Web Application Security News

Scroll down for all the latest web application security news and information.

Browse other Application Security topics

Don’t Miss Out!

Subscribe to our weekly newsletter for the latest in industry news, expert insights, dedicated information security content and online events.

Avada Builder Flaws Expose One Million WordPress Sites

News13 May 2026

Avada Builder flaws allowed file read and SQL injection on one million WordPress sites

OpenAI Launches 'Daybreak' to Help Build Secure By Design Software

News12 May 2026

Fake Claude Code Page Pushes PowerShell Stealer at Devs

News11 May 2026

PCPJack Campaign Boots TeamPCP Off Compromised Machines

News8 May 2026

SentinelOne believes the PCPJack campaign may be the brainchild of a former TeamPCP member

Cline Kanban Flaw Lets Websites Hijack AI Coding Agents

News7 May 2026

Fake Claude AI Site Drops Beagle Backdoor on Windows Users

News7 May 2026

Trellix Reveals Unauthorized Access to Source Code

News5 May 2026

Malicious npm Dependency Linked to AI Assisted Commit Targets Crypto Wallets

News29 April 2026

Medtronic Confirms Data Breach After ShinyHunters Claims

News28 April 2026

Medtronic confirms IT breach as ShinyHunters claims millions of records accesseda

Widely Used Browser Extensions Selling User Data

News27 April 2026

Don’t miss out!

Subscribe to our weekly newsletter for the latest in industry news, expert insights, dedicated information security content and online events.

White Papers

Gcore Radar: DDoS Attack Trends Q3 to Q4, 2023

White Paper20 March 2024

5 Ways to Strengthen Your Active Directory Password Policy

White Paper30 October 2023

Pipedream Chernovite's emerging malware targeting Industrial Control Systems

White Paper19 August 2022

On-Demand Webinars

What’s Hot on Infosecurity Magazine?

GitHub Confirms Breach of Internal Repositories Via Malicious VS Code Extension

News20 May 2026

China-Linked Webworm APT Evolves Tactics, Expands to European Targets

News20 May 2026

GitHub Breach Traced to Malicious 'Nx Console' VS Code Extension

News21 May 2026

Android Malware Campaign Used Hundreds of Fake Apps to Silently Charge Users

News20 May 2026

Nine-Year-Old Linux Kernel Flaw Leaks SSH Keys and Password Hashes

News21 May 2026

Grafana Labs Says Code Breach Stemmed from TanStack Attack

News21 May 2026

What Fronter AI Models Like Mythos and GPT-Cyber Mean for Modern Cybersecurity

News Feature15 May 2026

China-Linked Hackers Deploy New TencShell Malware Against Global Manufacturer

News15 May 2026

GitHub Confirms Breach of Internal Repositories Via Malicious VS Code Extension

News20 May 2026

NCSC Publishes Guidance on Securing Agentic AI Use

News18 May 2026

China-Linked Webworm APT Evolves Tactics, Expands to European Targets

News20 May 2026

AI Raises the Bar on Vulnerability Awareness and Secure-by-Design Software

News19 May 2026

Cyber Resilience Under Pressure: Can Your Organisation Prove Control When it Matters Most?

Webinar11:00 — 12:00, 21 May 2026

Financial Services Under Pressure: Supply Chain Risk, Regulation and Operational Resilience

Webinar15:00 — 16:00, 30 April 2026

Behind the Curtain of Microsoft 365 Cybersecurity: Lessons from Overlooked Resilience Gaps

Webinar15:00 — 16:00, 23 April 2026

How to Harness Advanced Intelligence Capabilities to Strengthen Cyber Defence

Webinar15:00 — 16:00, 12 March 2026

Why Resilience‑Focused Cloud Design Is Your Best Defense Against Modern Attacks

Webinar18:00 — 19:00, 9 April 2026

Securing M365 Data and Identity Systems Against Modern Adversaries

Webinar15:00 — 16:00, 22 January 2026

Anthropic Rolls Out Claude Security for AI Vulnerability Scanning

News1 May 2026

Inside the Code War: Defending Against Nation-State Cyber Threats

Podcast20 April 2026

Interview: How YKK Is Securing the World’s Largest Zipper Manufacturing Operation

Interview30 April 2026

CISA and Partners Publish Zero Trust Guidance For OT Security

News30 April 2026

Most Cybersecurity Professionals Feel Undervalued and Underpaid

News27 April 2026

Cyber Resilience Under Pressure: Can Your Organisation Prove Control When it Matters Most?

Webinar11:00 — 12:00, 21 May 2026

Podcasts

Surge in Silent Subject Phishing Attacks Targets VIP Users

News22 April 2026

Commercial AI Models Show Rapid Gains in Vulnerability Research

News17 April 2026

Critical Nginx-ui MCP Flaw Actively Exploited in the Wild

News15 April 2026

AI Companies to Play Bigger Role in CVE Program, Says CISA

News15 April 2026

At VulnCon, Lindsey Cerkovnik, head of vulnerability management at CISA, said AI companies should play a bigger role in vulnerability disclosures in the future

Malicious Chrome Extensions Campaign Exposes User Data

News14 April 2026

Mailbox Rule Abuse Emerges as Stealthy Post-Compromise Threat

News13 April 2026

Attackers are abusing Microsoft 365 mailbox rules to hide activity, exfiltrate data and retain access after account compromise, researchers warn

Bitcoin Depot Reports $3.6m Crypto Theft After System Breach

News9 April 2026

Critical Vulnerability in Ninja Forms Exposes WordPress Sites

News8 April 2026

GrafanaGhost Exploit Bypasses AI Guardrails for Silent Data Exfiltration

News7 April 2026

GrafanaGhost chains AI prompt injection and URL flaws to exfiltrate sensitive Grafana data

Maryland Man Charged Over $53m Uranium Finance Crypto Hack

News31 March 2026

Blogs

Biometric Authentication is Easier to Fake Than You Think

Blog12 May 2026

Open Source is the Tip of the Iceberg: Why Proprietary Software, Hardware and Protocols Face Greater AI-Driven Security Risk

Blog6 May 2026

Infosecurity Magazine

Web Application Security News

Browse other Application Security topics

Don’t Miss Out!

Latest News and Features

Don’t miss out!

White Papers

On-Demand Webinars

What’s Hot on Infosecurity Magazine?

Podcasts

More news and features

Blogs

Next-Gen Infosec