My first ever open source release: lib0xc, the C standard library you wish you had.

https://aka.ms/lib0xc

Listening to cybersecurity people freak out over Mythos is so tiring. Like, bro, your local water treatment plant runs Windows XP, your mobile provider's hardware is older than you are, and the protocol that routes internet traffic is secured by everyone just agreeing that hijacking it would be uncool.

Dear Mastodon friends, Telegram has started to publish their transparency data for Q1 2026. As usual, I am trying to crowdsource this information as it is only accessible per country for Telegram accounts registered with a number for that country. Here is what I have so far, if you have a Telegram account with a number not in that list, please take a screenshot of the @transparency answer and answer here or open an issue here https://github.com/Te-k/telegram-transparency/issues
Thanks and please retoot!

STOP. SENDING. SURVEYS. FROM. THIRD. PARTY. SERVICES.

It looks sus as ducks having something from randomsurvey.co.uk come through on behalf of YourCompany with every domain/link in the email having no obvious link to it. Rarely is there a single link to the company domain, with everything pointing to the that of the commissioned survey provider.

To me it sets off every damn alarm bell for a phishing attempt. Expecting customers to use it encourages unsafe practices.

She confided it all to her therapist: her marriage, financial stress and her self-esteem. Every word ended up in court. Proof News investigates how a database of 140 million message exchanges on a telehealth platform is being used to build an AI therapy companion – and what that means for patients.
https://www.proofnews.org/womans-talkspace-therapy-app-sessions-exposed-in-court/

🚨 BREAKING: Wiz Research discovered Remote Code Execution on GitHub.com with a single git push.

Wiz Researchers uncovered a critical flaw in GitHub that could be exploited for RCE. The flaw allowed unauthorized access to millions of repositories belonging to other users and organizations 🤯

We responsibly disclosed the issue to GitHub, who deployed a fix on GitHub.com the same day (!) and released patches for all supported GHES versions.

GitHub Enterprise Server customers are strongly encouraged to update immediately.

Huge kudos to GitHub for addressing the issue 👏

Full technical breakdown here → https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854

Conway's Game of Life, in real life: http://lcamtuf.coredump.cx/blog/conway

Some reading for the weekend:

Implementation details of Apple's lossy texture compression format.
https://www.ludicon.com/castano/blog/2026/04/metal-lossy-compression-format/

Enjoy!

It said: "The History of every major Galactic Civilization tends to pass through three distinct and recognizable phases, those of Survival, Inquiry and Sophistication, otherwise known as the How, Why and Where phases.
"For instance, the first phase is characterized by the question How can we eat? the second by the question Why do we eat? and the third by the question Where shall we have lunch?"

#HitchhikersGuide #DouglasAdams #quotes #quote #bot

New Blog post: "Multiple things can be true at the same time" - https://frederikbraun.de/feels-and-llms.html :: Dear reader, I am sure you have read a lot of blog posts about AI in the past weeks or months. And now I too am writing. Mostly to help me cope with what my kind of hacker people would call out as hypocrisy or cognitive dissonance.

Pwning PostgreSQL was quite fun, excited to share our research at OffensiveCon!

https://www.offensivecon.org/speakers/2026/paul-gerste-and-moritz-sanft.html