Andrew van der Stock announced the availability of OWASP Top 10 2007 .

This Web Security Trends Report presents new research and statistical breakdowns illustrating the universal nature of malicious code, as well as exposing the presence of malicious code on webpages translated by online translation services.

6 days after Wordpress 2.2 release, Janek Vind has discovered a SQL injection vulnerability in WordPress 2.1.3, which can be exploited to conduct SQL injection attacks.

I reviewed the number of security vulnerabilities published for the major blogging platforms in the past year (May 2006 – May 2007) . The numbers are high, especially for the open source products (Wordpress, Drupal).