Application Security

Content Partnership: OWASP Logo SC Media Logo

OWASP unpacks GenAI security’s biggest risks to LLMs

Tom Spring July 2, 2025

Explore the Top 10 vulnerabilities and mitigation strategies shaping the future of secure generative AI development — starting with prompt injection.

Today's Top AppSec Headlines

Application Security: Explained and Explored

Identity
A New Identity: IAM firms double down on agentic risk and cost
Application security
OWASP’s playbook for preventing AI data leaks
Application security
Leaky chatbots: Understanding sensitive information disclosure in AI
Application security
Beware of the multi-billion-dollar industry swooning over SignalGate
Application security
When AI goes off-script: Understanding the rise of prompt injection attacks
Application security
Defending the prompt: How to secure AI against injection attacks
DevOps
Code or be conquered: Preparing developers for cyber threats in the age of AI
Application security
Rewriting the AppSec playbook: How to ditch the vulnerability backlog and defend what matters
Firewalls, Routers
Rethinking Regex: Smarter detection for a modern threat landscape
Application security
From trojans to quantum leaps: An inside look at this week’s cyber mayhem

Application Security News

Fake Visual Studio Code extension for Cursor led to $500K theft

The spoofed “Solidity” extension was installed from the Open VSX registry in Cursor.

Vulnerability Management

Two bugs for Linux Sudo utility patched, one rated critical

Teams told to patch both because each bug could let attackers fully take over an enterprise system.

Application security

CatWatchful stalkerware breach reveals 62K users, 26K victims

An SQL injection exploit exposed the users and owner of CatWatchful stalkerware.

In a dark, textured digital space a red padlock glows atop a small black cube, symbolizing security, protection, and privacy in the world of data and technology..

Encryption and decryption: The foundation of data protection

Ensuring information remains confidential and secure is a core cybersecurity technique.

Qantas Australian airline plane

Qantas confirms cyberattack on third-party call center app

While not confirmed, security pros say the attack resembles recent attacks on airlines and retailers by Scattered Spider.

Secure Online Payment Transaction Process concept. A person confirming secure online payment using a credit card through a digital interface with a verification tick symbol. Internet banking, fintech,

Attack surface management

Cybercrime set to become the world’s third largest economy

Criminal activity could account for $15.6 trillion dollars of economic activity by the year 2029.

A stylized digital eye embedded in a binary code matrix, representing digital surveillance, data privacy concerns, and AI monitoring in the cyber world.

Meta scores worst on GenAI data privacy ranking

Mistral’s Le Chat was ranked most privacy-friendly, followed by OpenAI’s ChatGPT.

(Adobe Stock)

AI that empowers: Redefining security operations excellence with AI + human expertise

Download eSentire's 10 questions to ask vendors about AI when choosing an MDR provider.

42% of AI-using devs say at least half of their codebase is AI-generated

Only 67% of developers said they review AI-generated code before deployment.

Mobile banking security alert on smartphone screen

Application security

GodFather banking malware creates virtual environment on victim devices

Malware observed targeting Turkish banks and scanning nearly 500 apps globally.

Fast Five

Selected by the SC Media Editorial team every Tuesday.

Sign up now for the top five issues cybersecurity pros need to know this week.

AppSec Events