@Viss this should be pretty obvious but seeing some actual data is...wow

hey more fun ai / search engine privacy nonsense!

looks like chatgpt .. just.. sprays google with stuff from chats? because it thinks it needs to? so private chats get squirted into google and end up as weird searches?

https://arstechnica.com/tech-policy/2025/11/oddest-chatgpt-leaks-yet-cringey-chat-logs-found-in-google-analytics-tool/

Nicholas Weaver: The futile future of the gigawatt datacenter

The edge is where it’s at

Blog post:
https://pivot-to-ai.com/2025/11/07/the-futile-future-of-the-gigawatt-datacenter-by-nicholas-weaver/

Interview with Nick about the post:

https://www.youtube.com/watch?v=a5rLzNxRjEQ&list=UU9rJrMVgcXTfa8xuMnbhAEA - video
https://pivottoai.libsyn.com/20251107-nicholas-weaver-the-futile-future-of-the-gigawatt-datacenter - podcast

time: 26 min 53 sec

Anyone have some FortiShit to test something on?

https://x.com/DefusedCyber/status/1986544427121471513

⚠️Actor mass exploiting unknown Fortinet exploit (FortiWeb path traversal / API exploitation) from 107.152.41.19 🇺🇸 ( TZULO )

VirusTotal Detections 0/95 🟢

After the exploit, the actor attempted to login using the newly created username-credential pair 🔐

#RUMINT #threatIntel

[RSS] What's That Coming Over The Hill? (Monsta FTP Remote Code Execution CVE-2025-34299)

https://labs.watchtowr.com/whats-that-coming-over-the-hill-monsta-ftp-remote-code-execution-cve-2025-34299/

"The moment of discovery" does not always exist: the scientist's work is too tenuous, too divided, for the certainty of success to crackle out suddenly in the midst of his laborious toil like a stroke of lightening, dazzling him by its fire.

In: Eve Curie - Madame Curie - Chapter XII (p. 158)

~Marie Curie #BOTD in 1867.

#physics #radioactivity #womeninStem

Magika 1.0 is released, available in Rust, TypeScript and Python, and supporting more than 200 file types.

Public blog post:
https://opensource.googleblog.com/2025/11/announcing-magika-10-now-faster-smarter.html

Source: https://github.com/google/magika

From bit flip to RCE in Ollama! 🦙

Our latest blog post explains how a file parsing bug led to an interesting out-of-bounds write primitive. Learn how it could have been exploited in Ollama, a tool to run LLMs locally:

https://www.sonarsource.com/blog/ollama-remote-code-execution-securing-the-code-that-runs-llms/?utm_medium=social&utm_source=twitter&utm_campaign=research&utm_content=blog-ollama-vuln-251104-&utm_term=---&s_category=Organic&s_source=Social%20Media&s_origin=social

#security #vulnerability #llm #ai

Project: facebook/react https://github.com/facebook/react
File: packages/react-reconciler/src/ReactFiberCommitWork.js:1981 https://github.com/facebook/react/blob/c250b7d980864be49facf2306f06455e7f9e305d/packages/react-reconciler/src/ReactFiberCommitWork.js#L1981

function commitMutationEffectsOnFiber( finishedWork: Fiber, root: FiberRoot, lanes: Lanes, )

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?github=https%3A%2F%2Fgithub.com%2Ffacebook%2Freact%2Fblob%2Fc250b7d980864be49facf2306f06455e7f9e305d%2Fpackages%2Freact-reconciler%2Fsrc%2FReactFiberCommitWork.js%23L1981&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?github=https%3A%2F%2Fgithub.com%2Ffacebook%2Freact%2Fblob%2Fc250b7d980864be49facf2306f06455e7f9e305d%2Fpackages%2Freact-reconciler%2Fsrc%2FReactFiberCommitWork.js%23L1981&colors=light

OH: "You're in his DMs. I'm in his VMs. We're not the same."

2025 Component Abuse Challenge: Overdriven LEDs Outshine the Sun

https://hackaday.com/2025/11/06/2025-component-abuse-challenge-overdriven-leds-outshine-the-sun/

[RSS] How to write dnSpy extension

https://kant2002.github.io/en/dotnet/2025/10/02/dnspy-extension.html

@tmr232 See also Anthropics latest about putting an MCP in your MCP, aka. "innovation, bitches!": https://www.anthropic.com/engineering/code-execution-with-mcp

@tmr232 @joxean Infact I'm playing with it rn because tree-sitter query CLI doesn't seem to support structured output...

@joxean Oh OK, I'm still learning, but this usually accumulates in some tips&tricks so I'll keep that in mind!

@joxean https://www.youtube.com/watch?v=lKOYbzrTKvM

@joxean write about what exactly? :)

On the other hand ast-grep's pattern/rule syntax is **not** compatible with Semgrep's :(

I almost got brain aneurysm thinking that the query syntax of tree-sitter and ast-grep differ.

Fortunately that's not the case, but - contrary to Internet wisdom - query syntax is not compatible between languages (parsers).

Also, ast-grep's Playground is insanely useful:

https://ast-grep.github.io/playground.html