Web Application Security News

Scroll down for all the latest web application security news and information.

Browse other Application Security topics

Don’t Miss Out!

Subscribe to our weekly newsletter for the latest in industry news, expert insights, dedicated information security content and online events.

Two Connecticut Men Charged In Alleged $3m Gambling Fraud Scheme

News9 February 2026

SolarWinds Web Help Desk Vulnerability Actively Exploited

News4 February 2026

CISA has added a critical CVE in SolarWinds Web Help Desk to its KEV Catalog

SQL Injection Flaw Affects 40,000 WordPress Sites

News3 February 2026

DockerDash Exposes AI Supply Chain Weakness In Docker's Ask Gordon

News3 February 2026

DockerDash vulnerability allows RCE and data exfiltration via unverified metadata in Ask Gordon

Notepad++ Update Hijacking Linked to Hosting Provider Compromise

News2 February 2026

Over 80% of Ethical Hackers Now Use AI

News27 January 2026

Researchers Uncover “Haxor” SEO Poisoning Marketplace

News26 January 2026

Fortra researchers have discovered a new SEO poisoning operation known as “HaxorSEO”

Critical Appsmith Flaw Enables Account Takeovers

News22 January 2026

RealHomes CRM Plugin Flaw Affected 30,000 WordPress Sites

News22 January 2026

Zero-Day Exploits Surge, Nearly 30% of Flaws Attacked Before Disclosure

News22 January 2026

Don’t miss out!

Subscribe to our weekly newsletter for the latest in industry news, expert insights, dedicated information security content and online events.

Webinars Coming Up

How To Enhance Security Operations with AI-Powered Defenses

15:00 — 16:00, 26 February 2026

White Papers

Gcore Radar: DDoS Attack Trends Q3 to Q4, 2023

White Paper20 March 2024

5 Ways to Strengthen Your Active Directory Password Policy

White Paper30 October 2023

Pipedream Chernovite's emerging malware targeting Industrial Control Systems

White Paper19 August 2022

On-Demand Webinars

What’s Hot on Infosecurity Magazine?

New Technical Markers Reveal Expanding ShadowSyndicate Cybercriminal Infrastructure

News4 February 2026

What Is Vibe Coding? Collins’ Word of the Year Spotlights AI’s Role and Risks in Software

News Feature11 November 2025

New Cyber Startup Programme to Debut at Infosecurity Europe 2026

News6 February 2026

New Hacking Campaign Exploits Microsoft Windows WinRAR Vulnerability

News5 February 2026

AI Drives Doubling of Phishing Attacks in a Year

News4 February 2026

SolarWinds Web Help Desk Vulnerability Actively Exploited

News4 February 2026

NSA Publishes New Zero Trust Implementation Guidelines

News2 February 2026

Two Critical Flaws in n8n AI Workflow Automation Platform Allow Complete Takeover

News4 February 2026

Data Privacy Day: Why AI’s Rise Makes Protecting Personal Data More Critical Than Ever

News Feature28 January 2026

Over 80% of Ethical Hackers Now Use AI

News27 January 2026

Cybersecurity M&A Roundup: CrowdStrike and Palo Alto Networks Lead Investment in AI Security

News Feature2 February 2026

Insider Threats in the Work from Home Age

Opinion1 June 2023

Securing M365 Data and Identity Systems Against Modern Adversaries

Webinar15:00 — 16:00, 22 January 2026

Five Non-Negotiable Strategies to Get Identity Security Right in 2026

Webinar18:00 — 18:30, 22 January 2026

Cyber Resilience in the AI Era: New Challenges and Opportunities

Webinar15:00 — 16:00, 25 March 2025

Cyber Defense in the Age of AI: Stay Ahead of Threats Without Compromising Safety

Webinar15:00 — 16:00, 24 July 2025

How to Implement Attack Surface Management in the AI and Cloud Age

Webinar15:00 — 16:00, 3 April 2025

How AI and Verifiable Credentials Are Redefining Digital Identities

Webinar16:00 — 17:00, 27 March 2025

Regulating AI: Where Should the Line Be Drawn?

Opinion12 November 2025

What Is Vibe Coding? Collins’ Word of the Year Spotlights AI’s Role and Risks in Software

News Feature11 November 2025

Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

Webinar15:00 — 16:00, 23 October 2025

Bridging the Divide: Actionable Strategies to Secure Your SaaS Environments

Blog7 November 2025

NCSC Set to Retire Web Check and Mail Check Tools

News10 November 2025

Beyond Bug Bounties: How Private Researchers Are Taking Down Ransomware Operations

Podcast4 November 2025

Podcasts

LastPass Warns of Phishing Campaign Attempting to Steal Master Passwords

News22 January 2026

Phishing and Spoofed Sites Remain Primary Entry Points For Olympics

News21 January 2026

Cyber risks for the Milano-Cortina 2026 Winter Games include phishing and spoofed websites as key threat vectors

Peruvian Loan Scam Harvests Cards and PINs via Fake Applications

News21 January 2026

Experts Welcome Global Cybersecurity Vulnerability Enumeration Launch

News21 January 2026

Chainlit Security Flaws Highlight Infrastructure Risks in AI Apps

News20 January 2026

Malicious Google Chrome Extensions Hijack Workday and Netsuite

News19 January 2026

ICE Agent Doxxing Site DDoS-ed Via Russian Servers

News15 January 2026

DDoS-ers are striking a website linked to a data breach at the Department of Homeland Security

Hackers Use Fake PayPal Notices to Steal Credentials, Deploy RMMs

News14 January 2026

GoBruteforcer Botnet Targets Linux Servers

News8 January 2026

The GoBruteforcer botnet has been observed targeting exposed Linux servers on services like FTP and MySQL

China-Linked UAT-7290 Targets Telecom Networks in South Asia

News8 January 2026

Infosecurity Magazine

Web Application Security News

Browse other Application Security topics

Don’t Miss Out!

Latest News and Features

Don’t miss out!

Webinars Coming Up

White Papers

On-Demand Webinars

What’s Hot on Infosecurity Magazine?

Podcasts

More news and features

Blogs

Next-Gen Infosec