Infosecurity Magazine

Web Application Security News

Scroll down for all the latest web application security news and information.

Latest News and Features

Ilya Lichtenstein Released Early After Bitfinex Hack Conviction

News

Ilya Lichtenstein, convicted for the 2016 Bitfinex hack, has been released early from prison to home confinement

VVS Stealer Uses Advanced Obfuscation to Target Discord Users

News

A new Python-based malware called VVS stealer has been identified, targeting Discord users with stealthy techniques to steal data

Experts Trace $35m in Stolen Crypto to LastPass Breach

News

Motors WordPress Vulnerability Exposes Sites to Takeover

News

New “Lies-in-the-Loop” Attack Undermines AI Safety Dialogs

News

Urban VPN Proxy Accused of Harvesting AI Chat Conversations

News

Malware Discovered in 19 Visual Studio Code Extensions

News

Pro-Russia Hackers Target US Critical Infrastructure in New Wave

News

Pro-Russia hacktivist groups have been observed exploiting exposed virtual network computing connections to breach OT systems

Log4Shell Downloaded 40 Million Times in 2025

News

Microsoft Fixes Three Zero-Days in Final Patch Tuesday of 2025

News

Webinars Coming Up

Securing M365 Data and Identity Systems Against Modern Adversaries

How To Enhance Security Operations with AI-Powered Defenses

White Papers

Gcore Radar: DDoS Attack Trends Q3 to Q4, 2023

White Paper

5 Ways to Strengthen Your Active Directory Password Policy

White Paper

Pipedream Chernovite's emerging malware targeting Industrial Control Systems

White Paper

On-Demand Webinars

  • Modernise Application Delivery for the New Era
  • Closing the Browser Security Gap: Defending Against Modern Web-Based Threats
  • How to Proactively Remediate Rising Web Application Threats
  • Experiencing a DDoS Simulation to Enhance Defenses
  • How to Pair Threat Hunting and Exploit Intelligence for Better Cybersecurity
  • Mastering Software Supply Chain Security with Strategic Defense Mechanisms
  • The Infosecurity Magazine End of Year Xmas Quiz (Feat. The Beer Farmers)
  • How a Threat Response Unit Unmasks a Hacker
  • Updating Your Active Directory Security to the Modern Threat Environment
  • How to Secure Your Applications Against API Attacks

Podcasts

  • Eleanor Dallaway and Camille talk about Camille’s journey from Capitol Hill to Google as global head of product security strategy.
  • IntoSecurity Chats Episode 1 - Katie Moussouris
  • Into Security Podcast - Episode 1

More news and features

React.js Hit by Maximum-Severity 'React2Shell' Vulnerability

News

New GhostFrame Phishing Framework Hits Over One Million Attacks

News

Yearn Finance yETH Pool Hit by $9M Exploit

News

A critical vulnerability in Yearn Finance's yETH pool allowed an attacker to steal around $9m

ShadyPanda's Seven-Year Campaign Infects 4.3M Chrome and Edge Users

News

Scattered Lapsus$ Hunters Take Aim At Zendesk Users

News

Cyber-Attack Disrupts OnSolve CodeRED Emergency Notification System

News

A cyber-attack claimed to be the resposibility of INC Ransom group and targeting the OnSolve CodeRED platform has disrupted emergency notification and exposed user data across the US

Smishing Triad Impersonation Campaigns Expand Globally

News

A cluster of fraudulent domains impersonating Egyptian providers have been identified linked to Smishing Triad operations

Flaws Expose Risks in Fluent Bit Logging Agent

News

CISA Issues New Guidance on Bulletproof Hosting Threat

News

Eternidade Stealer Trojan Fuels Aggressive Brazil Cybercrime

News

Blogs

Rebuilding Digital Trust in the Age of Deepfakes

Blog

Inside the Chip: Rethinking Cybersecurity from the Ground Up

Blog

Next-Gen Infosec

How to Prevent Data Leakages

Next-Gen

Top Cloud Misconceptions that Could Damage Your Organization

Next-Gen

Improve Asset Visibility in OT Security With Hybrid AI-Cloud Approaches

Next-Gen