Episode 165 - Portswigger 2021 Top 10, Supply Chain Attacks, TLS Certs

Welcome to the latest nihilism and bitch session. In this episode, Seth and Ken review Portswigger's Top 10 list of the "most significant web security research released in the last year". Discussion of weak links in the NPM supply chain and what developers can look at to ascertain the security of packages they depend on. Finally, Russia has begun issuing its own TLS certificates, which always leads to better privacy and security for the general public..../s