[RSS] Recursively fuzzing MS-RPC structures and monitoring using ETW

https://incendium.rocks/posts/Fuzzing-MS-RPC-structures-and-monitoring/

[RSS] [WIP] Resolve indirect calls in Binary Ninja with DynamoRIO instrumentation

https://github.com/klemmm/indyresolve

@freddy Look at the bright side: you don't have to carry your bags across the city!

@hajovonta If only I could install updates! But since time is desynchronized...

It's 2026 and Windows still can't synchronize time

Hister has joined the #fediverse

Hister is a general purpose web search engine providing automatic full-text indexing for visited websites.

Follow to be up-to-date with development news, releases and related articles.

#search #selfhosted #freesoftware

New vulnerability report from Talos:

Norton Secure VPN Installation Insecure Operation On Junction Privilege Escalation Vulnerability

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2276

CVE-2025-58074

"Marketing agencies are pitching influencers deals such as $5,000 per TikTok video to amplify Build American AI’s messaging about how China’s technological rise should be seen as a threat"

https://www.wired.com/story/super-pac-backed-by-openai-and-palantir-is-paying-tiktok-influencers-to-fear-monger-about-china/

[RSS] Lateral Movement via Cross-Session Activation

https://ipurple.team/2026/05/04/cross-session-activation/

-DigiCert hacked with a malicious screensaver file
-Ransomware negotiators get four years in prison
-Trellix discloses security breach
-Another Russian hacker arrested vacationing in the wrong place
-Secessionist party leaks Albertans personal data
-Fakestortion campaign hits cPanel sites
-Rockstar stock went up after the hack (leaked financials were spectacular)
-Hacker leak exposes Hungarian-Kremlin propaganda coordination

Podcast: https://risky.biz/RBNEWS559/
Newsletter: https://news.risky.biz/risky-bulletin-digicert-hacked-with-a-malicious-screensaver-file/

#copyfail also affects #wsl. #linux #windows #infosec

I saw that there’s now a mobile version of Roller Coaster Tycoon (Roller Coaster Tycoon Touch) and I thought it might be fun (one of the Netflix bundled mobile games). A couple of hours of casual play in, it was clear that the game was carefully designed to make it progressively harder and harder to make progress without in-app purchases.

@EUCommission , if you want to actually make things safer online, how about making that kind of predatory practice illegal? Children are particularly vulnerable, but so are a lot of adults. No need for age verification, just an outright ban.

So sad to see a such a respected game series used for this kind of whale farming.

[RSS] Punk, or why I don't stream anymore

https://geohot.github.io//blog/jekyll/update/2026/05/03/punk-or-why-i-dont-stream.html

"What killed the hacker culture I grew up in was spectacle."

[RSS] A Shortcut to Coercion: Incomplete Patch of APT28's Zero-Day Leads to CVE-2026-32202

https://www.akamai.com/blog/security-research/2026/apr/incomplete-patch-apt28s-zero-day-cve-2026-32202

[RSS] Three Bugs Walk Into a PDF: Prototype Pollution, Served Cold

https://starlabs.sg/blog/2026/04-three-bugs-walk-into-a-pdf-prototype-pollution-served-cold/

CVE-2026-34621, CVE-2026-34622, CVE-2026-34626

[RSS] Carrot disclosure: Forgejo

https://dustri.org/b/carrot-disclosure-forgejo.html

[RSS] A Route to Root in a 4G Industrial Router

https://tantosec.com/blog/2026/04/route-to-root-in-4g-industrial-router/

[RSS] Discovering Vulnerabilities in Enterprise Audiovisual Hardware

https://spaceraccoon.dev/discovering-vulnerabilities-enterprise-audiovisual-hardware/

[RSS] libghidra - SDK for automating Ghidra from Python, Rust, and C++

https://github.com/0xeb/libghidra

#Ghidra

[RSS] TAPOcalypse Now: Exploiting TP-Link Smart Devices From Anywhere

https://labs.taszk.io/articles/post/tapocalypse/