Influencers in China must prove their training about certain topics

(Thanks to @simone for this link)

https://marketing4ecommerce.net/en/china-influencers-training/

The @w3c Device Bound Session Credentials (DBSC) is a Web #API and protocol designed to prevent session hijacking by binding sessions to a device-held private key #FPWD #timetogiveinput
▶️ https://www.w3.org/TR/dbsc/

At sign-in, the browser generates a private key and binds it to the session. When #cookies expire or are missing, the browser must contact a server-designated refresh endpoint and present proof of key ownership to obtain fresh cookies. #security

Feedback wlc: https://github.com/w3c/webappsec-dbsc/issues/

Based on the @w3c workshop "Secure the Web Forward” and thanks to work taking place in the W3C Security Web Application Guidelines (SWAG) #CommunityGroup, we are happy to release 6 videos that address the complexities of Content Security Policy and Trusted Types, by introducing open-source tooling that reduce uncertainty and complexity of configuring web #security mitigations against XSS.

▶️ https://www.w3.org/blog/2025/how-to-protect-your-web-applications-from-xss/
cc @simone @torgo

🎬 Security at W3C playlist: https://www.youtube.com/playlist?list=PLNhYw8KaLq2Wr27HLfSTD4d6JpC3G0PVr