Bleeping Computer

DocuSign's Envelopes API abused to send realistic fake invoices

Threat actors are abusing DocuSign's Envelopes API to create and mass-distribute fake invoices that appear genuine, impersonating well-known brands like Norton and PayPal. Using a legitimate service, ...
Hosted on MSN

Criminals open DocuSign's Envelope API to make BEC special delivery

Business email compromise scammers are trying to up their success rate by using a DocuSign API.… The Envelope: create API is designed to let users of the legal signing product automate and speed up ...
Bleeping Computer

Apps with over 3 million installs leak 'Admin' search API keys

Researchers discovered 1,550 mobile apps leaking Algolia API keys, risking the exposure of sensitive internal services and stored user information. Of those apps, 32 expose admin secrets, including 57 ...
Hosted on MSN

DocuSign Envelops API hijacked to send out fake invoices

Hackers found abusing DocuSign to send phishing emails The signed documents are used to request payment DocuSign says it has implemented additional safeguards Cybercriminals are abusing DocuSign’s ...