Late post again, apologies! Also no tool this week but a lot of posts about domain hijacks and SEO bypasses.

---

Articles

Authentication bypass on Uber’s Single Sign-On via subdomain takeover

One part domain hijacking, two parts SEO takeover, this post has it all.

The .io Error – Taking Control of All .io Domains With a Targeted Registration

This is more involved than the last post domain wise, taking over a whole TLD. The .IO one at that! (Source)

24-core CPU and I can’t move my mouse

Dive deep into ETW traces and program traces. (Source)

Toward Go 2

Go 2.0 is coming!

Starbucks should really make their APIs public

Its funny this post came up this week as my friend is currently trying to hack an Amazon button to order his coffee through Skip.

• Previous issue

  South Australia's battery, Medicare leak, Chatbots & more

• Next issue

  CircleCI, 50TB SSD, Firefox tabs & more