Learn why you should revise your Akira ransomware protection plans. Plus, find out what’s new in OWASP’s revamped Top 10 Web ...

Over the past few years, API security has gone from a relatively niche concern to a headline issue. A slew of high-profile breaches and compliance mandates like PCI DSS 4.0 have woken security teams ...

Security misconfiguration jumped to second place as organizations improve defenses against traditional coding flaws.

OWASP has released a revised version of its Top 10 list of critical risks to web applications, adding two new categories.

The OWASP Foundation has revealed the first Release Candidate for the 2025 OWASP Top 10, ranking critical security concern ...

The Open Worldwide Application Security Project (OWASP) just published its top 10 categories of application risks for 2025, its first list since 2021. It found that while broken access control remains ...

开放全球应用安全项目（OWASP）刚刚发布了2025年应用安全十大风险类别，这是自2021年以来的首次更新。研究发现，访问控制缺陷仍然是最主要的安全问题，安全配置错误紧随其后排名第二，软件供应链问题依然突出。 该更新在组织的全球应用安全美国大会上发布 ...

开放全球应用安全项目（ OWASP ）近日发布了 2025 年应用安全十大风险类别，这是自 2021 年以来的首次更新。这份报告为各组织提供了重要的安全优先级参考，尤其是在快速迭代的数字世界中，帮助企业更好地应对不断变化的安全挑战。本次更新也反映了当前应用安全领域的新趋势和威胁，值得开发者和安全从业者深入关注。

Real victory will come when secure by design isn’t a special initiative but the standard starting point for every project.

A self-replicating attack led to a tidal wave of malicious packages in the NPM registry, targeting tokens for the tea.xyz ...

Details disclosed for a ChatGPT vulnerability that may have exposed some of the AI chatbot’s underlying cloud infrastructure.

Forrester warns AI is cybersecurity’s "new chaos agent": 45% of AI-generated code ships with critical vulnerabilities, ...