This week, we have news of the eye-opening vulnerability on the Coinbase platform which netted $250,000 in bug bounty. There’s also an excellent guide on best practices for authentication and authorization for REST APIs, an article on the growth of bad bots and how to mitigate against them, and a fun read from APIHandyman on how to hack the Elgato Key light API.
Vulnerability: Coinbase API Bug Allowed Unlimited Cryptocurrency Trading
This week’s major news story has been the disclosure of a major vulnerability in an API on Coinbase, a cryptocurrency trading platform. This vulnerability potentially allowed an attacker to make unlimited cryptocurrency trades between different currency accounts.