Microsoft has created the Adversarial ML Threat Matrix. If you are in Machine Learning, it is certainly worth a look.
Fuzzilli is a JS fuzzing library that allows you to write fuzzing patterns in a custom interpreted language to generate errors, find injection points, and do other useful things.
Hijacking DNS is one of my biggest worries because it slips between the cracks of appsec and devops.
FinalRecon is a recently updated web recon tool. I haven’t tried it yet but I’m gonna.
Good writeup on the recent RCE bug patched in Discord.
CORS is new (ish) and this is a great breakdown on hacking it from a knowledge perspective.
Have a great week everyone.