IBM is warning customers about a critical vulnerability in its API Connect platform that could let remote attackers bypass authentication and gain unauthorized access to applications. The flaw affects specific versions of the software and requires immediate patching or disabling self-service sign-up to mitigate risks.

A security researcher discovered a vulnerability in Filevine's API that allowed access to over 100,000 confidential files from a law firm. The researcher responsibly reported the issue, which was promptly addressed by Filevine, demonstrating the importance of transparency in handling security flaws.

A vulnerability in the legacy Stripe API has been exploited by attackers to validate stolen credit card information. This exploitation allows unauthorized access to sensitive payment data, raising concerns over the security of outdated APIs in financial systems. Immediate measures are recommended for affected users to mitigate potential risks.