kingthorin_rm
@kingthorin.bsky.social
IT Sec guy, zaproxy co-lead, WSTG co-lead, VWAD co-lead, OWASP Ottawa volunteer, Hac≺3r, supporter of oxford commas, #INTJ. (Opinions == mine) 🍁
Simon Sinek posted on LinkedIn
Simon Sinek posted images on LinkedIn
www.linkedin.com
February 14, 2026 at 11:21 AM
Reposted by kingthorin_rm
Canada is one step closer to mandatory secure coding in government software.
Petition e-7115 is live!
If you can sign, please do it today:
👉 https://twp.ai/9Pa2w8
This is how we make real change. 🙏
Petition e-7115 is live!
If you can sign, please do it today:
👉 https://twp.ai/9Pa2w8
This is how we make real change. 🙏
February 12, 2026 at 4:27 PM
Canada is one step closer to mandatory secure coding in government software.
Petition e-7115 is live!
If you can sign, please do it today:
👉 https://twp.ai/9Pa2w8
This is how we make real change. 🙏
Petition e-7115 is live!
If you can sign, please do it today:
👉 https://twp.ai/9Pa2w8
This is how we make real change. 🙏
Reposted by kingthorin_rm
The next OWASP London Chapter in-person meetup will take place on February 26th, 2026 kindly hosted by @civo.com Tech Junction and kindly sponsored by @curity.io
Additional raffle prize is kindly sponsored by @fortbridge.bsky.social
Register to attend here:
👇
www.eventbrite.co.uk/e/owasp-lond...
Additional raffle prize is kindly sponsored by @fortbridge.bsky.social
Register to attend here:
👇
www.eventbrite.co.uk/e/owasp-lond...
OWASP London Chapter Meetup
Join us to learn from expert speakers, network with like-minded professionals and stay ahead in the ever-evolving world of Cyber Security
www.eventbrite.co.uk
February 11, 2026 at 9:13 PM
The next OWASP London Chapter in-person meetup will take place on February 26th, 2026 kindly hosted by @civo.com Tech Junction and kindly sponsored by @curity.io
Additional raffle prize is kindly sponsored by @fortbridge.bsky.social
Register to attend here:
👇
www.eventbrite.co.uk/e/owasp-lond...
Additional raffle prize is kindly sponsored by @fortbridge.bsky.social
Register to attend here:
👇
www.eventbrite.co.uk/e/owasp-lond...
@zaproxy.org Released add-ons today:
GraphQL ➡️ Fixes the optional integration with the Tech Detection add-on which had been failing.
OpenAPI ➡️ Re-enables Swagger Secret Detector Script Scan Rule, the JS Engine memory leak has been addressed.
#AppSec #DevSecOps #WebAppSec #BugBountyTips
GraphQL ➡️ Fixes the optional integration with the Tech Detection add-on which had been failing.
OpenAPI ➡️ Re-enables Swagger Secret Detector Script Scan Rule, the JS Engine memory leak has been addressed.
#AppSec #DevSecOps #WebAppSec #BugBountyTips
February 11, 2026 at 1:51 PM
@zaproxy.org Released add-ons today:
GraphQL ➡️ Fixes the optional integration with the Tech Detection add-on which had been failing.
OpenAPI ➡️ Re-enables Swagger Secret Detector Script Scan Rule, the JS Engine memory leak has been addressed.
#AppSec #DevSecOps #WebAppSec #BugBountyTips
GraphQL ➡️ Fixes the optional integration with the Tech Detection add-on which had been failing.
OpenAPI ➡️ Re-enables Swagger Secret Detector Script Scan Rule, the JS Engine memory leak has been addressed.
#AppSec #DevSecOps #WebAppSec #BugBountyTips
Reposted by kingthorin_rm
Have you heard? 👂
Early bird pricing is OPEN for Global AppSec USA, coming to San Francisco this November!
Celebrate 25 years of OWASP and be part of an unforgettable AppSec experience. 🎟️
👉 owasp.glueup.com/eve...
#AppSec #OWASP #CyberSecurity #EarlyBird #SanFrancisco
Early bird pricing is OPEN for Global AppSec USA, coming to San Francisco this November!
Celebrate 25 years of OWASP and be part of an unforgettable AppSec experience. 🎟️
👉 owasp.glueup.com/eve...
