The Enterprise Security API for Java went to 2.2.1.0
https://github.com/ESAPI/esapi-java-legacy/blob/esapi-2.2.1.0/documentation/esapi4java-core-2.2.1.0-release-notes.txt
Microsoft's .NET Framework is getting rid of the Binary Formatter, erasing a significant security flaw
https://github.com/dotnet/designs/pull/141
Good writeup on pentesting GitHub source repos - a great place to find bugs in open source packages used by your apps
https://www.errno.fr/Attacking_source_repositories
Portswigger's Burp Suite now includes a pre-configured browser as part of community edition - a game changer if you are doing inhouse training or CTFs
https://portswigger.net/burp/releases/professional-community-2020-7
Unquestionably the funniest POC for an exploit I have ever seen in my life
https://github.com/tinkersec/cve-2020-1350
That's the news, folks. Hope everyone is well.