Two months ago, attackers compromised one vendor and accessed 700+ Salesforce instances. By October 28, 2025, the crisis response is complete.

Security and DevOps teams choose Wallarm to discover all cloud-native APIs and legacy web applications running in their environment, and to detect & respond to threats against them.

YouTube video by Salt Security

CrowdStrike and Accenture are doubling down on enabling migrations from ‘legacy’ providers to CrowdStrike’s cloud- and AI-native Falcon Next-Gen SIEM offering, executives tell CRN.

With this office hour, learn how StackHawk customers can identify and prioritize high-risk APIs by surfacing sensitive data directly from source code.

🌍 Summary APIs are everywhere — they power mobile apps, web services, and cloud-native...

As data breaches leak more user login ID and password combinations, you should understand what a credential stuffing attack is and the mitigation strategies that help reduce risk.

Sophisticated skimmer uses legacy Stripe API to validate and steal card data from 49 sites since Aug 2024.

In recent years, the rise of API attacks has become a pressing concern across the Asia-Pacific region, with reports indicating a significant uptick in incidents targeting APIs. Organizations are grapp...

While not confirmed, security pros say the attack resembles recent attacks on airlines and retailers by Scattered Spider.

The leading API security company, providing the context needed to discover APIs, stop attacks, and remediate vulnerabilities to accelerate business innovation.

StackHawk CEO Joni Klippert joins TFiR to discuss securing sensitive data in APIs, leveraging AI for attack surface discovery, and why proactive DevSecOps matters.

The Digital Fortress: How APIs Are Reshaping Cybersecurity in the Age of AI Cybersecurity isn't just about protecting networks. It's about understanding the intricate digital highways that connect our...

Security and DevOps teams choose Wallarm to discover all cloud-native APIs and legacy web applications running in their environment, and to detect & respond to threats against them.

The leading API security company, providing the context needed to discover APIs, stop attacks, and remediate vulnerabilities to accelerate business innovation.

GitHub has revealed that over 39 million secrets were leaked across its platform in 2024 alone, prompting the company.

Unpacking the WestJet Cyberattack | Mobile App Security and Aviation Threats Join us on "Upwardly Mobile" as we dissect the significant WestJet cyberattack, an incident that brought to light critical vulnerabilities in mobile application security and backend systems within the aviation sector. Episode Overview: The WestJet cyberattack, reported on June 14, 2025, caused disruptions to the airline's mobile application and select internal systems, though flight operations remained unaffected. This incident underscores an often-overlooked area of vulnerability where protections for user devices by companies like Apple and Google don't fully extend to how apps communicate with their servers. Key Discussion Points: - The Attack Vector: The incident likely exploited weaknesses in backend APIs, a common tactic among experienced cybercriminals, similar to the Hawaiian Airlines attack. Preliminary evidence suggests the use of the known vulnerability CVE-2023-12345, which affects parameter handling in mobile application backends. Threat actors also potentially used targeted spear-phishing campaigns to compromise employee credentials, aligning with the MITRE ATT&CK technique T1566 – Phishing. - Affected Systems: The attack directly impacted the WestJet Mobile App version 4.5.2 (the frontline consumer interface) and its accompanying API Backend version 1.8.9. Internal systems, including Oracle Database 19c (storing customer profiles and booking details) and Windows Server 2019 infrastructures, were also compromised. - Adversary Tactics: Forensic analysis indicates advanced exploitation methods, potentially involving custom scripts for lateral movement (T1059 – Command and Scripting Interpreter) and remote access tools. The sophistication of techniques and the dual targeting of customer-facing and internal infrastructures suggest a well-planned campaign by an organized group with expertise in the aviation sector, possibly using advanced exploit frameworks like Cobalt Strike. - Impact and Consequences: Beyond immediate service disruptions, the attack poses significant risks to customer confidence and operational continuity. There's a consequential risk of data exfiltration, intellectual property compromise, and potential fraudulent activities due to unauthorized access to sensitive internal information and customer profiles. The incident also elevates the risk profile for supply chain partners and third-party vendors. - Recommendations for Enhanced Security: Immediate actions include urgent patch management for vulnerabilities like CVE-2023-12345, extending multi-factor authentication (MFA) across all sensitive internal systems, and revising incident response protocols. Organizations should also enhance email filtering, deploy advanced threat detection systems like CrowdStrike Falcon and Cisco Secure Endpoint, and implement network segmentation to contain lateral movements. Theodore Miracco, CEO of Approov Mobile Security, emphasizes the critical need to address these overlooked vulnerabilities. Relevant Links to Source Materials: - WestJet Cyberattack Report: In-Depth Analysis of the WestJet Mobile App Breach and Internal System Vulnerabilities by Rescana: https://www.rescana.com/post/westjet-cyberattack-report-in-depth-analysis-of-the-westjet-mobile-app-breach-and-internal-system-v - Reuters Report on WestJet Incident: https://www.reuters.com/sustainability/boards-policy-regulation/westjet-probes-cybersecurity-incident-affecting-app-internal-systems-2025-06-14/ - WestJet's Official Advisory: https://www.westjet.com/en-ca/news/2025/advisory--cybersecurity-incident- - MITRE ATT&CK Framework: https://attack.mitre.org/ - CrowdStrike: https://www.crowdstrike.com/ - Mandiant: https://www.mandiant.com/ - Approov Mobile Security: https://approov.io/  Sponsor: This episode is brought to you by Approov Mobile Security. Learn how they protect mobile apps and their APIs at: approov.io Keywords: WestJet, cyberattack, mobile app security, aviation security, API vulnerabilities, spear-phishing, data breach, cybersecurity, incident response, digital threat, airline security, MITRE ATT&CK, CVE-2023-12345, Oracle Database, Windows Server, network security, supply chain risk, critical infrastructure. 

For years, enterprise security strategies have prioritized endpoints, networks, and email systems. Yet attackers have shifted their focus to a less visible...