1. Bug Bounty Researcher Finds 4 Subdomain Takeovers in 600K Assets, Sparks 'Is It Dead?' Debate
A bug bounty researcher has reignited debate over the viability of subdomain takeover as a vulnerability class after reporting a shockingly low discovery rate: just 4 takeoverable domains across 600,000 scanned assets. The researcher spent a week building a tool to scrape eligible subdomains for every program, then ran...