IEEE

Interactive Cross-Language Pointer Analysis for Resolving Native Code in Java Programs

Abstract: Java offers the Java Native Interface (JNI), which allows programs running in the Java Virtual Machine to invoke and be manipulated by native applications and libraries written in other ...
Bleeping Computer

The Real-World Attacks Behind OWASP Agentic AI Top 10

OWASP just released the Top 10 for Agentic Applications 2026 - the first security framework dedicated to autonomous AI agents. We've been tracking threats in this space for over a year. Two of our ...
TechRepublic

OWASP Drops First AI Agent Risk List

These aren't simple chatbots anymore—these AI agents access data and tools and carry out tasks, making them infinitely more capable and dangerous. Image: Envato After months of organizations deploying ...
CSOonline

Managing agentic AI risk: Lessons from the OWASP Top 10

Agentic AI is being adopted fast by enterprises, propelled by an explosion of use cases, but security, as always, is lagging. The OWASP Top 10 for Agentic AI can help close that gap. LLM-powered ...
IEEE

Mitigating Cross-Site Request Forgery Vulnerabilities: An Examination of Prevention Systems

Abstract: Cross-Site Request Forgery (CSRF) remains a pervasive vulnerability in web applications, appearing regularly in the OWASP Top 10 lists, posing significant threats to user data and system ...
GitHub

CVE-2025-66021 (High) detected in owasp-java-html-sanitizer-20240325.1.jar

Takes third-party HTML and produces HTML that is safe to embed in your web application. Fast and easy to configure. Library home page: https://github.com/OWASP/java ...
CPO Magazine

OWASP Top 10 2025: Access Control Issues, Security Misconfigurations, Supply Chain Issues Top App Risk List

The Open Worldwide Application Security Project (OWASP) has updated its Top 10 list of web application risks for the first time since 2021, and has essentially created a “rebooted” version with a ...
Microsoft

Weaponizing cross site scripting: When one bug isn’t enough

Cross-Site Scripting (XSS) is often underestimated as a minor vulnerability. In reality, XSS can open the door to more severe attacks when combined with other vulnerabilities. This post is the second ...
Dark Reading

OWASP Highlights Supply Chain Risks in New Top 10 List

OWASP has updated its list of Top 10 software vulnerabilities to align it better with the current threat landscape and modern development practices. The Nov. 6 release is OWASP's first major Top 10 ...
SecurityWeek

Two New Web Application Risk Categories Added to OWASP Top 10

OWASP has added two new categories to the revised version of its Top 10 list of the most critical risks to web applications. The Open Web Application Security Project (OWASP) has released a revised ...
Infosecurity-magazine.com

OWASP Launches Agentic AI Security Guidance

The Open Worldwide Application Security Project (OWASP) has published new practical guidance for securing agentic AI applications powered by large language models (LLMs). The comprehensive guidance, ...
The Hacker News

CISA Adds PaperCut NG/MF CSRF Vulnerability to KEV Catalog Amid Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security vulnerability impacting PaperCutNG/MF print management software to its Known Exploited ...