@jwildeboer it's important to understand that this post will be read by exactly 0 fidesz voters. If I show it to one we'll both become enemies of the state in their eyes.

Its only funny, because its true.

https://www.theexploit.co/articles/cybersecuritys-hottest-new-go-to-market-strategy-refusing-to-launch

This is the funniest thing that happened in tech in a long time
https://bird.makeup/users/osrdrivers/statuses/2042286973461709183

"If you're doing nothing wrong, what is there to fear ?
- I'm fearing your definition of wrong. "

#StarWars #Andor #Senate #OperationLikeTheWind #Meme ...

@kim_harding

Firefox-maker Mozilla … arguing the rollback shows the company pushed AI too far without enough regard for user choice.

So little self awareness.

Wrote about the attacker-defender asymmetry and why AI made it worse -- "AI for defense" is stuck polishing the top five turtles while adversaries live in the bottom ten. https://cje.io/2026/04/08/offense-scales-with-compute-defense-scales-with-committees/

@da_667 I ran a couple of tests and I'm disappointed: afaict you can export some specific plain stream types, but not a full PCAP. With -w the same encrypted stream is written out.

Sorry for the misdirection!

🚀 We just sent a team of humans to the moon and safely home.

Not one bit of generative AI was used or needed.

You don't need it in your office or organization, either.

We can do great things without pillaging public resources and funds for a scam.

#AI #ArtificialIntelligence #NASA #Artemis #moon #genAI #generativeAI #slop

@da_667 Now you nerdsniped me to do this with tshark (well, maybe tomorrow), I'd be utterly disappointed if this couldn't be done with a pcap output format:

https://tshark.dev/export/export_tls/

@da_667 umm, wireshark?

A sign of the times.

There is at least one Adobe Reader 0day being exploited in the wild:
https://justhaifei1.blogspot.com/2026/04/expmon-detected-sophisticated-zero-day-adobe-reader.html

TL;DR: One 0day is being used to simply communicate details to a C2 server to get further commands. Specifically, there is a vulnerability that allows reading arbitrary local files using Reader JavaScript. In this case, ntdll.dll and friends, so that the C2 knows specifically what version of Windows the victim is running.

Nobody knows what secondary payload the C2 is delivering to selected targets. But it's a direct pipeline to allow the C2 to run arbitrary JavaScript on the victim system.

So I'll bet dollars to donuts that there is a second more powerful vulnerability that the attackers have up their sleeves. Or at the very least, the same vulnerability that allows the privileged file read might be able to be leveraged to do something nasty. And the whole AES-encrypted C2 stuff is merely to not put the payload statically in the exploit PDF, allowing a dynamic payload for any given target.

Edit: This is now fixed as CVE-2026-34621.

Artemis II mission planning:

"We strap you on a rocket, launch around the Moon based on some absurdly complicated mathematical formulas, then guide you back down the atmosphere at insane speeds, trying hard not to burn you alive.

Finally, we have to make sure you don't splash down at these particular areas of our planet, or some angry Earthlican may just shoot you."

Humanity is weird.

@kaoudis Wow, beautiful! After filtered Anthropic-related results from my search I still thought the images were LLM generated...

cpuid has been compromised, most downloads are serving a rat+infostealer as we speak, make sure you didn't get hit

We publish a major Citizen Lab report on Webloc, an ad-based mass surveillance system that monitors the movements and personal characteristics of hundreds of millions people globally based on data obtained from mobile apps and digital advertising.

Customers include ICE, El Salvador and Hungary.

Our research shows that ad-based surveillance is now used by military, intelligence and law enforcement agencies down to local police in several countries.

Full report here:
https://citizenlab.ca/research/analysis-of-penlinks-ad-based-geolocation-surveillance-tech/

This comic needed an update

@timb_machine What kind of information do you hope to extract from this? KEV data is incomplete, CVE data is extremely noisy and incomplete.

@ilmari quite notably different!