Really awesome article on automating application scanning with OWASP ZAP:
https://www.zaproxy.org/blog/2020-04-09-automate-security-testing-with-zap-and-github-actions/
Interesting model on how Chrome extensions can be used for man-in-the-middle attacks.
https://github.com/mandatoryprogrammer/cursedchrome
DLL Hijacking is one of those thick-client attacks that everyone dismisses, but they shouldn't. This is why:
https://itm4n.github.io/windows-dll-hijacking-clarified/
Another information disclosure vulnerability - this time through the Referrer header.
https://www.theregister.co.uk/2020/04/30/email_http_leakage/
That's the news folks. Hope everyone is healthy!