DEV Community

# appsec

Application security topics beyond the web, including mobile and desktop applications.

Posts

đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.
The State of Secrets Sprawl 2026: AI-Service Leaks Surge 81% and 29M Secrets Hit Public GitHub
dwayne_mcdaniel profile

The State of Secrets Sprawl 2026: AI-Service Leaks Surge 81% and 29M Secrets Hit Public GitHub

#security #devsecops #ai #appsec
Comments
6 min read
Claude Fable 5 Was Jailbroken in 48 Hours. Here's What Actually Stopped Nothing.
coridev profile

Claude Fable 5 Was Jailbroken in 48 Hours. Here's What Actually Stopped Nothing.

#security #llm #appsec #cybersecurity
1
Comments
5 min read
AI Email Agents Are Phishable: How OpenClaw Spilled User Data to Social Engineering Attacks
coridev profile

AI Email Agents Are Phishable: How OpenClaw Spilled User Data to Social Engineering Attacks

#security #ai #llm #appsec
2
Comments
4 min read
The Invisible Breach: Why Modern Web Frameworks Aren't Immune to LFI
arashad_dodhiya_0e4bdba5a profile

The Invisible Breach: Why Modern Web Frameworks Aren't Immune to LFI

#security #webdev #appsec #cybersecurity
Comments
8 min read
OpenAI Built a Lockdown Mode Because Tool-Based Data Exfiltration Is Real — Here's What Catches It Earlier
coridev profile
Cor E

OpenAI Built a Lockdown Mode Because Tool-Based Data Exfiltration Is Real — Here's What Catches It Earlier

#security #llm #appsec #cybersecurity
1
Comments
5 min read
Python’s Private Variables Aren't Private: An AppSec Reality Check
micheaol profile

Python’s Private Variables Aren't Private: An AppSec Reality Check

#python #appsec
Comments
2 min read
Notification Hijacking: How WhatsApp and Slack Content Could Weaponize Google Gemini
coridev profile
Cor E

Notification Hijacking: How WhatsApp and Slack Content Could Weaponize Google Gemini

#security #ai #llm #appsec
1
Comments
5 min read
Hidden in Plain Sight: How Notification Prompt Injection Can Hijack Your AI Assistant
coridev profile
Cor E

Hidden in Plain Sight: How Notification Prompt Injection Can Hijack Your AI Assistant

#security #ai #appsec #cybersecurity
1
Comments
4 min read
How Meta's AI Support Bot Got Tricked Into Hijacking Instagram Accounts
coridev profile
Cor E

How Meta's AI Support Bot Got Tricked Into Hijacking Instagram Accounts

#security #ai #llm #appsec
1
Comments
5 min read
When Your Background AI Agent Becomes a C2 Server
coridev profile
Cor E

When Your Background AI Agent Becomes a C2 Server

#security #llm #appsec #cybersecurity
2
Comments
4 min read
Dangerous MCP OAuth Shortcuts are Ruining Security
obot_ai profile

Dangerous MCP OAuth Shortcuts are Ruining Security

#mcp #appsec #oauth #security
1
Comments
1 min read
GitHub RCE (CVE-2026-3854) - Deep Dive & Lessons Learned
mohamed_aboelkheir profile

GitHub RCE (CVE-2026-3854) - Deep Dive & Lessons Learned

#appsec #security #cybersecurity #design
Comments
8 min read
The Business Context Problem: Why Vulnerability Severity Scores Lie
jon_rose profile

The Business Context Problem: Why Vulnerability Severity Scores Lie

#security #cloud #devops #appsec
Comments
4 min read
RAMPART Tests Your AI Agents in Dev. What Catches Malicious Tool Calls in Production?
coridev profile

RAMPART Tests Your AI Agents in Dev. What Catches Malicious Tool Calls in Production?

#security #ai #llm #appsec
2
Comments
5 min read
The Ghost Platforms That Broke Our Payment Rails and How We Unchained Ourselves
interface-profit profile

The Ghost Platforms That Broke Our Payment Rails and How We Unchained Ourselves

#webdev #programming #security #appsec
Comments
3 min read
đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.