Read the original article: API Security Weekly: Issue #110
This week, we check out API vulnerabilities in the dating app Bumble and COVID-KAYA, an app for frontline healthcare workers in the Philippines. There’s also a new Forrester report and an upcoming webinar on API security, as well as a couple of recordings of API security talks from the recent API Specification Conference (ASC).
Vulnerability: Bumble
Sanjana Sarda from Independent Security Evaluators found multiple vulnerabilities in the APIs behind the Bumble dating app. The app has about 95 million users, so the potential exposure is significant.