Web Application Security News

Scroll down for all the latest web application security news and information.

Browse other Application Security topics

Don’t Miss Out!

Subscribe to our weekly newsletter for the latest in industry news, expert insights, dedicated information security content and online events.

Over 80% of Ethical Hackers Now Use AI

News27 January 2026

Researchers Uncover “Haxor” SEO Poisoning Marketplace

News26 January 2026

Fortra researchers have discovered a new SEO poisoning operation known as “HaxorSEO”

Critical Appsmith Flaw Enables Account Takeovers

News22 January 2026

RealHomes CRM Plugin Flaw Affected 30,000 WordPress Sites

News22 January 2026

Zero-Day Exploits Surge, Nearly 30% of Flaws Attacked Before Disclosure

News22 January 2026

VulnCheck analysts found that vulnerabilities exploited before being publicly disclosed rose from 23.6% in 2024 to 28.96% in 2025

LastPass Warns of Phishing Campaign Attempting to Steal Master Passwords

News22 January 2026

Phishing and Spoofed Sites Remain Primary Entry Points For Olympics

News21 January 2026

Peruvian Loan Scam Harvests Cards and PINs via Fake Applications

News21 January 2026

Experts Welcome Global Cybersecurity Vulnerability Enumeration Launch

News21 January 2026

A new service, the Global Cybersecurity Vulnerability Enumeration (GCVE), offers an alternative to the US-led CVE

Chainlit Security Flaws Highlight Infrastructure Risks in AI Apps

News20 January 2026

Don’t miss out!

Subscribe to our weekly newsletter for the latest in industry news, expert insights, dedicated information security content and online events.

Webinars Coming Up

How To Enhance Security Operations with AI-Powered Defenses

15:00 — 16:00, 26 February 2026

White Papers

Gcore Radar: DDoS Attack Trends Q3 to Q4, 2023

White Paper20 March 2024

5 Ways to Strengthen Your Active Directory Password Policy

White Paper30 October 2023

Pipedream Chernovite's emerging malware targeting Industrial Control Systems

White Paper19 August 2022

On-Demand Webinars

What’s Hot on Infosecurity Magazine?

France Fines National Employment Agency €5m Over 2024 Data Breach

News29 January 2026

Google Disrupts Extensive Residential Proxy Networks

News29 January 2026

Number of Cybersecurity Pros Surges 194% in Four Years

News29 January 2026

Cybersecurity Teams Embrace AI, Just Not at the Scale Marketing Suggests

News29 January 2026

Autonomous System Uncovers Long-Standing OpenSSL Flaws

News28 January 2026

World Leaks Ransomware Group Claims 1.4TB Nike Data Breach

News27 January 2026

Data Privacy Day: Why AI’s Rise Makes Protecting Personal Data More Critical Than Ever

News Feature28 January 2026

Securing AI for Cyber Resilience: Building Trustworthy and Secure AI Systems

Blog8 December 2025

AI Supercharges Attacks in Cybercrime's New 'Fifth Wave'

News20 January 2026

Cyber Risk In 2026: How Geopolitics, Supply Chains and Shadow AI Will Test Resilience

Opinion2 January 2026

Zero-Day Exploits Surge, Nearly 30% of Flaws Attacked Before Disclosure

News22 January 2026

CISA Releases List of Post-Quantum Cryptography Product Categories

News26 January 2026

Securing M365 Data and Identity Systems Against Modern Adversaries

Webinar15:00 — 16:00, 22 January 2026

Five Non-Negotiable Strategies to Get Identity Security Right in 2026

Webinar18:00 — 18:30, 22 January 2026

Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

Webinar15:00 — 16:00, 23 October 2025

Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

Webinar15:00 — 16:00, 11 December 2025

How Mid-Market Businesses Can Leverage Microsoft Security for Proactive Defenses

Webinar15:00 — 16:00, 6 November 2025

Cyber Defense in the Age of AI: Stay Ahead of Threats Without Compromising Safety

Webinar15:00 — 16:00, 24 July 2025

Regulating AI: Where Should the Line Be Drawn?

Opinion12 November 2025

What Is Vibe Coding? Collins’ Word of the Year Spotlights AI’s Role and Risks in Software

News Feature11 November 2025

Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

Webinar15:00 — 16:00, 23 October 2025

Bridging the Divide: Actionable Strategies to Secure Your SaaS Environments

Blog7 November 2025

NCSC Set to Retire Web Check and Mail Check Tools

News10 November 2025

Beyond Bug Bounties: How Private Researchers Are Taking Down Ransomware Operations

Podcast4 November 2025

Podcasts

Malicious Google Chrome Extensions Hijack Workday and Netsuite

News19 January 2026

ICE Agent Doxxing Site DDoS-ed Via Russian Servers

News15 January 2026

Hackers Use Fake PayPal Notices to Steal Credentials, Deploy RMMs

News14 January 2026

GoBruteforcer Botnet Targets Linux Servers

News8 January 2026

The GoBruteforcer botnet has been observed targeting exposed Linux servers on services like FTP and MySQL

China-Linked UAT-7290 Targets Telecom Networks in South Asia

News8 January 2026

Ilya Lichtenstein Released Early After Bitfinex Hack Conviction

News5 January 2026

VVS Stealer Uses Advanced Obfuscation to Target Discord Users

News5 January 2026

A new Python-based malware called VVS stealer has been identified, targeting Discord users with stealthy techniques to steal data

Experts Trace $35m in Stolen Crypto to LastPass Breach

News5 January 2026

Motors WordPress Vulnerability Exposes Sites to Takeover

News17 December 2025

New “Lies-in-the-Loop” Attack Undermines AI Safety Dialogs

News17 December 2025

A novel attack technique dubbed ”Lies-in-the-Loop” (LITL) has been observed manipulating human approval prompts in agentic AI systems

Blogs

Zero Trust and Active Directory: What Modern AD Audits Reveal

Blog19 January 2026

How to Recover Corrupt MDF File from SQL Server

Blog12 January 2026

Next-Gen Infosec

How to Prevent Data Leakages

Next-Gen11 August 2023

Top Cloud Misconceptions that Could Damage Your Organization

Next-Gen4 August 2023

Improve Asset Visibility in OT Security With Hybrid AI-Cloud Approaches

Next-Gen21 July 2023