Hello everyone, I am and intermediate ethical hacker. I am have finished all portswigger labs (that dont need burp collaborator, I am working with community edition). I am practicing reading source code to find vulnerabilities. I have read that in 2006 CSRF was the new trend full of low hanging fruits. In 2016, CORS was the new trend that everyone was after and even Google paid a lot of bounties regarding CORS alone.

My question is, in 2026, what should I look for?

What the ned big thing that is full of critical vulnerabilities so I can hack them ethically?