kingthorin

#owasp members please get out and vote 🗳️
board.owasp.org/elections/20...

Check your membership related email account (check spam/junk) for "2025 OWASP Global Board of Directors Election" from simplyvoting.

#GetOutAndVote

Thanks!

Link?

Great intro to various ZAP features!!

🚨 Our room block was extended by 1 day! BOOK YOUR GLOBAL #APPSEC ROOM TODAY.

It is your final chance to grab discounted guest room rates at our hotel. Secure your spot NOW and pocket some extra cash 💸

book.passkey.com/gt/...

#devsecops #OWASP #threatmodeling #SDLC

Splitting the email atom Gareth Heyes Researcher, PortSwigger Thurs, Dec 4, 2025 | 9:00am

Last chance to catch "Splitting the Email Atom: Exploiting Parsers to Bypass Access Controls" at the NDC Conference, Manchester. Join me and see just how wild the email RFCs really are.

portswigger.net/research/tal...

Congrats team!

🤷‍♂️

Hadn’t had enough coffee 🤪

Sometimes things are “too” obvious 😁

For anyone else that goes looking, the page loads batches of mugs so you probably have to scroll way down to find it, and can't do an in-page search effectively :(

Talks that challenge, workshops that teach, and a community that pushes boundaries. That’s WICCON 2025. Haarlem, Oct 30–31.

Join us & be part of it 👉 wiccon.nl/tickets-2025
#WICCON2025

Late #WednesdayWin this was my wrist a year ago. I’ve been through physio and done a ton of exercise etc myself. It’s 85-90% back!!!

Supposedly, based on recent headlines, Starbucks is moving back toward the Third Place idea.

Time will tell I guess.

Revolutionology (REBELLIONS & SOCIAL CHANGE) with Dr. Jack Goldstone — alie ward Storming the Bastille. Facing off with tanks. Canceling a streaming subscription.  We’re talking protests, boycotts, insurrections, and demonstrations. Scholar, professor, and actual real life R...

Y'ALL LIKE REVOLUTIONS?

Storming the Bastille. Facing off with tanks. Canceling a streaming subscription.

Here's a breakdown of why they happen -- and how -- with the world's foremost expert in revolutions and social change. (And yes there are tips.)

www.alieward.com/ologies/revo...

Dr. Jane Goodall Dead at 91 — TMZ Jane Goodall, the world-renowned primatologist and chimpanzee expert, has died ... according to a statement posted to her official Instagram account.

RiP Jane Goodall 🦍

apple.news/ATzz13DBZQhe...

[🤖] Save 30% during your next shopping frenzy with #coupon code: pEw8ph7ZQr (expires 2025-10-31)

Alert De-Duplication How and why we will be reporting fewer “duplicate” alerts in ZAP.

New blog post: Alert De-Duplification
www.zaproxy.org/blog/2025-09...
#zaproxy #appsec

🎥 Want to level up your ZAP game?
The @zaproxy.org team has an awesome library of how-tos, demos, and deep dives — all free.

From beginner basics to advanced scripting, it’s all here:
👉 zaproxy.org/videos/

#YouDontKnowZAP

Donate to Supporting the Shea Family in Loving Memory of Caspian, organized by Debra Kavaler Wysopal On behalf of the Shea family, we have created this page of su… Debra Kavaler Wysopal needs your support for Supporting the Shea Family in Loving Memory of Caspian

gofund.me/ae3e52797

An old friend of the herd is going through something awful. If you're in a position to consider donating, we hope you will.

Really #apple @AppleSupport it's 2025, my street name actually DOES have an apostrophe!!!!!

#UserExperienceFail #UXFail #Mac #uxui

Hi everyone! I recently joined The OWASP Top Ten project team, and we need your opinion! We're very close to finishing the 2025 list, and we want your feedback. Please answer this survey for us?
https://twp.ai/4iqTqJ
@owasp.org #owasp #owasptopten

Our plan for a more secure npm supply chain GitHub is strengthening npm's security with stricter authentication, granular tokens, and enhanced trusted publishing.

GitHub will require a FIDO-based two-factor authentication method to publish updates to npm packages.

The company will also deprecate legacy long-lived npm tokens and roll out new ones that last only seven days.

github.blog/security/sup...

I'm speaking at OWASP Ottawa on Thursday October 9th, in person! Come check out the details on my crusade for more secure code in Canada!

https://twp.ai/9PVlxa
CC @owasp_ottawa@infosec.exchange @owasp_ottawa

CRS Community Call · Luma A video call where the CRS dev team gets to meet their community face-to-face. A place for information exchange and questions for both newbies and experienced…

Later today, I'll be hosting a ModSecurity / CRS community call

luma.com/8yc1p543

We'll be talking about success metrics, WAF testing and other integration questions.

That seems like one of those things they always recommend against 😇

OWASP is teaming up with @InfoSecMap to make cybersecurity events & resources more accessible, inclusive, and global - including OWASP Chapters & Events!

No marketing, pay-to-play nonsense - just human curated community & events.
Explore the brand new OWASP hub now: InfoSecMap.com/owasp

Well at least he knew it was an ocean…

I really would have expected “…you know there’s like a lot of water between us.”

YouTube video by OWASP Ottawa OWASP Ottawa September 2025 - Sufficient Logging & Monitoring

Missed this talk? Check out the recorded version of this talk on our YouTube channel, along with plenty of our past talks!

📽️: www.youtube.com/watch?v=tza_...

Last night, OWASP Ottawa had the pleasure of hosting Robert Babaev for his insightful talk, titled "(Finally) Sufficient Logging and Monitoring - MCP Edition".

Thank you, Robert, for this amazing talk, and we look forward to more talks from you in the future.

Alright bskyverse share your stories. Your cyberz friends need to hear some good news. Big or small!!!

In #OpenSource I’ve gotten to do some actual Web testing recently & am working on some changes to ZAP’s scan rules. Plus datafaker released 2.5.0 this week #WednesdayWins

Happening today!

Not gonna make it? Watch the live stream on our YouTube channel at www.youtube.com/watch?v=tza_...

Details of event in the original post 👇