Commonjoe/ WrongSecrets - https://github.com/commjoen/wrongsecrets
Improper secret storage is a common technology problem. Use this tool to expose your developers to how to do it wrong, so they can learn how to do it right

List of IT Assets an Attacker is most likely to Extort -https://www.helpnetsecurity.com/2021/10/13/it-assets-target/
Attackers love IT assets; here are the top things they are targeting and exploiting.

OWASP Top 10 2021: 7 action items for app sec teams https://www.securityjourney.com/post/owasp-top-10-2021-7-action-items-for-app-sec-teams
Your AppSec team has work to do with the new OWASP Top Ten for 2021.

How to win at CORS - https://jakearchibald.com/2021/cors
CORS is tough to implement correctly and develop against – but it is worth the effort. Security is often difficult.

7 Unconventional Pieces of Password Wisdom -https://www.darkreading.com/application-security/7-unconventional-pieces-of-password-wisdom
Nice summary of NIST 800-63b.