Application Security This Week for August 12

Interesting idea – introducing bugs to make software more difficult to attackers to navigate.  Seems risky to me; I would rather see self-reporting software.

Cloudflare has a really really good writeup on TLS 1.3.

Questionably ethical hacker steals credentials from the Homebrew repo and makes a commit.

Viral tweet thread on the “voatz” software that WVa is planning on using for midterm elections. Vulnerabilityapalooza.

Portswigger posted a nice primer on cache poisoning.