Mobile application programming interfaces (APIs) are the biggest security vulnerability in modern apps, according to a blog from app and API security firm Approov. It noted that recent security scares, such as the one experienced by the UK National Health Service, often arise due to poorly secured APIs and unverified app requests. It also noted insecure API keys embedded in apps, and inadequate certificate validation. Approov recommends the adoption of a zero-trust security model alongside mobile app attestation and runtime API security.

Microsoft warns of new remote access trojan targeting crypto wallets
Microsoft has discovered a new remote access trojan (RAT) called StilachiRAT that targets 20 cryptocurrency wallet extensions in the Google Chrome browser. The malware can