SoundCloud has fixed several security bugs in its API that could lead to denial-of-service attacks and account takeover via credential-stuffing. The music platform didn t limit the number of login attempts someone could make. SoundCloud claims to host 200 million different music tracks on its online platform. The company recently sold a $75 million stake to satellite radio giant SiriusXM and the two also inked a lucrative ad deal with each other. The bugs were discovered by a researcher Paulo Silva of Checkmarx Security Research.
Source: https://threatpost.com/soundcloud-dos-account-takeover/152838/