Issue 275 of APISecurity.io includes a report of a recent API attack against crypto-currency platform CoinMarketCap, a non-typical case of a corrupted API backend attacking API clients and users on the frontend (most API attacks work in the opposite direction).
If you’re working on API-powered platforms, apps or websites its worth understanding about API regressions and “drift”.
In this blog post we review the incident that occurred at CoinMarketCap and discuss using the OpenAPI file as an API contract to detect and prevent drift.