The Latest News On The API Economy
Searching: No Search Term , Filtered By Category: "Hacking", Category: "Food", Category: "Health", Category: "Applications"
Security researcher Avicoder reported that he uncovered a vulnerability in Twitter's Docker installation housing its Vine source code. The researcher downloaded the entire Vine source code in one of the 80+ server images pulled. Twitter secured the install within 5 minutes, and paid compensation.
At this year’s Apple World Wide Developers Conference, one of the underlying themes Apple introduced was the concept of extensions. The goal being to blur the boundaries between apps on the platform, through widgets, but more notably, allowing developers access to many of Apple’s applications.
Security researchers have discovered a vulnerability in the Swagger ecosystem that could result in the exploitation of Web API endpoints when those endpoints or any SDKs designed to access them are generated from a Swagger-based API description. Malicious remote code execution is the main concern.
Pronounced ‘fire’, FHIR (Fast Healthcare Interoperability Resources) is the HL7 specifications for supporting APIs in exchanging data among HIT systems. By enabling the sharing of data, FHIR has the potential to unite PHM and EMR tools and streamline the process of providing care.
Facebook has rewarded a 10 year-old boy from Finland with a $10,000 bounty for discovering an authentication-related vulnerability in the Instagram API that could have enabled a hacker to delete comments of any user on the popular social photo sharing service even without an Instagram account.
Microsoft has released the Windows Store analytics API. The API provides programmatic access to app analytics that previously required a log in to Dev Center and manual data retrieval. With the new API, developers can easily run reports for interested parties, and conduct deeper app data analysis.
The way the Square API delivers JSON output makes it possible for an attacker to engage in a cross-site scripting (XSS) under certain circumstances. The vulnerability was discovered by security researcher Ajay Chavda and reported to Square on August 7, 2015 through its bounty program on hackerone.
Global API conference series APIdays will kick off its 2016 international program in Melbourne when APIdays Australia is held on March 1 & 2. The conference has a particularly strong range of international and local speakers talking about the uptake of APIs in government, health and fintech.
Let’s face it, it sucks that in 2016 we still have to talk about gender bias in the workplace. Even in the programming world we find a substantial degree of sexism. For those in the ‘know’ this won’t be surprising: gender bias in the tech community is a well-documented phenomenon.
Google has made the People API available to developers. The API combines the work of two APIs into one. Moving forward, developers will be able to use a single call through the People API, rather than separate calls through the Google+ API and Google Contacts API, which it will replace.
Edamam, a company providing structured food and nutrition data to businesses in the health, wellness and food industries announced today the release of its new Nutrition Data API. The API will allow businesses to do real-time analysis of the nutrition of any food or ingredient in a recipe.
Sickweather is known for its real-time illness tracking. Where hospitals and government agencies take weeks to report illness trends, Sickweather scans social media outlets for real-time tracking and reporting. Now, Sickweather has made the API behind the tracking service available to developers.
Google said it will follow through on plans announced in 2011 to deprecate several search-related APIs. The company already has a replacement in place for the soon-to-be-defunct APIs. The replacement will help developers add select search functions to their Android mobile apps.
Virtual conference hack.summit() returns for its second year on February 22 - 25, 2016. The conference brings technology leaders together in a virtual space so that participants around the world can learn direct from the most innovative creators in the API, mobile, data, cloud and IoT realms.
Six APIs have been added to the ProgrammableWeb directory in categories such as Health, Tourism, and Feedback, among others. Featured today is QuantiModo, which collects and analyzes human activity data to aid researchers and keep people healthy and happy. Here's a summary of the new additions.
Secret API Keys add a layer of security to APIs and who can access what functions, but a simple flaw in the common implementation in GitHub leaves many API Keys exposed to external developers. This tutorial by Moshe Shaham explains this error, as well as how to leverage it to find API keys.
As more security vulnerabilities in IT software are discovered and exploited by malicious endeavours, Cisco has released its openVuln API that automates the sharing of security vulnerability information in a move aimed at nurturing an open security automation standard across the industry.
Target is on the data breach hot seat again, just two weeks after settling its massive 2013 data breach. This time, an API vulnerability tied to the Target app wishlist functionality led a security firm to easily retrieve personal information from app users. The API requires no authentication.
Electronic health records management policy makers in the United States want to see APIs become a mandatory standard. But several leadership voices in the healthcare and IT industry, including Dr John Halamka from the Beth Israel Medical Center, say it is too early for APIs to take a central role.
Koding has announced its global virtual hackathon to be held December 12-13. The event is expected to draw more than 100,000 participants competing for $150,000 in prizes.