ZDNet

OWASP updates top 10 vulnerability ranking for first time since 2017

Nonprofit foundation Open Web Application Security Project (OWASP) has released an updated draft of its ranking of the top 10 vulnerabilities, the first changes to the list since November 2017. The ...
Infosecurity-magazine.com

OWASP Shines Light on Three New Risk Categories

As part of a sweeping revamp of its top 10 list, OWASP has created three new categories, which security teams need to consider when looking to protect against today’s most critical and severe ...
Dark Reading

SSRF 101: How Server-Side Request Forgery Sneaks Past Your Web Apps

When it's time to talk attacks, it's hard to get more evil than a technique that uses victims' own systems against them. Server-side request forgery (SSRF) is one of those evil attacks, and it's one ...
CSOonline

Azure API Management flaws highlight server-side request forgery risks in API development

Microsoft recently patched three vulnerabilities in its Azure API Management service, two of which enabled server-side request forgery (SSRF) attacks that could have allowed hackers to access internal ...