RootShell4h ago
What’s trending in cybersecurity today? Find out with the latest YouTube playlist we’ve curated. 👀 https://www.youtube.com/playlist?list=PLXqx05yil_mfOKpOY8aAD9oc8Mfm1kCkV
#Malware #Phishing #IncidentResponse #CyberAwareness #AppSec
260506 rootshell.online

YouTube
ZAP5h ago
Blog: Automating OWASP PTK with ZAP (Phase 1)
You can now automate OWASP Pentestkit using ZAP
https://www.zaproxy.org/blog/2026-05-06-automating-owasp-ptk-with-zap-phase-1/
#zaproxy #owasp-ptk #appsec
Automating OWASP PTK with ZAP (Phase 1)

ZAP’s Automation Framework can now drive OWASP PTK scans using the Client Spider. This is an early release - we want you to try it and give us feedback while we work toward deeper integration with ZAP’s active and passive scan engines.

ZAP
Doyensec5h ago

If you're attending, check our Adrian Denkiewicz ([email protected])'s talk - When Filenames Become Attack Surfaces: Weaponizing NASA’s CFITSIO Extended Filename Syntax, at BSides Luxembourg 🇱🇺, Thurs at 14:45!

https://pretalx.com/bsidesluxembourg-2026/talk/WDFHHV/

#doyensec #appsec #security #bsides #bsidesluxembourg2026 #bsidesluxembourg

Joey Chen9h ago

.ignoreHttpsCert()

Last update: 2 years ago. And this is intentional, no opt-out.

#Android #MobileSecurity #AppSec

RootShell10h ago
What’s trending in cybersecurity today? Find out with the latest YouTube playlist we’ve curated. 👀 https://www.youtube.com/playlist?list=PLXqx05yil_meZAoqZp5KpXtK-5Ve4stkm
#Malware #Phishing #IncidentResponse #CyberAwareness #AppSec
260506 rootshell.online

YouTube
CVEDatabase.com11h ago
The software supply chain is the new invisible perimeter. With threat actors targeting CI/CD pipelines, understanding CWE-1395 is critical for #DevSecOps professionals. Check out our deep dive into supply chain vulnerabilities and SBOMs. https://cvedatabase.com/blog/the-invisible-perimeter-navigating-the-risks-of-software-supply-chain-vulnerabil-2026-05-04 #AppSec #CyberSecurity #SBOM #CWE1395
Simon Roses Femerling13h ago
Cursor to start offering security code reviews. Everybody is jumping on the bandwagon I guess. Is good everyone gets access to security reviews, let’s hope software gets better. 🤔 #appsec #cybersecurity
CVEDatabase.com23h ago
Security Tip: Are your API keys permanent? 🛡️ Long-lived secrets are a major risk. If an environment is compromised, those keys give attackers indefinite access. Implement automated rotation and prefer short-lived tokens or IAM roles where possible. This limits the blast radius of a leak. Stay ahead of emerging threats and vulnerabilities with technical insights at https://cvedatabase.com #CyberSecurity #InfoSec #AppSec #SecretsManagement
CVEDatabase.com - Search & Analyze CVE Vulnerabilities

Search and analyze CVE vulnerabilities with instant access to CVSS scores, affected products, and AI-powered remediation guidance.

CVEDatabase.com
CVEDatabase.com1d ago

Security Tip: API keys and secrets should never live in your version control. 🛡️

Hardcoding credentials increases the risk of accidental exposure. Instead:
1. Use environment variables or secrets managers.
2. Implement regular key rotation.
3. Audit your code for leaked secrets using automated tools.

Managing secrets is as vital as patching CVEs. Keep your infrastructure secure at https://cvedatabase.com #InfoSec #CyberSecurity #AppSec #CVE

CVEDatabase.com - Search & Analyze CVE Vulnerabilities

Search and analyze CVE vulnerabilities with instant access to CVSS scores, affected products, and AI-powered remediation guidance.

CVEDatabase.com
OWASP Foundation1d ago

For the first time ever, OWASP MAScon hits OWASP Global AppSec EU 2026 in Vienna! Join top experts for cutting-edge mobile security talks, live demos & real-world insights.

🎟 Tickets: https://owasp.glueup.com/event/owasp-global-appsec-eu-2026-vienna-austria-162243/tickets.html
📖 Details: https://owaspglobalappseceuvienna20.sched.com/overview/type/MobileAppSecCon

#OWASP #MobileSecurity #AppSec #MAScon #CyberSecurity