XDA Developers on MSN

Google kept featuring this Chrome extension for months after it turned malicious

How can an extension change hands with no oversight?
UNESCO

Reporting a Cybersecurity Issue: UNESCO’s Security Vulnerability Disclosure policy

Cookie Not Marked as HttpOnly. Cookie Not Marked as Secure. Missing HTTP security headers. HTTP Header Information Disclosure. Missing HTTP Strict Transport Security Policy. Software version ...