Trying to convince my students that having all your security policy changes include a design doc describing the status quo, the desired outcome, why this change will achieve it, why alternatives were rejected, and then implementing it via some automation schema so it can't accidentally be reverted for no obvious reason is good actually

i read the autumn/winter edition of the Good Internet Magazine on the day it arrived: https://goodinternetmagazine.com/

it's a cozy digital-and-print publication about the indie web, very accessible to everyone, not just to technologists

reading it reignited some of the desire to build an experience on the web that lies outside the norm of "usefulness" and "coherence"

i'm grateful to all authors and to @xandra for orchestrating it

#indieweb #goodinternetmagazine #smallweb #goodinternet

My life with Claude Code

Via @david buchanan

Why I Left Kali for Exegol https://bltsec.com/posts/exegol/

Full Disclosure: A Third (and Fourth) Azure Sign-In Log Bypass Found https://trustedsec.com/blog/full-disclosure-a-third-and-fourth-azure-sign-in-log-bypass-found

What's new is old, and what's old is new - as is relentlessly proven.

Join us in our analysis of CVE-2026-32746, the recent pre-auth RCE in inteutils' Telnetd.

Speak soon.

https://labs.watchtowr.com/a-32-year-old-bug-walks-into-a-telnet-server-gnu-inetutils-telnetd-cve-2026-32746

Catch Christopher Domas’ keynote from RE//verse 2026! fail: jmp fail (everything I got wrong in RE and security research) gets into the dead ends, bad ideas, and wasted hours behind real progress in RE and security work. Watch now: https://youtu.be/iOq8O_phwbA?si=65EWW3XT8BTww5px

RE: https://infosec.exchange/@pancake/116256662480219188

The 6.1.2 releases are out! 🥳

In case you didn't believe it, i tested it for you.
Yes, you can in fact brick an iPhone 3Gs baseband ._.