THE page discusses the ongoing scanning of API documentation files, specifically 'swagger.json', by attackers. It highlights the advantages of REST over SOAP for API design but warns that swagger.json files can inadvertently expose sensitive information. The author, Johannes Ullrich, mentions specific URLs being targeted frequently alongside their request counts.
He emphasizes the need for developers to utilize swagger.json for connectivity but also calls for preemptive scanning to identify improperly shared swagger files within secure environments. The threat level remains green, indicating current low threats.