The Open Web Application Security Project (OWASP), an open-source project, has announced a free, 216-page guide for how to review code for application vulnerabilities. The book complements the already released "OWASP Security Developer Guide" and the "Security Testing Guide." The latest publication is "part of OWASP's strategy to make application security visible and enable the market to support the development of secure application software," according to the organization. — DK
Ninety-two more apps, nearly half of which are on Google Play, that have cumulatively amassed more than 30 million installations were discovered to be compromised with the SpinOk malware, which has been distributed through a malicious software development kit supply chain attack, BleepingComputer reports.