The release of the OWASP Top 10 for LLM Applications 2025 provides a comprehensive overview of the evolving security challenges in the world of Large Language Models (LLMs). With advancements in AI, the adoption of LLMs like GPT-4, LaMDA, and PaLM has grown, but so have the risks. The new 2025 list builds upon the foundational threats outlined in previous years, reflecting the changing landscape of LLM security.

Regex patterns are inherently rigid and prone to generating false positives, especially in large, diverse datasets. For example: These false positives require manual verification, leading to an overwhelming workload for security teams.

Trustwave SpiderLabs has multiple methods and tools available to keep its teams apprised of the tactics, techniques, and procedures (TTPs) threat groups utilize during an attack, but perhaps the most useful is our cloud-native Fusion dashboard.

You might have visited a website and seen a warning that says: “Your connection is not private.” This often happens when a website’s security certificate has expired. It is a small oversight that can harm a website’s reputation and make visitors think twice before proceeding. For website owners, managing digital certificates manually can be a real challenge. To simplify this process, the ACME Protocol was developed.

Your workforce is remote or hybrid, logging in from their homes, coffee shops, or random public networks, using cloud-based applications. Your data is increasingly being stored in the cloud, accessed from anywhere, traveling to who-knows-where. And your security is lagging behind. More than 90% of organizations have moved assets to the cloud, yet legacy security solutions are too complex and ultimately inadequate to secure the digital transformation.

Discover the essentials of IT asset management, including best practices, real-world examples measuring the benefits, and the future role of automation.

Behavioural analytics in cyber security has emerged as a powerful tool for identifying and mitigating human risks. By focusing on how humans interact with systems, user behavioural analytics offer a proactive approach to threat detection, ensuring a more secure digital environment for businesses.

In our previous round-up of security research for 2023, we mentioned our surprise at the large volume of 29,000 vulnerabilities that were reported two years ago. But that didn’t prepare us for the astounding 40% increase, reported by Cyber Press, resulting in over 40,000 CVEs that were published over the past year in 2024.