Cybersecurity firm Salt Labs discovered a GraphQL API authorization vulnerability in a large B2B financial technology platform. It would give attackers the ability to submit unauthorized ...

A newly found vulnerability in GraphQL query language for application programming interfaces has been found to expose a leading business-to-business financial technology company. While the exposed ...

Several aspects of GraphQL API structure can create security risks that can be difficult to assess. ... identified a novel GraphQL API authorization vulnerability that can arise in nested API queries.

GraphQL is a query language for APIs and a runtime for fulfilling queries with existing data – it provides a complete (and understandable) description of the data in an API, makes it easier to ...

Despite delays in fully resolving the vulnerabilities, the researchers say that Coursera took "prompt ownership" of the API bugs, once reported. "The privacy and security of learners on Coursera ...

AI-driven API vulnerabilities have skyrocketed by 1205% in the past year. The figures come from the 2025 API ThreatStats Report by Wallarm, which highlights how AI has become the biggest driver of API ...

The open source query language GraphQL is the future of APIs, but getting it to hum (and hum at scale) takes some strategizing. Here’s what we’ve learned.

A unified API protection (UAP) solution can empower security teams to discover their entire API footprint, understand their API security posture and protect their APIs from cyber-attacks.

Graph-based programming was popularized by GraphQL, a data-query language introduced by Facebook in 2015. GraphQL helps developers communicate with APIs through flexible and structured data queries.

Sources such as Cloudflare note that API calls are the fastest-growing type of Internet traffic and GraphQL APIs are rapidly becoming a de-facto way that companies interact with data.