API Security

Security Misconfiguration

Frequent Flyer Points Fraud

Check-in Automation Abuse on Airlines

Booking Fraud in the Airline Industry

Credential Stuffing Attacks in the Airline Industry

October 8, 2024

Vercara’s Open-Source Intelligence (OSINT) Report – September 27 – October 3, 2024

Seat Spinning Attacks on Airline APIs

Fare Scraping Attacks on Airline APIs

Broken Function Level Authorization

Unrestricted Access to Sensitive Business Flows

Improper API Inventory Management

Unsafe Consumption of APIs

Vercara Resources