IBM正敦促客户尽快修补其API Connect平台中的一个关键漏洞，该漏洞可能允许远程攻击者绕过身份验证。 IBM将API Connect描述为一个完整生命周期的应用程序编程接口网关，用于"创建、测试、管理、保护、分析和社交化API"。该公司特别宣传它是"通过为AI服务的API访问 ...

IBM has released security updates to address a critical IBM API Connect vulnerability that could allow remote attackers to bypass authentication controls and gain unauthorized access to affected ...

远程攻击者可利用此漏洞完全绕过平台身份验证机制，在无需凭证的情况下获得未授权访问权限。攻击仅需基础网络连接，无需复杂配置或用户配合。 作为企业级API管理核心组件，API Connect负责处理API流量的身份验证、访问控制和安全策略。该漏洞可能导致后端 ...

IBM is urging customers to immediately patch a critical vulnerability in API Connect. The flaw allows attackers to access applications without authentication. The leak affects hundreds of ...

Rated 9.8 out of 10 in severity, the flaw could allow a remote attacker to gain unauthorized access to applications. IBM is urging customers to quickly patch a critical vulnerability in its API ...

IBM has disclosed details of a critical security flaw in API Connect that could allow attackers to gain remote access to the application. The vulnerability, tracked as CVE-2025-13915, is rated 9.8 out ...

The vulnerability affects API Connect versions 10.0.8.0 through 10.0.8.5 and 10.0.11.0. IBM lists an interim fix package and step-by-step instructions for installation on its support site; customers ...

Malicious npm package posing as a WhatsApp Web API library operated for months as a functional dependency while stealing messages and maintaining persistence. Security researchers have uncovered a ...