Invicti's Web Application Security Blog Updates for 25 Sep 2025

View this email in your browser Weekly Update – 25 Sep 2025 AppSec in the age of AI-powered attacks: Are your apps ready? When I talk to peers across the security community, one theme keeps coming up: artificial intelligence has changed the threat landscape in ways that are both profound and unsettling. Attackers have always been creative, but now they're creative at scale. With the help of AI, they can move faster, automate more effectively, and discover weaknesses that would have taken a human weeks or months to uncover. The post AppSec in the age of AI-powered attacks: Are your apps ready? appeared first on Invicti.   When your AI chatbot does more than chat: The security of tool usage by LLMs It is common for companies to have some kind of large language model (LLM) application exposed in their public-facing systems, often as a chatbot. LLMs usually have access to additional tools and MCP servers to call external systems or perform specialized operations. These tools are an underestimated yet critical part of the attack surface and can be exploited by attackers to compromise the application via the LLM. The post When your AI chatbot does more than chat: The security of tool usage by LLMs appeared first on Invicti.   OWASP Top 10 risks for LLMs (2025 update) The OWASP Top 10 for LLM Applications (2025) highlights the leading technical and socio-technical risks facing enterprises as they scale generative AI. See what's changed since the previous edition and learn how Invicti's proof-based scanning and LLM-specific security checks can help organizations validate real risks and strengthen defenses across AI-driven applications. The post OWASP Top 10 risks for LLMs (2025 update) appeared first on Invicti.   More Recent Articles What we learned about API discovery from comparing runtime and edge views Strengthening enterprise application security: Invicti acquires Kondukto Invicti Acquires Kondukto to Deliver Proof-Based Application Security Posture Management Behind the scenes: How Invicti built the security engine of the future Smarter, not flashier: How AI enhances DAST on the Invicti Platform Copyright © 2025 Invicti, All rights reserved. You are receiving this email because you opted in as a Blog Subscribers.                                                                         Invicti Security Corp 1000 N Lamar Blvd Suite 300, Austin, TX 78703, United States Want to change how you receive these emails? You can update your preferences or unsubscribe from this list