OWASP LLM Top‑10 gains traction

OWASP published the 2025 edition of the Top 10 for LLM Applications as “Version 2025” on November 18, 2024 (document marked v4.2.0a), and the PDF is licensed under Creative Commons CC BY‑SA 4.0. (owasp.org) The 2025 update explicitly added or elevated categories such as System Prompt Leakage (LLM07), Vector & Embedding Weaknesses (LLM08), and Unbounded Consumption (LLM10), and the release notes record a reordering and consolidation of earlier entries. (invicti.com) OWASP’s GenAI Security Project behind the Top 10 reports growth to a global community with over 600 contributing experts from more than 18 countries and nearly 8,000 active community members, and the project lists multiple sponsors in its revision materials. (owasp.org) Commercial tooling and red‑team frameworks began mapping controls to the Top 10—Promptfoo published red‑team documentation tied to the OWASP LLM Top‑10, and vendors like Invicti describe LLM‑specific checks for items such as system prompt leakage and improper output handling. (promptfoo.dev, invicti.com) OWASP extended its scope with a separate Top‑10 for Agentic Applications released December 10, 2025, a community effort the project said involved input from “over 100 industry leaders,” highlighting a distinct set of risks for autonomous, tool‑using agents. (genai.owasp.org, prnewswire.com) Recent industry coverage and analysis note the 2025 LLM Top‑10 is being used as a practical baseline for tooling, audits, and threat‑model updates even as observers warn that many organizations still need to operationalize the controls against emerging agentic threats. (securityboulevard.com, cyberdefensemagazine.com)