Identifying security vulnerabilities in an organisation operating with large number of web applications is not a major hurdle because techniques such as Data Flow Analysis and Taint Analysis are proficient enough to identify billions and millions of security vulnerabilities in web application’s source code based on OWASP. Steep growth in Internet interconnections has expressively led growth in cyber-attack incidents many with critical consequences, one of the main concerns challenging cyber security analysts is arranging and sorting the vulnerabilities, as it is not practical to timely address risk extenuation of the web applications. Cyber security teams always prefer to redress the threats preliminary on the basis of the perilous application that is managing the confidential data, a B2B website handling financial transactions would be the best example. According to Canadian statistics of 2019 about 54% of businesses suffered cyber-attacks crumbling their day to day operations, 36% of businesses suffered financial losses. Researching further I will first present overview of the most oppressed vulnerabilities followed by evaluations of extenuation techniques and finally new cyber – attack patterns in emerging technologies like smart phone technology, social media, and cloud computing featuring hypothetical observations on future research directions.