I forgot about this thread for almost a month. I just happened to be browsing in the Books forums today and found it.
I finished Chapter 12 yesterday (which deals with attacking other users via XSS, XSRF, JSON hijacking, DNS pinning, frame injection and several other concepts) and will be starting Chapter 13 tomorrow. In my opinion the book gets a lot more interesting starting at Chapter 9 (code injection). I learned numerous things that I've never heard of before as well as some valuable tips on SQL injections.