#AppSec #OWASP #CyberSecurity #EarlyBird #SanFrancisco
February 9, 2026 at 3:16 PM
Have you heard? 👂
Early bird pricing is OPEN for Global AppSec USA, coming to San Francisco this November!
Celebrate 25 years of OWASP and be part of an unforgettable AppSec experience. 🎟️
👉 owasp.glueup.com/eve...
#AppSec #OWASP #CyberSecurity #EarlyBird #SanFrancisco
Early bird pricing is OPEN for Global AppSec USA, coming to San Francisco this November!
Celebrate 25 years of OWASP and be part of an unforgettable AppSec experience. 🎟️
👉 owasp.glueup.com/eve...
#AppSec #OWASP #CyberSecurity #EarlyBird #SanFrancisco
Reposted by kingthorin_rm
Are you concerned that Pierre Poilievre refuses to get national security clearance?
We are facing unprecedented level of threat from external forces and internal traitor groups.
Please sign this petition calling on all national leaders to put their nation first.
www.ourcommons.ca/petitions/en...
We are facing unprecedented level of threat from external forces and internal traitor groups.
Please sign this petition calling on all national leaders to put their nation first.
www.ourcommons.ca/petitions/en...
Petition e-7148 - Petitions
www.ourcommons.ca
February 8, 2026 at 12:55 AM
Are you concerned that Pierre Poilievre refuses to get national security clearance?
We are facing unprecedented level of threat from external forces and internal traitor groups.
Please sign this petition calling on all national leaders to put their nation first.
www.ourcommons.ca/petitions/en...
We are facing unprecedented level of threat from external forces and internal traitor groups.
Please sign this petition calling on all national leaders to put their nation first.
www.ourcommons.ca/petitions/en...
OMG so excited #WednesdayWin a set of authentication changes I've been working on for @zaproxy.org were merged this morning.
#OpenSource
#OpenSource
a group of people are sitting at a table with a man in a suit and tie clapping .
ALT: a group of people are sitting at a table with a man in a suit and tie clapping .
media.tenor.com
February 4, 2026 at 12:03 PM
OMG so excited #WednesdayWin a set of authentication changes I've been working on for @zaproxy.org were merged this morning.
#OpenSource
#OpenSource
Reposted by kingthorin_rm
New blog post: www.zaproxy.org/blog/2026-02...
Highlights of 2025 and our initial plans for 2026, including more 3rd Party tool integrations, enhanced exploring and, yes, AI integration!
#zaproxy #appsec #ai
Highlights of 2025 and our initial plans for 2026, including more 3rd Party tool integrations, enhanced exploring and, yes, AI integration!
#zaproxy #appsec #ai
ZAP Updates - 2025 Highlights and Plans for 2026
Highlights of 2025 and our initial plans for 2026, including more 3rd Party tool integrations, enhanced exploring and, yes, AI integration!
www.zaproxy.org
February 2, 2026 at 1:45 PM
New blog post: www.zaproxy.org/blog/2026-02...
Highlights of 2025 and our initial plans for 2026, including more 3rd Party tool integrations, enhanced exploring and, yes, AI integration!
#zaproxy #appsec #ai
Highlights of 2025 and our initial plans for 2026, including more 3rd Party tool integrations, enhanced exploring and, yes, AI integration!
#zaproxy #appsec #ai
Reposted by kingthorin_rm
[🤖] Enjoy 20% off all our juicy products with this #coupon code: mNYT0hz3Wr (valid until 2026-02-28)
February 1, 2026 at 1:40 AM
[🤖] Enjoy 20% off all our juicy products with this #coupon code: mNYT0hz3Wr (valid until 2026-02-28)
Interested in getting started with @zaproxy development? Here's a #GoodFirstIssue we just added:
github.com/zaproxy/zapr...
github.com/zaproxy/zapr...
Missing CSP header rule is sometimes slow · Issue #9229 · zaproxy/zaproxy
Describe the bug: Per gathered statistics etc it seems that the Missing CSP header rule (10038) can sometimes be quite slow. We believe this is due to the CSP via META tag check. The META tag check...
github.com
January 27, 2026 at 3:38 PM
Interested in getting started with @zaproxy development? Here's a #GoodFirstIssue we just added:
github.com/zaproxy/zapr...
github.com/zaproxy/zapr...
