They've been very quiet for a number of months and now you know what they have been doing - working on the Threat Classification document. The goal of the document is to establish a common web security vocabulary in order to avoid confusion among developers. Problems are categorized in six classes: "Authentication, Authorization, Client-side Attacks, Command Execution, Information Disclosure, and Logical Attacks". There are 24 problem definitions in total.