The Daily Swig

Password managers part II: The Daily Swig looks at enterprise-grade tech capable of managing login credentials, encryption keys, API tokens and more https://t.co/tp0ZpIZoYd

Chromium bug allowed SameSite cookie bypass on Android devices https://t.co/5ImkkbLRie

Deserialized web security roundup: Twitter 2FA backlash, GoDaddy attack campaign, and XSS Hunter adds e2e encryption https://t.co/GEVvFMW2OI

The US National Institute of Standards and Technology is planning a major reform of its Cybersecurity Framework, an authoritative guideline on managing cybersecurity risk https://t.co/BgRfbgCBZf

Maintainers of new XSS Hunter fork add end-to-end encryption following backlash over privacy fears https://t.co/OOryhKH1Hq

A flaw in ClamAV anti-malware software has resulted in a vulnerability in Cisco security products https://t.co/W6ETzas4FO

Weaknesses in the CVSS system have been highlighted through new research, with existing metrics blamed for 'overhyping' vulnerabilities https://t.co/T2xhsXTAUe

Belgium will protect ethical hackers under a nationwide safe harbor framework announced this week https://t.co/Ya461qJak9

A HTTP request smuggling bug has been patched in HAProxy https://t.co/Gl0ZFdJG7M

Belgium launches Europe’s first nationwide safe harbor for ethical hackers https://t.co/Ya461qJak9

Although Apache Kafka software has not transformed into a giant insect, it has spawned a serious security bug https://t.co/22dc8sPX1V

Part one of our two-part series looks at the security pros and cons of consumer-focused password managers and what they can offer users https://t.co/slK2RX5gZp

Deserialized web security roundup: KeePass dismisses ‘vulnerability’ report, OpenSSL gets patched, and Reddit admits phishing hack https://t.co/nXRsGCQu38