Please go sign this 🇨🇦 Federal petition to establish a mandatory secure coding policy for the government of Canada: www.ourcommons.ca/petitions/en... 🍁
Petition e-7115 - Petitions
www.ourcommons.ca
January 26, 2026 at 1:44 PM
Please go sign this 🇨🇦 Federal petition to establish a mandatory secure coding policy for the government of Canada: www.ourcommons.ca/petitions/en... 🍁
Reposted by kingthorin_rm
Reposted by kingthorin_rm
FYI Firefox 147 adds about:keyboard so on mac you can make alt+D (option+D) be address bar focus like it is on other platforms
(There's one minor hiccup, if focus is currently a text field on the active page then it'll insert "∂", but in the majority of cases it works.)
#Firefox #FreeTheWeb
(There's one minor hiccup, if focus is currently a text field on the active page then it'll insert "∂", but in the majority of cases it works.)
#Firefox #FreeTheWeb
January 16, 2026 at 1:16 PM
FYI Firefox 147 adds about:keyboard so on mac you can make alt+D (option+D) be address bar focus like it is on other platforms
(There's one minor hiccup, if focus is currently a text field on the active page then it'll insert "∂", but in the majority of cases it works.)
#Firefox #FreeTheWeb
(There's one minor hiccup, if focus is currently a text field on the active page then it'll insert "∂", but in the majority of cases it works.)
#Firefox #FreeTheWeb
Reposted by kingthorin_rm
🦊 Firefox 147 introduces Safe Browsing V5, enables WebGPU for Apple Silicon, boosts AMD video playback, enhances privacy for ETP Strict, adds Linux XDG support, enhanced Picture-in-Picture, includes Unicode 17 support, and much more.
buff.ly/TSnGiKi
buff.ly/TSnGiKi
January 14, 2026 at 12:06 PM
🦊 Firefox 147 introduces Safe Browsing V5, enables WebGPU for Apple Silicon, boosts AMD video playback, enhances privacy for ETP Strict, adds Linux XDG support, enhanced Picture-in-Picture, includes Unicode 17 support, and much more.
buff.ly/TSnGiKi
buff.ly/TSnGiKi
Reposted by kingthorin_rm
🚨 OWASP Ottawa January Meetup – Featuring Vincent Dragnea! 🚨
#OWASP #Ottawa is excited to announce that we are hosting our first monthly meetup of the year! We’re thrilled to welcome Vincent Dragnea to our in-person meetup at the University of Ottawa on January 21, 2026.
#AppSec #Infosec
#OWASP #Ottawa is excited to announce that we are hosting our first monthly meetup of the year! We’re thrilled to welcome Vincent Dragnea to our in-person meetup at the University of Ottawa on January 21, 2026.
#AppSec #Infosec
OWASP Ottawa Jan 21st 2026: Bypassing SameSite cookie protections in browsers, Wed, Jan 21, 2026, 6:00 PM | Meetup
**Welcome to our in-Person Meetup at the University of Ottawa**
In-Person Location:
150 Louis-Pasteur Private, Ottawa,
University of Ottawa
Room 117
We will continue to L
www.meetup.com
January 13, 2026 at 4:25 PM
Reposted by kingthorin_rm
OWASP is leaving Meetup.
Starting in February #OWASP #Ottawa will no longer be planning our events using Meetup.
To learn of our events you can:
- Keep following us here and turn on notifications.
- Follow us on Mastodon at infosec.exchange/@OWASP_Ottawa
- and our owasp.org/ottawa page
Starting in February #OWASP #Ottawa will no longer be planning our events using Meetup.
To learn of our events you can:
- Keep following us here and turn on notifications.
- Follow us on Mastodon at infosec.exchange/@OWASP_Ottawa
- and our owasp.org/ottawa page
Redirecting…
owasp.org
January 14, 2026 at 3:13 AM
OWASP is leaving Meetup.
Starting in February #OWASP #Ottawa will no longer be planning our events using Meetup.
To learn of our events you can:
- Keep following us here and turn on notifications.
- Follow us on Mastodon at infosec.exchange/@OWASP_Ottawa
- and our owasp.org/ottawa page
Starting in February #OWASP #Ottawa will no longer be planning our events using Meetup.
