In late 2025, the OWASP Foundation unveiled its first Top 10 update since 2021, drawing from tests on over 2.8 million applications and more than 175,000 CVEs to pinpoint the gravest web application security threats. This eighth edition, led by authors including Andrew van der Stock and Tanya Janca, shifts emphasis to root causes amid surging cloud-native apps, open source proliferation and AI-assisted coding. While distinct from OWASP’s dedicated lists for LLMs and agentic AI, the core Top 10 exposes how these forces intensify longstanding vulnerabilities.

The OWASP Top 10:2025 introduction notes analysis of 589 CWEs across 248 categories, with prevalence measured by applications hit at least once. Data from providers like Veracode, Sonar and Contrast Security fueled eight data-driven picks, plus two community-voted entries for elusive risks. “Broken Access Control remains the top risk in the OWASP Top 10:2025, affecting virtually every tested application,” states Orca Security’s breakdown.

Aaron Linskens of Sonatype warns in his blog post that AI-driven development amplifies risks from insecure design and open source dependencies: “Sonatype’s approach to software supply chain security is built around a simple principle: you cannot secure what you cannot see.”

Broken Gates: Access Control’s Enduring Reign

A01: Broken Access Control holds the No. 1 spot, striking 3.73% of apps via 40 CWEs, now absorbing Server-Side Request Forgery. OWASP explains: “New attack methods have emerged, making this the category with the highest number of mapped CWEs.” In microservices eras, lax policies enable lateral movement, a peril heightened by AI agents wielding broad privileges.

Orca Security highlights how cloud sprawl exacerbates this, with misapplied roles letting attackers pivot. GitLab’s analysis urges end-to-end scanning: “GitLab Ultimate provides comprehensive security scanning to detect risks across the 2025 OWASP Top 10 categories.”

Industry insiders see AI coding tools bypassing reviews, injecting flawed access logic. As apps integrate LLMs, OWASP’s parallel LLM Top 10 warns of over-privileged agents echoing these flaws.

Misconfigs Surge in Cloud Era

A02: Security Misconfiguration vaults from fifth to second, hitting 3% of apps across 16 CWEs. OWASP attributes this to configuration-heavy behaviors: “Misconfigurations are more prevalent in the data for this cycle.” Exposed buckets and weak IAM top culprits.

With AI auto-generating configs, errors compound. Qualys notes in its LLM review how similar oversights spawn AI denial-of-service via resource mismanagement.

Sonatype ties this to open source: third-party libs demand vigilant pinning and scanning, lest AI-suggested deps introduce gaps.

Supply Chains Under Siege

A03: Software Supply Chain Failures debuts high, evolving from Vulnerable Components with just five CWEs but top exploit scores. OWASP details compromises in deps, builds and distribution: “Limited presence in data… highest average CVE exploit and impact scores.” Community surveys propelled it, reflecting SolarWinds echoes.

Orca Security pegs 50% of respondents ranking it first: “Requires SBOM maintenance, dependency tracking, automated scanning.” AI accelerates ingestion of unvetted packages, per Sonatype.

GitLab stresses CI/CD hardening: “Tie pipeline integrity to supply-chain expectations.” X posts from TryHackMe echo urgency, listing it prominently in scans.

Design Flaws Persist Amid AI Hype

A06: Insecure Design slips to sixth but spotlights early flaws. OWASP observes progress: “Noticeable improvements in the industry related to threat modeling.” Yet AI tools, churning code sans holistic views, embed gaps like poor input validation.

Sonatype insists: “Secure design must be intentional and enforced early.” Ties to LLM risks, where prompt injection mirrors injection flaws (A05).

Cycode’s post links it to AI: “The 2025 framing extends software supply chain security… to architecture-level risks.”

Crypto and Injection Hold Ground

A04: Cryptographic Failures drops to fourth (3.80% prevalence, 32 CWEs), root of data leaks. A05: Injection falls to fifth (38 CWEs), from XSS to SQLi, now nodding to LLM prompts per Orca.

OWASP: “Injection has the most CVEs among its 38 CWEs.” AI gen code risks reintroducing these, demanding SAST evolution.

Barracuda flags LLM parallels: “System prompt leakage as a top risk.”

Emerging Edges: Integrity, Logging, Exceptions

A08 verifies code/data trust below supply chains. A09 stresses alerting: “Great logging without alerting has minimal value.” A10: Mishandling Exceptional Conditions newly flags error leaks (24 CWEs).

GitLab: “Implement secure error handling from design phase.” AI hallucinations mimic exception mishaps.

X chatter from Hack The Box maps LLM risks like prompt injection to core Top 10.

AI Overlaps Reshape Priorities

OWASP’s GenAI project released LLM Top 10 2025 (prompt injection first) and Agentic Top 10 (goal hijack leads), per December announcements. Steve Wilson, LLM lead, told OWASP: “We’ve worked with a larger, more diverse group of contributors worldwide.”

Intertek details AI risks: “Significant revisions… new categories of risk.” Ties to core list via supply chains, designs.

Qualys: “Expanded to address Overreliance… risks tied to resource management.”

DevOps Imperatives for the AI Age

Firms like GitLab deploy AI agents for triage, but OWASP demands governance. Sonatype pushes provenance: “Support AI innovation through visibility, policy.”

Orca: “Leverage OWASP-aligned frameworks… Stay ahead of emerging threats through coverage of… OWASP AI Security Top 10.” X’s JS0N Haddix flags CISOs: “CISOs now face a new class of AI risks.”

Reddit threads buzz: “Big techs are increasing code lines while replacing humans with AI tools. At the same time, more incidents.”

Path Forward: Secure by Design

OWASP Top 10:2025 equips teams against AI-amplified threats. Integrate SBOMs, threat modeling, alerting. As Linskens concludes, govern open source inevitabilities. Palo Alto’s guide mirrors: mitigation across LLM risks. Industry must pair AI speed with security rigor.