infosec-jobs.com

Real Estate Portfolio & Corporate Security Lead

@ Lilium | Munich
View on infosec-jobs.com
View more jobs