@sassdawe

@sassdawe I think the progress bar can't really handle this fulfillment ratio lol

@sassdawe @catsalad Recommended movie: Enemy of the State, esp. the meeting after Shaffer finds out that NSA equipment was used without authorization :)

https://en.wikipedia.org/wiki/Enemy_of_the_State_(film)

@sassdawe Btw the video has >1.5M views (not that many people, but a ballpark). This sum is from 25k atm so there's probably much more in the "reserves". I wouldn't be surprised if this one fundraiser would account for 1% of the overall raised *by the whole platform* (that'd require ~4M).

@sassdawe I'm imagining the utter confusion of some people seeing those numbers and I'm pretty happy actually :)

@buherator much wow, but from the good kind this time 🥹

https://4fund.com/62pmv8

Cry and sob hysterically at every occasion, especially when confronted by government clerks.

[RSS] TP-Link, Canva, HikVision vulnerabilities

https://blog.talosintelligence.com/tp-link-canva-hikvision-vulnerabilities/

"Insanity is doing the same thing over and over again and expecting different results"

Einstein obviously didn't have to work with LLMs

A hefty root cause analysis of #Cisco Secure Firewall Management Center (FMC) RCE CVE-2026-20079 out now from our exploit dev team. The bug's a CVSS 10, but there are significant prerequisites for exploitation that limit real-world exploitability https://www.vulncheck.com/blog/cisco-fmc-auth-bypass-cve-2026-20079

@WPalant MCPs are the least intrusive way for LLM integration IMO, so I wouldn't see too much into that but you do you!

How about managed services? Like deploying a Gitea AMI on EC2:

https://aws.amazon.com/marketplace/pp/prodview-lhdotldtcz2ke

@WPalant Gitea/Forgejo have cloud offerings IIRC, they are pretty solid too for regular repo stuff.

AI, a few thoughts, observations about AI & security vulns.
My standard line about AI is "there's a lot I'm uncertain about". But let's be clear, there's a lot I don't like & I'm probably biased towards the "here's how spectacularly AI failed once again" news (of which there are plenty) or at least the "it's not as impressive as it may look".
Yet, I don't want to close my eyes if I see things that clearly don't fit my biases. And I know a thing or two about security vulnerabilities.🧵

@supersingular Opened an issue :)

https://github.com/jinjucat/jinjucat.github.io/issues/1

Took me a while to discover the automatic tab arrangement/containerization feature of Sidebery - best thing since silced bread!

https://addons.mozilla.org/en-US/firefox/addon/sidebery/

Right click on tab -> Configure site

[RSS] io_uring from Userland

https://jinjucat.github.io/io_uring-from-Userland/

US or EU, Remote - Wiz - Threat Intelligence Researcher (Cloud)

Wiz has been doing some great work around TeamPCP lately, among other things.

According to LinkedIn ( https://www.linkedin.com/posts/benjamin-read-41817121_im-continuing-to-build-the-threat-intel-share-7442969734645608448-Gu-n?utm_source=share&utm_medium=member_desktop&rcm=ACoAABIZhqYBjXCQuV7JX7N_3xlpxZY6alHZ77o ) it's posted for US but open to EU. They're looking for two roles, one Cyber Crime and one Cyber Espionage.

(I am not affiliated with Wiz or at all involved in this hiring process.)

https://www.wiz.io/careers/job/4658917006/threat-intelligence-researcher-cloud

you know

multiple people now have said that the thing they like about LLMs is that they don't have to deal with feeling embarrassed or humiliated by bringing questions to others that the others will judge them for.

which like

y'all.

this is a classic "solving a people problem with tech and having horrible side effects as a result" situation

and perhaps y'all ought to be less fucking toxic and judgemental to your coworkers.

fuck.