Skip to content
Back to Security Journey Blog

New Content for Your Most Pressing & Emerging Vulnerabilities: AI/LLM & CWE Top 25

AI
AI/LLM cwe

Feb. 18, 2025

Published on

At Security Journey, we continuously evolve our training content to help organizations stay ahead of the most pressing security vulnerabilities. This week, we’re excited to announce the release of over 30 new lessons focusing on AI/LLM security and the CWE Top 25—ensuring your security and development teams have the latest insights to combat emerging threats.

Staying Ahead with the 2025 OWASP Top 10 for LLM Applications

In 2023, The Open Worldwide Application Security Project (OWASP) introduced its inaugural Top 10 list for LLM applications, focusing on the most critical vulnerabilities at the time. As AI has continued to advance, a new list for 2025 has been created to react to new and emerging threats:

  1. Prompt Injection – Still the top concern, as LLMs remain vulnerable to input-based manipulations.
  2. Sensitive Information Disclosure – Increased focus due to rising incidents of unintended data exposure.
  3. Supply Chain Vulnerabilities – Addressing third-party risks from dependencies and integrations.
  4. Data and Model Poisoning – A combined category highlighting the dangers of compromised training data and model manipulation.
  5. Improper Output Handling – Emphasizing the importance of validating and sanitizing LLM outputs.
  6. Excessive Agency – Continuing concerns around granting LLMs too much autonomy.
  7. System Prompt Leakage – A newly identified issue where internal prompts are exposed, revealing sensitive configurations.
  8. Vector and Embedding Weaknesses – Highlighting adversarial manipulation of AI-generated embeddings.
  9. Misinformation – Addressing the risk of AI spreading false information.
  10. Unbounded Consumption – Managing excessive resource use that can lead to denial-of-service risks.

What’s New in Our AI/LLM Security Training?

We’ve expanded our AI/LLM training paths with new video lessons and break/fix exercises that focus on securing LLM applications across various development stages:

New Video Lessons:
  • Introduction to AI/LLM Security: Covers key vulnerabilities and mitigation strategies.
  • Data Engineering: Focuses on securing data integrity and preventing training data poisoning.
  • Model Engineering: Highlights critical security measures in tokenization, embeddings, and context handling.
  • Plugin/App Engineering: Emphasizes the importance of securing plugins, agents, and third-party applications.
  • AI Security Toolchain: Introduces frameworks like MITRE ATLAS, Caldera with Arsenal, and Garak to identify and mitigate AI vulnerabilities.
New Break/Fix Lessons:
  • Vector and Embedding Weaknesses: Demonstrates how AI systems can be manipulated via adversarial embeddings.
  • Excessive Agency II: Provides a deeper dive into ensuring AI agents have appropriate permissions and controls.
  • System Prompt Leakage: Guides learners through securing Retrieval-Augmented Generation (RAG) applications against prompt injection attacks.

CWE Top 25: Tackling the Most Critical Software Weaknesses

The CWE Top 25 identifies the most frequently exploited software vulnerabilities, helping organizations prioritize security efforts. MITRE compiles this list using real-world data, including reports from the National Vulnerability Database (NVD) and Common Vulnerabilities and Exposures (CVE).

Read More: Cracking the Code: Unveiling the Importance of CWEs in Cybersecurity

To help teams stay ahead, Security Journey now offers 25 new short, video-based lessons, covering key security issues:

  • CWE-79: Cross-Site Scripting (XSS)
  • CWE-787: Out-of-Bounds Write
  • CWE-89: SQL Injection
  • CWE-352: Cross-Site Request Forgery (CSRF)
  • CWE-22: Path Traversal
  • CWE-78: OS Command Injection
  • CWE-862: Missing Authorization
  • CWE-502: Deserialization of Untrusted Data
  • CWE-918: Server-Side Request Forgery (SSRF)
  • CWE-306: Missing Authentication for Critical Function
  • CWE-94: Improper Control of Generation of Code ('Code Injection')
  • CWE-20: Improper Input Validation
  • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')
  • CWE-287: Improper Authentication
  • CWE-269: Improper Privilege Management
  • CWE-502: Deserialization of Untrusted Data
  • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
  • CWE-863: Incorrect Authorization
  • CWE-918: Server-Side Request Forgery (SSRF)
  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
  • CWE-476: NULL Pointer Dereference
  • CWE-798: Use of Hard-coded Credentials
  • CWE-190: Integer Overflow or Wraparound
  • CWE-400: Uncontrolled Resource Consumption
  • CWE-306: Missing Authentication for Critical Function

Why This Matters for Your Secure Development Program

Security threats evolve rapidly, and compliance requirements are increasingly emphasizing secure development training as a fundamental necessity. Whether you’re focused on LLM security or software vulnerability management, our updated content ensures your organization can identify, prevent, and mitigate these emerging threats effectively.

At Security Journey, we move fast to keep your team ahead of the curve—reacting quickly to security changes in frameworks like OWASP and CWE to deliver the most relevant, hands-on training available.

Ready to Strengthen Your Security Program? Schedule a Demo.

Read more from:

and
SJ_SecCodingReport25_350x900