<?xml version="1.0" encoding="utf-8"?>
<rss version="2.0"><channel><title>Peakhour.IO - Shadow APIs</title><link>https://www.peakhour.io/</link><description></description><lastBuildDate>Fri, 19 Jun 2026 00:00:00 +1000</lastBuildDate><item><title>Shadow APIs Are Account-Abuse Paths</title><link>https://www.peakhour.io/blog/shadow-apis-account-abuse/</link><description>&lt;p&gt;Shadow APIs matter because attackers do not care whether a route is documented. Mobile, partner, browser-backed, and legacy APIs can all become account-abuse paths when they remain outside normal controls.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Fri, 19 Jun 2026 00:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2026-06-19:/blog/shadow-apis-account-abuse/</guid><category>API Security</category><category>API Security</category><category>Shadow APIs</category><category>Account Protection</category><category>Bot Management</category><category>Threat Detection</category><category>DevSecOps</category></item></channel></rss>