The Web Security Mailing List
New post on abusing password managers with Cross-Site Scripting. http://labs.neohapsis.com/2012/04/25/abusing-password-managers-with-xss/