A serious security flaw in a commonly used npm security module, private-ip, may affect hundreds of thousands of private and public applications.
OWASP Top 10
Last of OWASP’s Top 10 Still a Potent Threat
In-brief: Open redirects and forwards may be at the bottom of OWASP’s Top 10 list of web application security vulnerabilities, but they are still a potent and widespread problem, says Akamai’s Or Katz, who offers some suggestions for fixing it.
Survey Finds Government Application Security Wanting
In-brief: A survey of web and mobile applications by the firm Veracode finds that governments are the most likely to use insecure software, as measured against the OWASP (Open of Web Application Security Project) Top 10.