web application security
eBay patches two critical security flaws on US website
Two critical vulnerabilities in eBay’s US website (ebay.com) have been closed by the company, preventing attackers from accessing and modifying one of its databases as …
Enterprises lack programs to secure third-party software
Veracode data indicates that despite increasing security risks from third-party and externally developed software, few enterprises currently have formal testing programs in …
Coverity Security Library released on GitHub
Coverity announced the creation of the Coverity Security Library, an open source project available through GitHub and Maven to help developers easily fix cross-site scripting …
Analysis of 15 million cyber attacks
A new web application attack report by FireHost offers an impression of the current internet security climate and provides statistical analysis of 15 million cyber attacks …
Incapsula: Enterprise-grade website security
Over the last few years, small to medium businesses has seen a huge increase in website attacks. Website owners are seeking for affordable and effective tools to protect their …
Majority of companies suffered a web application security breach
Web application security incidents have become increasingly common and expensive, with the majority of companies experiencing at least one breach in the last 18 months and …
Open source Web server scanner Nikto 2.1.5 released
Nikto is an open source web server scanner which performs comprehensive tests against web servers for multiple items, including over 6500 potentially dangerous files/CGIs, …
Etsy starts its own bug bounty program
Etsy, the popular online marketplace for handcrafted and vintage goods, has announced its own bug bounty program, which will reward researchers with money and goods for …
WordPress 3.4.2 hardens security
WordPress 3.4.2, now available for download, is a maintenance and security release for all previous versions. After nearly 15 million downloads since 3.4 was released not …
Dynamic hacking risks target web application security
Web applications remain the third most common attack vector overall, with hacking still on the increase, from organized criminal groups, amateurs and political activists. …
Dropbox introduces 2-factor authentication
Early this month, popular file hosting service Dropbox confirmed an internal breach the resulted in its European users receiving spam advertising gambling websites, and …
The Tangled Web: A Guide to Securing Modern Web Applications
We all use the Internet to some extent and browsers to surf through it. With security vulnerabilities affecting them and the technologies that allow them to function popping …
Featured news
Resources
Don't miss
- January 2026 Patch Tuesday forecast: And so it continues
- How AI agents are turning security inside-out
- Security teams are paying more attention to the energy cost of detection
- Recently fixed HPE OneView flaw is being exploited (CVE-2025-37164)
- PoC released for unauthenticated RCE in Trend Micro Apex Central (CVE-2025-69258)