IEEE

ZAPx: Extending OWASP ZAP for Enhanced Web Vulnerability Detection and AI-Powered Remediation

Abstract: Web applications are increasingly targeted by automated attacks and client-side code vulnerabilities, posing significant risks to data confidentiality and system integrity. Automated threats ...
decrypt

OWASP Releases 2026 Smart Contract Risk List Led by CredShields

Crypto protocols lost hundreds of millions of dollars to smart contract failures in 2025. Now, the OWASP Smart Contract Security Project has released the OWASP Smart Contract Top 10 2026, a forward ...
GitHub

zentinelproxy/zentinel-agent-modsec

ModSecurity WAF agent for Zentinel reverse proxy. Provides full OWASP Core Rule Set (CRS) support via libmodsecurity. Note: This agent uses libmodsecurity bindings ...
The Hacker News

SmartLoader Attack Uses Trojanized Oura MCP Server to Deploy StealC Infostealer

Cybersecurity researchers have disclosed details of a new SmartLoader campaign that involves distributing a trojanized version of a Model Context Protocol (MCP) server associated with Oura Health to ...
Bleeping Computer

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into executing malicious JavaScript in their browser, allowing attackers to ...
GitHub

Fully automated OWASP ZAP security scanner for web applications.

Drop it into any project, and Auto-ZAP detects your framework, starts your database, installs dependencies, launches your app, runs OWASP ZAP, and generates vulnerability reports. No configuration ...
IEEE

Identification of Security Vulnerabilities of XYZ Website using Open Web Application Security Project Zed Attack Proxy and Nikto

Abstract: With the rapid expansion of web applications, ensuring information system security has become a critical priority. Inadequate protective measures expose systems to cyber-attacks that may ...