HTML5 has opened many new possibilities for developers. Now you can use web technologies to build full mobile applications, not just web pages. When you are building those application you need to know The Security Risks of HTML5 Development, because HTML5 includes a number of useful features that pose as double-edged swords from a security perspective.
Also Top 10 Security Threats for HTML5 [Black Hat] article tells that HTML5 is vulnerable to stealth attacks and silent exploits according to a security researcher said at the Black Hat security conference. HTML5 faces a number of threats and attacks against the new standard is already on the rise. Attacks against HTML5 are stealthy, and silent and generally target the application’s presentation and the business logic layers.
[W3Conf] Brad Hill: “HTML5 Security Realities” article tells that Script injectiong (or XSS, or “Cross Site Scripting”) is the most common application vulnerability (~ 95% of all web apps). “If someone else’s code gets to run in you’re web app, it’s not your web app anymore.” Check also HTML5 Top 10 Threats Stealth Attacks and Silent Exploits.
HTML5 Security Cheat Sheet page serves as a guide for implementing HTML 5 in a secure fashion. HTML5 Security Cheatsheet project gives also useful security tips. Check also HTML5 Security Realities slide set.