CPO Magazine

OWASP Top 10 2025: Access Control Issues, Security Misconfigurations, Supply Chain Issues Top App Risk List

With the first new release since 2021, the one thing that hasn't changed about the OWASP Top 10 is that "broken access ...
The Register on MSN

OWASP Top 10: Broken access control still tops app security list

Risk list highlights misconfigs, supply chain failures, and singles out prompt injection in AI apps The Open Worldwide ...
CSOonline

OWASP Mobile Security Project call for volunteers

The OWASP (Open Web Application Security Project) Mobile Security Project wants your help to shape the OWASP Mobile Top 10 Risks. I’m going to run the open letter from their website below. But first, ...
Longview News-Journal

Project OWASP Promotes GenAI Security Project to Flagship Status

The OWASP Top 10 for LLM and Generative AI has recognized industry need and expanded scope and become an OWASP Flagship Project WILMINGTON, Del., March 27, 2025 /PRNewswire/ -- The Open Worldwide ...
WJHL-TV

OWASP Reveals Updated 2025 Top 10 Risks for LLMs, Announces New LLM Project Sponsorship Program and Inaugural Sponsors

List for 2025 expands on evolving challenges as new sponsorship program enables OWASP Top 10 for LLMs and Generative AI Project to continue its vital work WILMINGTON, Del., Nov. 19, 2024 /PRNewswire/ ...
KXAN

OWASP Gen AI Security Project Announces Nine New Sponsors and Major RSA Conference Presence to Advance Generative AI Security

WILMINGTON, Del., April 17, 2025 /PRNewswire/ -- The Open Worldwide Application Security Project's (OWASP) flagship Generative AI Security Project (https://genai.owasp.org) today announced the ...
Dark Reading

OWASP Reshuffles Its Top 10 List, Adds New Categories

Access control vulnerabilities and misconfigurations occur more often than any other security weakness and took the No. 1 spot on a top 10 list of Web application security risks, according to a draft ...
Bleeping Computer

Four Years Later, We Have a New OWASP Top 10

The Open Web Application Security Project (OWASP) has published a new version of its infamous Top 10 vulnerability ranking, four years after its last update, in 2013. The OWASP Top 10 is not an ...
Opinion
Security BoulevardOpinion

Supply Chain Security made the OWASP Top Ten, this changes nothing

If you’ve been in the security universe for the last few decades, you’ve heard of the OWASP Top Ten. It’s a list of 10 security problems that we move around every year and never really solve. Oh sure, ...
Infosecurity-magazine.com

OWASP Launches Agentic AI Security Guidance

The Open Worldwide Application Security Project (OWASP) has published new practical guidance for securing agentic AI applications powered by large language models (LLMs). The comprehensive guidance, ...
Bleeping Computer

OWASP discloses data breach caused by wiki misconfiguration

The OWASP Foundation has disclosed a data breach after some members' resumes were exposed online due to a misconfiguration of its old Wiki web server. Short for Open Worldwide Application Security ...