To learn of our events you can:
- Keep following us here and turn on notifications.
- Follow us on Mastodon at infosec.exchange/@OWASP_Ottawa
- and our owasp.org/ottawa page
January 1, 2026 at 5:01 AM
Reposted by kingthorin_rm
ZAP 2.17.0 is now available!
It includes performance improvements, a significant reduction in “duplicate” alerts reported, and new Insights which give you key information about scans.
www.zaproxy.org/blog/2025-12...
#zaproxy #appsec
It includes performance improvements, a significant reduction in “duplicate” alerts reported, and new Insights which give you key information about scans.
www.zaproxy.org/blog/2025-12...
#zaproxy #appsec
ZAP 2.17.0
ZAP 2.17.0 has just been released. The release includes core performance improvements and will significantly reduce the number of “duplicate” alerts reported.
www.zaproxy.org
December 15, 2025 at 3:16 PM
ZAP 2.17.0 is now available!
It includes performance improvements, a significant reduction in “duplicate” alerts reported, and new Insights which give you key information about scans.
www.zaproxy.org/blog/2025-12...
#zaproxy #appsec
It includes performance improvements, a significant reduction in “duplicate” alerts reported, and new Insights which give you key information about scans.
www.zaproxy.org/blog/2025-12...
#zaproxy #appsec
Hey Bluesky. Can you get @zaproxy.org to 15k ⭐️?
#OpenSource #DAST #AppSec #WebAppSec #ITSec #CyberSec #PenTest #BugBountyTips
Current Stars 14500
github.com/zaproxy/zapr...
#OpenSource #DAST #AppSec #WebAppSec #ITSec #CyberSec #PenTest #BugBountyTips
Current Stars 14500
github.com/zaproxy/zapr...
GitHub - zaproxy/zaproxy: The ZAP by Checkmarx Core project
The ZAP by Checkmarx Core project. Contribute to zaproxy/zaproxy development by creating an account on GitHub.
github.com
December 12, 2025 at 2:39 PM
Hey Bluesky. Can you get @zaproxy.org to 15k ⭐️?
#OpenSource #DAST #AppSec #WebAppSec #ITSec #CyberSec #PenTest #BugBountyTips
Current Stars 14500
github.com/zaproxy/zapr...
#OpenSource #DAST #AppSec #WebAppSec #ITSec #CyberSec #PenTest #BugBountyTips
Current Stars 14500
github.com/zaproxy/zapr...
Reposted by kingthorin_rm
Discovery of record dinosaur footprints to reveal secrets of two-legged giants
Discovery of record dinosaur footprints to reveal secrets of two-legged giants
Discovery of record dinosaur footprints to reveal secrets of two-legged giants
www.independent.co.uk
December 9, 2025 at 11:33 AM
Discovery of record dinosaur footprints to reveal secrets of two-legged giants
Reposted by kingthorin_rm
Reposted by kingthorin_rm
my new blogpost is out!!
this one talks about a new web vulnerability class i discovered that allows for complex interactive cross-origin attacks and data exfiltration
and i've already used it to get a google docs bounty ^^
have fun <3
lyra.horse/blog/2025/12...
this one talks about a new web vulnerability class i discovered that allows for complex interactive cross-origin attacks and data exfiltration
and i've already used it to get a google docs bounty ^^
have fun <3
lyra.horse/blog/2025/12...
SVG Filters - Clickjacking 2.0
A novel and powerful twist on an old classic.
lyra.horse
December 4, 2025 at 2:03 PM
my new blogpost is out!!
this one talks about a new web vulnerability class i discovered that allows for complex interactive cross-origin attacks and data exfiltration
and i've already used it to get a google docs bounty ^^
have fun <3
lyra.horse/blog/2025/12...
this one talks about a new web vulnerability class i discovered that allows for complex interactive cross-origin attacks and data exfiltration
and i've already used it to get a google docs bounty ^^
have fun <3
lyra.horse/blog/2025/12...
Reposted by kingthorin_rm
The latest version of the retirejs add-on includes a test for CVE-2025-66478 which is marked as "critical" so update now to detect this vulnerability.
December 4, 2025 at 12:26 PM
The latest version of the retirejs add-on includes a test for CVE-2025-66478 which is marked as "critical" so update now to detect this vulnerability.