Looks like the final OWASP Top 10 (2025) has been published: owasp.org/Top10/2025/.

Based on commits, looks like this happened 5 days ago.

Surprised it’s taken this long! Microsoft has finally killed off the RC4 cipher.

www.msn.com/en-gb/money/...

Mitre’s Top 25 list is out: cwe.mitre.org/top25/archiv...

The candidate list for the OWASP Top 10 2025 list (owasp.org/Top10/2025/0...):

So the release candidate has been will be released today (6 November 2025): owasp.org/www-project-...

Comments until 20 November 2025.

SANS Holiday Hack Challenge 2025 is now available!

www.sans.org/cyber-ranges...

Friendly reminder… the 2025 OWASP Top 10 should be dropping at the end of this week!

Was getting confused as well, 15.7 was released, but so was macOS 26! It initially wasn't available, but is now 😆

Very true! Have that installing at this very moment as well.

2 update paths to go down today…

You don’t have to like or agree with others. But a simple bit of humanity can go a long way.

This is a really tough time of the year for me. I lost my own father 7 years ago. And while it does become easier to cope over time, it’s still difficult.
What makes it harder this time is seeing people celebrating the death of someone else’s father all because they don’t agree with their viewpoints

So this does look to have limited impact. Looks to only target cryptocurrency, and the window for downloading most of the malicious packages is only a few hours.

Hackers hijack npm packages with 2 billion weekly downloads in supply chain attack In a supply chain attack, attackers have injected malware into NPM packages with over 2.6 billion weekly downloads after compromising a maintainer's account in a phishing attack.

This is starting to look like this may have significant implications. 18 popular packages affected so far.

www.bleepingcomputer.com/news/securit...

The state of software development: 5 action items for AppSec teams | ReversingLabs Application security pros need to be ready to cope with security at the speed of code. Here's how to get a handle on modern software risk.

Great article by @jpmjr.bsky.social on @reversinglabs.com blog. Thank you for including my comments.

It’s going to be an interesting time ahead with AI now playing a larger role in development.

www.reversinglabs.com/blog/modern-...

US spy chief claims UK backdown on Apple backdoor demand : Tulsi Gabbard boasts Washington forced Blighty to drop iPhone encryption fight

I’m hoping that this is true!

www.theregister.com/2025/08/19/u...

Looks like you can import from other apps…

I like the ability to sync using things like my iCloud account, not to mention the support for multiple platforms and OS’s. It also looks slick as well.

Authenticator app download: Get Proton Authenticator | Proton Download Proton Authenticator app for Windows, macOS, Linux, Android, and iOS. Protect your accounts with secure two-factor codes. No ads, no tracking.

Proton have released a new Authenticator app. Looks pretty cool!

proton.me/authenticato...

Amazon AI coding agent hacked to inject data wiping commands A hacker planted data wiping code in a version of Amazon's generative AI-powered assistant, the Q Developer Extension for Visual Studio Code.

A good example of why understanding what the code of AI is doing.

www.bleepingcomputer.com/news/securit...

VPN usage soars in Iran – but authorities may be trying to prevent it Proton VPN confirmed an hourly increase in sign-ups of over 1,400% starting from July 25, 2025

I’m completely shocked! Would have never expected this to happen!

www.techradar.com/vpn/vpn-priv...

This major cybercrime forum might have just exposed all its users A leak forum did what leak forums do - but to its own users

Oh dear! What a shame… never mind 😁

The sweet taste of karma!

www.techradar.com/pro/security...

Never, totally legit 🤣

Exactly my thoughts 😂

Where to start 😁

Source: caniphish.com/blog/cyber-s...

Humble Tech Book Bundle: The Pentesting & Hacking Toolkit by Packt Learn how to test your cyber defenses with the Pentesting & Hacking Toolkit by Packt. Protect yourself from cyberattacks and support charity!

Humble Bundle has an interesting bundle at the moment.

Fingers crossed they see the errors of their way and improve. Sucks to be in these positions.

Yikes! That doesn’t sound good. Hope it gets sorted out.

Sorry to hear that. I hope it gets better! I would also say that often those postings are for the ideal candidate. So not always a case that you need to have everything on the job spec.