Hey, welcome back from holidays. Quite a week it has been.
Portswigger has a really good writeup of OAUTH 2 vulnerabilities.
https://portswigger.net/web-security/oauth
This isn't so much appsec, but it is really interesting code that hacks a game - Cyberpunk 2077 minigame resolver.
https://github.com/nicolas-siplis/cyberpwned
SolarWinds just keeps on giving.
https://kb.cert.org/vuls/id/843464
Keep on keeping on, folks.