This article has been indexed from DZone Security Zone
This week, we take a look at insecure API traffic in the VeryFitPro Android app, how APIs were used to scrape user profile data from Gettr, and some potential API vulnerabilities affecting AWS API Gateway and Lambda authorizers users. In addition, there is also the latest update to the AsyncAPI standard.
Vulnerability: VeryFitPro
Researchers from Trovent Security have found a serious API vulnerability in VeryFitPro, an Android app with more than 10 million downloads.
Read the original article: API Security Weekly: Issue #141