We do our usual end of year look back on the topics, news, and trends that caught our attention. We covered some OWASP projects, the ongoing attention and promises of generative AI, and big events from the XZ Utils backdoor to Microsoft's Recall to Crowdstrike's outage.

Segment resources

• https://prods.ec
• https://owasp.org/www-project-spvs/
• https://genai.owasp.org/resource/owasp-top-10-for-llm-applications-2025/
• https://securitychampions.owasp.org/
• https://deadliestwebattacks.com/appsec/2024/11/14/ai-and-llms-asw-topic-recap
• https://www.scworld.com/podcast-episode/3017-infosec-myths-mistakes-and-misconceptions-adrian-sanabria-asw-279

Curl and Python (and others) deal with bad vuln reports generated by LLMs, supply chain attack on Solana, comparing 5 genAI mistakes to OWASP's Top Ten for LLM Applications, a Rust survey, and more!

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw-310