World Socialist Web Site

Deadly landslide in West Java exposes consequences of government neglect

A deadly landslide tore through Pasirlangu village in West Bandung, West Java, on January 24 in the pre-dawn hours. At least 74 people have been confirmed dead. The number of dead will almost ...
IEEE

Interactive Cross-Language Pointer Analysis for Resolving Native Code in Java Programs

Abstract: Java offers the Java Native Interface (JNI), which allows programs running in the Java Virtual Machine to invoke and be manipulated by native applications and libraries written in other ...
CPO Magazine

OWASP Top 10 2025: Access Control Issues, Security Misconfigurations, Supply Chain Issues Top App Risk List

The Open Worldwide Application Security Project (OWASP) has updated its Top 10 list of web application risks for the first time since 2021, and has essentially created a “rebooted” version with a ...
SecurityWeek

Two New Web Application Risk Categories Added to OWASP Top 10

OWASP has added two new categories to the revised version of its Top 10 list of the most critical risks to web applications. The Open Web Application Security Project (OWASP) has released a revised ...
Infosecurity-magazine.com

OWASP Launches Agentic AI Security Guidance

The Open Worldwide Application Security Project (OWASP) has published new practical guidance for securing agentic AI applications powered by large language models (LLMs). The comprehensive guidance, ...
Finextra

Scala Security Vulnerabilities: Every Businessperson Must Know This

Scala applications, while powerful, can expose businesses to major risks if vulnerabilities are ignored. Common issues like insecure serialization, outdated dependencies, and unpatched Akka-based ...
GitHub

Add updates to CSRF Prevention in modern frameworks

AngularJS allows for setting default headers for HTTP operations. Further documentation can be found at AngularJS's documentation for [$httpProvider](https://docs ...
Cloud Security Alliance

The OWASP Top 10 for LLMs: CSA’s Strategic Defense Playbook

Written by Olivia Rempe, Community Engagement Manager, CSA. As large language models (LLMs) reshape how businesses operate and innovate, they also introduce new categories of risk. Recognizing this, ...
IEEE

Mitigating Cross-Site Request Forgery Vulnerabilities: An Examination of Prevention Systems

Abstract: Cross-Site Request Forgery (CSRF) remains a pervasive vulnerability in web applications, appearing regularly in the OWASP Top 10 lists, posing significant threats to user data and system ...
The Hacker News

Case Study: Are CSRF Tokens Sufficient in Preventing CSRF Attacks?

Explore how relying on CSRF tokens as a security measure against CSRF attacks is a recommended best practice, but in some cases, they are simply not enough. As per the Open Web Application Security ...
CSOonline

Understanding OWASP’s Top 10 list of non-human identity critical risks

There are some very good reasons why non-human identities (NHI) have landed among the most-discussed cybersecurity topics in the last few years — it’s estimated that for every 1,000 human users in an ...
Cloud Security Alliance

Agentic AI Threat Modeling Framework: MAESTRO

Written by Ken Huang, CEO & Chief AI Officer, DistributedApps.ai. This blog post presents MAESTRO (Multi-Agent Environment, Security, Threat, Risk, and Outcome), a novel threat modeling framework ...