This week, we have three API vulnerabilities: in Echelon sports equipment, Instagram, and Facebook Workspace, as well as an interview with Forrester’s key API security expert, Sandy Carielli.

Vulnerability: Echelon

In our previous newsletter, we discussed API vulnerabilities at Peloton. This week, the same researcher, Jan Masters from Pen Test Partners, has published his research on Peloton’s main competitor, Echelon. Turns out that Echelon’s APIs were much worse, leaking a lot of very sensitive personal information of their users.

Source: DZone