至顶头条 on MSN

IBM API Connect关键漏洞可导致身份验证绕过

IBM正敦促客户尽快修补其API Connect平台中的一个关键漏洞,该漏洞可能允许远程攻击者绕过身份验证。 IBM将API ...
至顶网

API网关漏洞

IBM紧急呼吁用户修补API Connect平台中的关键漏洞CVE-2025-13915,该漏洞可能允许远程攻击者绕过身份验证。漏洞影响10.0.8.0至10.0.8.5版本及10.0.11.0版本,无需用户交互即可获得未授权访问。专家指出这不仅是安全缺陷,更暴露了企业架构中的信任假设问题。IBM已提供临时修复程序,建议无法安装修复的用户禁用开发者门户的自助注册功能。
Bleeping Computer

Cloudflare now blocks all unencrypted traffic to its API endpoints

Cloudflare announced that it closed all HTTP connections and it is now accepting only secure, HTTPS connections for api.cloudflare.com. The move prevents unencrypted API requests from being sent, even ...
Dark Reading

Low-Code Tools in Microsoft Azure Allowed Unprivileged Access

Applications connected to Azure through its API Connections functionality could have leaked data to unauthenticated or low-privileged users prior to Microsoft fixing the issue earlier this year, ...