February 2026 delivered two milestones that signal a real shift in application security: Anthropic shipped Claude Code Security after finding 500+ zero-day vulnerabilities in production open-source …
AI coding assistants have transformed development workflows, but their skill systems introduce serious security risks. Researchers have demonstrated skill worms that propagate via SSH, exfiltrate …
Every OWASP LLM Top 10 vulnerability explained with real-world attack scenarios, enterprise mitigations, and links to the new Agentic AI Top 10. From BSG's AI security testing team.
The OWASP Top 10 2025 brings significant changes to web application security priorities. Two new categories, major ranking shifts, and 589 CWEs analysed—here’s what security teams need to know.
Your CI/CD pipeline is a prime attack target. Discover the top 5 DevSecOps vulnerabilities and practical steps to secure your delivery process.
Security flaws cost billions yearly. Learn why secure coding training is essential for developers and how to prevent costly mistakes in 2026.
Some software vulnerabilities are unforgivable—easy to find, easy to fix, and never should’ve existed. Here’s how to spot and prevent them.
Passkeys replace passwords with secure, easy logins using biometrics and cryptography, eliminating phishing, breaches, and 2FA issues.
Assess and improve your software security maturity with SAMMY. Free OWASP SAMM implementation tool for DevSecOps teams. Start your assessment now.
Software supply chain security is in the news again, along with the Trojan Source attack on modern software compilers. Why is it so important?