Over the past few years, API security has gone from a relatively niche concern to a headline issue. A slew of high-profile breaches and compliance mandates like PCI DSS 4.0 have woken security teams ...

If you’ve been in the security universe for the last few decades, you’ve heard of the OWASP Top Ten. It’s a list of 10 security problems that we move around every year and never really solve. Oh sure, ...

OWASP has released a revised version of its Top 10 list of critical risks to web applications, adding two new categories.

Security misconfiguration jumped to second place as organizations improve defenses against traditional coding flaws.

The OWASP Foundation has revealed the first Release Candidate for the 2025 OWASP Top 10, ranking critical security concern ...

Risk list highlights misconfigs, supply chain failures, and singles out prompt injection in AI apps The Open Worldwide ...

开放全球应用安全项目（OWASP）刚刚发布了2025年应用安全十大风险类别，这是自2021年以来的首次更新。研究发现，访问控制缺陷仍然是最主要的安全问题，安全配置错误紧随其后排名第二，软件供应链问题依然突出。 该更新在组织的全球应用安全美国大会上发布 ...

AI is shaping app security – between attackers and defenders. The German OWASP Day highlights the opportunities and risks of ...

This article describes how vibe coding is lowering the barrier to entry and boosting developer productivity for startups and ...

开放全球应用安全项目（ OWASP ）近日发布了 2025 年应用安全十大风险类别，这是自 2021 年以来的首次更新。这份报告为各组织提供了重要的安全优先级参考，尤其是在快速迭代的数字世界中，帮助企业更好地应对不断变化的安全挑战。本次更新也反映了当前应用安全领域的新趋势和威胁，值得开发者和安全从业者深入关注。