5 Ways the World’s Largest Secure OSS Catalog is Changing DevSecOps Forever Open source powers 96% of modern applications, but for most DevSecOps teams, that power comes with a heavy price: vulnerability fatigue…

The secret to elite DevSecOps? Stop chasing vulnerabilities and start preventing them. 🎯
Learn how a secure OSS catalog transforms your workflow from reactive to revolutionary. 5 shifts you cannot afford to miss. 🚀
Dive in: buff.ly/rTt8FLD
#AppSec #OpenSource

👀 Have you seen the OWASP Hub on @InfoSecMap?
Find chapters, events, meetups, and trainings worldwide in one place. Use smart filters, real-time updates, and interactive maps to connect with the global AppSec community. 🌍
👉 infosecmap.com/owasp/
#OWASP #AppSec #CyberSecurity

The rise of malicious repositories on GitHub #appsec

Hijacked at the Source: A Trusted Marketing AppsFlyer’s SDK distributes a Crypto Stealer #appsec

260315 rootshell.online Created on Sun Mar 15 23:00:00 CST 2026 - A news, tutorials and conferences about security published on YouTube - Find the RSS Feed with latest playlists at ...

Fresh cyber content every day. Watch the newest playlist and learn how hackers think—and how to defend. 🚀 www.youtube.com/playlist
#Hacking #CyberDefense #AppSec #Ransomware #DarkWeb

Become a vendor at the premier application security conference in New England. Since its inception in 2012, OWASP BASC has consistently attracted at least 150 attendees.

For more information, please visit our sponsorship kit at www.basconf.org.

#appsec #owasp #basc2026 #basc #applicationsecurity

How to Safely Store and Open User Files Locally in Android Have you ever had to take on a task that caused the previous developer to burn out and leave the company? Well, I happened to run into exa...

#android-security #appsec

Origin | Interest | Match

USENIX Security ’25 (Enigma Track) – Usernames, Passwords And Security Presenter: Rik Farrow Our thanks to USENIX Security '25 (Enigma Track) (USENIX '25 for publishing their Creators, ...

#Network #Security #Security #Bloggers #Network #appsec […]

[Original post on securityboulevard.com]

The Zero-Code Security Team: Shifting Left with Prompt-Native AI Agents How a prompt-native multi-agent orchestrator shifts security feedback from post-push to pre-commit and why the architecture has almost no…

Finding vulnerabilities in CI is too late. You're already context-switching. 🛑

I wrote about a zero-code (just Markdown!) multi-agent architecture that moves security review to pre-commit.

#DevSecOps #AIagents #AppSec

Adversarial AI "validators" kill hallucinations before devs ever see them. 👇

The top of the image features the text "SCRATCH NEWS AUSTRALIA”, the title "SPY VS SECURITY”. A black and white cartoon drawing shows two people facing each other engaged in a clandestine conflict. Both people are wearing wide-brimmed fedora hats and long, high-collared trench coats. At the bottom of the image is “SECURITY TOOLS & NEWS" and yellow-highlighted text "scratchnews.io” The image promotes Scratch News Australia, scratchnews.io

Catch up with the latest #security topics, #test your #cybersecurity & #infosec readiness

News
👉 scratchnews.io/tag/Security...

Events
👉 scratchnews.io/category/587

Tools
👉 scratchnews.io/tag/Security...

#Australia #NZ
#hacking #redteam #blueteam #appsec #cloud #ai #devops

260314 rootshell.online Created on Sat Mar 14 23:00:01 CST 2026 - A news, tutorials and conferences about security published on YouTube - Find the RSS Feed with latest playlists at ...

Keep your skills sharp with the latest cyber playlist—stream now and stay informed. ⚔️ www.youtube.com/playlist
#CyberSecurity #AppSec #ThreatIntelligence #Ransomware #OnlineSafety

Learn again more on AI Security at OWASP BASC

Dan D'Avella will talk about Autonomous Remediation using AI Security Agents.

Check out more at www.basconf.org

#owasp #basc2026 #basconf #appsec

🔬 In JavaScript, the instruction "Function(inputString)()" cause the content of "inputString" to be executed. "Function()" is a constructor that creates a new function from a string of code, similar to "eval()", but slightly more contained.

#appsec #appsecurity

Example of execution.

🧑‍🎓 Learning of the day for me thanks to @pentesterlab.com (for the presentation of the behavior and the code review lab) and Claude (for the detailed explanation):

#appsec #appsecurity

Secure your entry to the most exciting application security conference in New England! 1 amazing keynote by Bonnie Butlin, 18 talks and 4 workshops! A lot of prizes available at the conference.

Buy your ticket before its too late! Grab it at www.basconf.org
#appsec #owasp #basconf #basc2026

USENIX Security ’25 (Enigma Track) – Zombie Devices Are Running Amuck! Presenter: Stacey Higginbotham, Consumer Reports Our thanks to USENIX Security '25 (Enigma Track) (USENIX '25 for ...

