Spring Framework vulnerabilities

GRSecurity Author Outlines Lack of Full Vulnerability Disclosure by Linux Kernel Developers

Breaking the Bank (Vulnerabilities in Numeric Processing within Financial Applications)

Fallout From the Fall of CAPTCHAs

OWASP/WASC Party at Blackhat in Las Vegas

Widescale DNS flaw discovered

Most Corporations Lack Proper SDLC

Jason Taylor on Security Testing

Sony PlayStation's site SQL injected, redirecting to rogue security software

Firefox 2.0.0.15 Addresses Multiple Security Issues

Cloudsecurity.org Interviews Guido van Rossum: Google App Engine, Python and Security

Microsoft outlines extensive IE8 security improvements

Today's the day! PCI DSS section 6.6 is required

OFF Topic: A farewell to Bill gates

Tools: Microsoft Announces Three Tools to help prevent SQL Injection

Ruby creators warn of serious flaws

Securityfocus interview with Mozilla security team

My current stance on Web Application Firewalls

JavaScript Code Flow Manipulation, and a real world example advisory - Adobe Flex 3 Dom-Based XSS

Paper: The Extended HTML Form attack revisited

Firefox3 Released

Tools: Peach 2.1 Fuzzing Framework BETA3 Released

Payment Card Industry (PCI) Mandate Stresses Importance of Web Application Security: Recommended Becomes Required

Microsoft Patch Tuesday: Microsoft releases four critical patches

Elevator pitch for explaining security risks to executives