AI's changing how we build apps, but are they safe? 😬 Developers, are you skipping security steps? This short dives into why expert oversight is key to avoiding vulnerabilities like hard-coded passwords. New video – check it out! #AIsecurity #SoftwareSecurity #DevSec

https://www.youtube.com/watch?v=DcwHnRlZvTQ

Silzee (@SilzeeJailbreak)

ClawSec 공개 소식: OpenClaw 봇을 위한 종합 보안 스킬 슈트인 ClawSec 출시 및 관련 웹페이지(prompt.security)와 GitHub 저장소 링크가 게시됨. OpenClaw 봇 보안 향상·취약점 대응을 목표로 한 오픈소스/툴킷 성격의 발표이며 트윗에 @ItakGol 언급 포함.

https://x.com/SilzeeJailbreak/status/2021045788626104752

#security #bots #opensource #devsec

NEW: Developers, crypto users, and job seekers beware - North Korea’s Lazarus Group is deploying a new #BeaverTail variant to steal credentials and crypto via fake job offers, dev tools and smart contracts.

Read: https://hackread.com/lazarus-embed-beavertail-variant-developer-tools/

#CyberSecurity #Lazarus #NorthKorea #DevSec #InfoStealer

Aufgrund einer fehlenden Prüfung auf den Dateityp war es in Form Block möglich, jede Art von Datei hochzuladen, indem man dem Server eine falsche Information über den Dateityp mitgab. Dieses Problem ist mit Form Block 1.5.6 behoben, ein Update wird empfohlen.

[…]

https://epiph.yt/blog/2025/beliebiger-datei-upload-in-form-block-1-5-6-behoben/

#DevSec #FormBlock #Plugin #Sicherheit #Update #WordPress

Due to a missing file type check, it was possible to upload files of any type in Form Block, just by telling the server that it is a different type. This has been fixed in Form Block 1.5.6, updating is highly recommended.

[…]

https://epiph.yt/en/blog/2025/fixing-arbitrary-file-upload-in-form-block-1-5-6/

#DevSec #FormBlock #Plugin #Security #Update #WordPress

🛡️ ¿Tu app está en internet? Ya puede estar en Shodan.

Antes de escanear, un atacante recolecta. Aprende cómo funciona el OSINT y qué info estás regalando sin saberlo.

Checklist + herramientas básicas para devs → https://greyhat.cl/posts/osint-para-desarrolladores-como-piensan-los-atacantes-antes-de-escanear-tu-app

#OSINT #Ciberseguridad #DevSec #DesarrolloSeguro #Greyhat

🚨 Mark your calendars! 🚨

Join us for the OWASP Global AppSec US Conference in Washington, D.C., November 3–7, 2025 at the Marriott Marquis!

We're thrilled to announce our keynote speaker: Adam Shostack

Ready to level up your skills, grow your network, and ignite your passion for security?

🎟️ Register now and be part of the future of cybersecurity! https://owasp.glueup.com/event/131624/register/

#OWASP #AppSec #Cybersecurity #ThreatModeling #GlobalAppSecUS #SecureCoding #DevSecOps #DevSec #WashingtonDC #Hacking