#Network #Security #Security #Bloggers #Network #appsec […]

[Original post on securityboulevard.com]

Salt Security The leading API security company, providing the context needed to discover APIs, stop attacks, and remediate vulnerabilities to accelerate business innovation.

The latest update for #SaltSecurity includes "An #AI Agent Didn't Hack McKinsey. Its Exposed #APIs Did." and "The Economic Argument: The Real Cost of Insecure APIs in the AI Era".

#cybersecurity #APISecurity #AppSec https://opsmtrs.com/40EBWWv

Glassworm Is Back: A New Wave of Invisible Unicode Attacks Hits Hundreds of Repositories #appsec

CrackArmor: Critical AppArmor Flaws Enable Local Privilege Escalation to Root #appsec

Zenity Design and implement governance policies, identify security risks, detect emerging threats and drive automatic mitigation and response.

The latest update for #Zenity includes "Why Soft Guardrails Get Us Hacked: The Case for Hard Boundaries in #AgenticAI" and "AI Agent Governance: The #CISO Checklist for the New AI Agent Reality".

#cybersecurity #lowcodesecurity #appsec https://opsmtrs.com/3GN6TxH

Google Paid $17.1M For Bugs In 2025
Read More: buff.ly/sGUNuDf

#BugBounty #GoogleVRP #VulnerabilityResearch #SecurityResearchers #ResponsibleDisclosure #CyberInnovation #AppSec #Infosec

Learn all about AI Security at OWASP BASC

Jonathan Dutson will talk about how Agentic Workflows can be compromised

Check out more at www.basconf.org

#owasp #appsec #basconf #basc2026

Static Application Security Testing (SAST): Simplicity Matters Simple, Local, FOSS: Reclaiming Python Security from the SaaS Giants

Static Application Security Testing (SAST): Simplicity Matters

So
Simple, Local, FOSS: Reclaiming Python Security from the SaaS Giants
open.substack.com/pub/nocomple...

#python #appsec

Codex Security by OpenAI: The AI Agent That Finds Bugs Before Hackers Do Codex Security is OpenAI's new AI-powered security agent that scans your codebase, validates real vulnerabilities and many more.

Legacy scanners: noisy.
Codex Security: an AI agent that models your app, confirms real vulns & suggests targeted fixes.
I dug the beta numbers, CVEs found in major OSS & what this means for app security teams.

Full review: techglimmer.io/codex-securi...
#CodexSecurity #OpenAI #AppSec #AIsecurity

Big thank you to our Platinum sponsor Prime Security!

At Prime Security, we empower Security Teams to integrate risk-aware decisions into the very fabric of product development.
Want to sponsor OWASP BASC 2026? Check out our website www.basconf.org

#owasp #basc #basc2026 #appsec

Aikido Aikido Security is an automated application security platform designed specifically for software engineering teams.

The latest update for #AikidoSecurity includes "How #SecurityTeams Fight Back Against AI-Powered Hackers" and "How does AI #Pentesting Work with #Compliance?".

#Cybersecurity #AppSec #DevSecOps https://opsmtrs.com/48vGyRP

JFrog JFrog products seamlessly integrate with practically any development environment on Earth, from legacy code to the most recent containers and micro-services.

The latest update for #JFrog includes "The Dependency Dilemma: Balancing Innovation Speed with Supply Chain Resilience" and "Webinar Recap: The Context Engine – Why Consolidation is the Natural Future of #AppSec".

#cybersecurity #devops #CICD #Artifactory https://opsmtrs.com/3tbAFrI

Zenity Design and implement governance policies, identify security risks, detect emerging threats and drive automatic mitigation and response.

The latest update for #Zenity includes "AI Agent Governance: The #CISO Checklist for the New #AI Agent Reality" and "PerplexedBrowser: Accepting a Meeting or Handing Your Local Files to an Attacker?".

#cybersecurity #lowcodesecurity #appsec https://opsmtrs.com/3GN6TxH

The latest update for #Veracode includes "#AI, #ApplicationSecurity, and the Illusion of Control" and "The 36% Surge in High-Risk Vulnerabilities: What It Means for Your Business".

#potatosecurity #softwaresecurity #AppSec #DevSecOps https://opsmtrs.com/3eO6tf7

Veracode Veracode’s powerful cloud-based platform, deep security expertise, and systematic, policy-based approach provide enterprises with a simpler and more scalable way to reduce application-layer risk across their global software infrastructures.

The latest update for #Veracode includes "#AI, #ApplicationSecurity, and the Illusion of Control" and "The 36% Surge in High-Risk Vulnerabilities: What It Means for Your Business".

#cybersecurity #softwaresecurity #AppSec #DevSecOps https://opsmtrs.com/3eO6tf7