Web Application Security News

Scroll down for all the latest web application security news and information.

Browse other Application Security topics

Don’t Miss Out!

Subscribe to our weekly newsletter for the latest in industry news, expert insights, dedicated information security content and online events.

Ilya Lichtenstein Released Early After Bitfinex Hack Conviction

News5 January 2026

Ilya Lichtenstein, convicted for the 2016 Bitfinex hack, has been released early from prison to home confinement

VVS Stealer Uses Advanced Obfuscation to Target Discord Users

News5 January 2026

A new Python-based malware called VVS stealer has been identified, targeting Discord users with stealthy techniques to steal data

Experts Trace $35m in Stolen Crypto to LastPass Breach

News5 January 2026

Motors WordPress Vulnerability Exposes Sites to Takeover

News17 December 2025

New “Lies-in-the-Loop” Attack Undermines AI Safety Dialogs

News17 December 2025

Urban VPN Proxy Accused of Harvesting AI Chat Conversations

News16 December 2025

Malware Discovered in 19 Visual Studio Code Extensions

News11 December 2025

Pro-Russia Hackers Target US Critical Infrastructure in New Wave

News10 December 2025

Log4Shell Downloaded 40 Million Times in 2025

News10 December 2025

Microsoft Fixes Three Zero-Days in Final Patch Tuesday of 2025

News10 December 2025

December’s Patch Tuesday sees the release of patches for over 50 CVEs including three zero-days

Don’t miss out!

Subscribe to our weekly newsletter for the latest in industry news, expert insights, dedicated information security content and online events.

Webinars Coming Up

Securing M365 Data and Identity Systems Against Modern Adversaries

15:00 — 16:00, 22 January 2026

How To Enhance Security Operations with AI-Powered Defenses

15:00 — 16:00, 26 January 2026

White Papers

Gcore Radar: DDoS Attack Trends Q3 to Q4, 2023

White Paper20 March 2024

5 Ways to Strengthen Your Active Directory Password Policy

White Paper30 October 2023

Pipedream Chernovite's emerging malware targeting Industrial Control Systems

White Paper19 August 2022

On-Demand Webinars

What’s Hot on Infosecurity Magazine?

UK Launches New Cyber Unit to Bolster Defences Against Cyber Threats

News6 January 2026

European Space Agency Confirms Server Breach

News5 January 2026

Hospitality Sector Hit By PHALT#BLYX ClickFix Malware Campaign

News6 January 2026

High-Severity Flaw in Open WebUI Affects AI Connections

News6 January 2026

Jaguar Land Rover's Q3 Sales Crash Amid Cyber-Attack Fallout

News6 January 2026

Conduent Data Breach Impacts Over 10.5 Million Individuals

News31 October 2025

Cyber-Attack Disrupts OnSolve CodeRED Emergency Notification System

News26 November 2025

Resilience At Risk: Talent and Governance in the Age of AI

Blog18 November 2025

Infosecurity's Top 10 Cybersecurity Stories of 2025

News1 January 2026

Soft Market, Hard Choices: The State of Cyber Insurance

News Feature31 December 2025

Top 10 Cyber-Attacks of 2025

News Feature16 December 2025

Gartner Calls For Pause on AI Browser Use

News9 December 2025

Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

Webinar15:00 — 16:00, 11 December 2025

Exposing AI’s Blind Spots: Security vs Safety in the Age of Gen AI

Webinar12:30 — 13:30, 13 November 2025

Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

Webinar15:00 — 16:00, 23 October 2025

Mastering Identity and Access for Non-Human Cloud Entities

Webinar14:00 — 16:00, 18 September 2025

Safeguarding Critical Supply Chain Data Through Effective Risk Assessment

Webinar15:00 — 16:00, 10 April 2025

Cyber Defense in the Age of AI: Stay Ahead of Threats Without Compromising Safety

Webinar15:00 — 16:00, 24 July 2025

Regulating AI: Where Should the Line Be Drawn?

Opinion12 November 2025

What Is Vibe Coding? Collins’ Word of the Year Spotlights AI’s Role and Risks in Software

News Feature11 November 2025

Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

Webinar15:00 — 16:00, 23 October 2025

Bridging the Divide: Actionable Strategies to Secure Your SaaS Environments

Blog7 November 2025

NCSC Set to Retire Web Check and Mail Check Tools

News10 November 2025

Beyond Bug Bounties: How Private Researchers Are Taking Down Ransomware Operations

Podcast4 November 2025

Podcasts

React.js Hit by Maximum-Severity 'React2Shell' Vulnerability

News5 December 2025

New GhostFrame Phishing Framework Hits Over One Million Attacks

News4 December 2025

Yearn Finance yETH Pool Hit by $9M Exploit

News3 December 2025

ShadyPanda's Seven-Year Campaign Infects 4.3M Chrome and Edge Users

News2 December 2025

Scattered Lapsus$ Hunters Take Aim At Zendesk Users

News27 November 2025

New phishing domains point to a campaign from the notorious Scattered Lapsus$ Hunters collective

Cyber-Attack Disrupts OnSolve CodeRED Emergency Notification System

News26 November 2025

A cyber-attack claimed to be the resposibility of INC Ransom group and targeting the OnSolve CodeRED platform has disrupted emergency notification and exposed user data across the US

Smishing Triad Impersonation Campaigns Expand Globally

News25 November 2025

A cluster of fraudulent domains impersonating Egyptian providers have been identified linked to Smishing Triad operations

Flaws Expose Risks in Fluent Bit Logging Agent

News24 November 2025

CISA Issues New Guidance on Bulletproof Hosting Threat

News20 November 2025

Eternidade Stealer Trojan Fuels Aggressive Brazil Cybercrime

News19 November 2025

Blogs

Rebuilding Digital Trust in the Age of Deepfakes

Blog7 January 2026

Inside the Chip: Rethinking Cybersecurity from the Ground Up

Blog7 January 2026

Next-Gen Infosec

How to Prevent Data Leakages

Next-Gen11 August 2023

Top Cloud Misconceptions that Could Damage Your Organization

Next-Gen4 August 2023

Improve Asset Visibility in OT Security With Hybrid AI-Cloud Approaches

Next-Gen21 July 2023