🤯🚨 BREAKING NEWS 🚨🤯

In a shocking development, new additions to the #ECMAScript standard WILL UNLEASH THE HERETOFORE UNAVAILABLE POWER OF ADDITION _IN JAVASCRIPT_ upon the world!

👉 https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Math/sumPrecise

Only works in Firefox ATM. Like, Chrome and Safari can't even add numbers currently.

#javascript #webdev

Talks from the Positive Hack Days 2025 security conference, which took place in May, are available on YouTube.

PHDays is Russia's largest cybersecurity conference, and all the talks are in Russian.

https://www.youtube.com/@positiveevents5242/playlists

Eerie Linux posted an extensive introduction to using CP/M that assumes no previous knowledge of early operating systems. They also link to other posts they wrote on the evolution of CP/M.

https://eerielinux.wordpress.com/2025/08/28/a-gentle-introduction-to-cp-m

#cpm #retrocomputing #os

Ksmbd Fuzzing Improvements and Vulnerability Discovery https://blog.doyensec.com/2025/09/02/ksmbd-2.html

[RSS] Linux I/O Port Access Checks on x86_64

https://u1f383.github.io/linux/2025/09/02/linux-io-port-access-checks-on-x86_64.html

go to the cloud they said
it'll be fine they said
https://www.bleepingcomputer.com/news/security/zscaler-data-breach-exposes-customer-info-after-salesloft-drift-compromise/

Your #DFIU category today is OG HACKER SHIRTS

This Ron Rivest 1987 cipher, illegal to export from the US (mathematical munitions), fit on 3 lines of Perl and adorned t-shirts as a form of civil disobedience before becoming the WEP protocol's greatest weakness

I don't like this custom protocol, I'm sure there is a common library that could be used! Let's take a look at this alternative repository...

"import org.springframework...."

*drop and run*

Yes, there’s another phishing campaign contacting fediverse users to fill out a form to avoid being suspended or whatever. Stay calm and just report them and be sure to check the option to inform their home instance so the account gets suspended for everyone.

Also, please consider enabling moderated signups if you don’t already have them. I get it - signups dropped by >90% when I did it, but there’s very little capability for dealing with bad actors proactively once they have an account. I know it’s not a foolproof way to keep the scammers out, but it is an improvement.

[RSS] STAR Labs Summer Pwnables Linux Kernel Challenge Writeup

https://u1f383.github.io/linux/2025/09/01/starlabs-summer-pwnables-linux-kernel-challenge-writeup.html

you had ONE job

"Just fucking use HTML"- https://justfuckingusehtml.com/

Just a tiny bit offensive. 🤏

🔥 So, at DEF CON there was a talk about deobfuscation: VMDragonSlayer by @van1sh_bsidesit.

The author released the code and there's clearly huge amounts of AI slop.🤖

Now, WE WENT TO THE TALK and spoke with the speaker after the talk. 🧵
https://bird.makeup/users/dodo_sec/statuses/1960547263605772738

[RSS] Netskope Client for Windows - Local Privilege Escalation via Rogue Server (CVE-2025-0309)

https://blog.amberwolf.com/blog/2025/august/advisory---netskope-client-for-windows---local-privilege-escalation-via-rogue-server/

newtons per kernel module

Entertaining and inspiring #pwn2own #xdev writeup 👏 (also from a few months back)

#Lorex 2K Indoor Wi-Fi Security Camera: RCE #Exploit Chain

https://github.com/sfewer-r7/LorexExploit

https://www.rapid7.com/globalassets/_pdfs/research/pwn2own-iot-2024-lorex-2k-indoor-wi-fi-security-camera-research.pdf

[RSS] This Week in Security: DEF CON Nonsense, Vibepwned, and 0-days

https://hackaday.com/2025/08/29/this-week-in-security-def-con-nonsense-vibepwned-and-0-days/

by Hackaday

Don't forget: this Friday, September 5th, is a #BandcampFriday and a #FairTradeMusicFriday!

https://IsItBandcampFriday.com
https://IsItFairTradeMusicFri.day

#FediMusic #Bandcamp #FairTradeMusic #Music #Musodon

KernelSnitch - Side-Channel Attacks on Kernel Data Structures

https://lukasmaar.github.io/slides/ndss25-kernelsnitch.pdf