Big news this week was the F5 zero day, of course, but on the application side you should review the code for the exploit, which is public. I am not gonna link it here but y'all can google. DO NOT run this on your corporate machines, use your test box and a VM, and just look. Here is a link to the CVE:
https://us-cert.cisa.gov/ncas/current-activity/2020/07/04/f5-releases-security-advisory-big-ip-tmui-rce-vulnerability-cve
Bestill my heart, an API driven HTTP server. Haven't played with it yet but I looks super sexy.
https://httpie.org/
Common thread on this newsletter - DNS is dangerous. Review your records.
https://www.theregister.com/2020/07/07/microsoft_azure_takeovers/
Very nice collection of testing scripts - well worth the clone and the hour it takes to learn to use them. I'm integrating them into my test scenarios.
https://github.com/wintrmvte/Citadel
That's the news, folks!