Posts
2766
Following
681
Followers
1504
"I'm interested in all kinds of astronomy."
@david_chisnall @j Wait people refuse to use services if they don't have *stickers*??
1
0
0
repeated

When Updates Backfire: RCE in Windows Update Health Tools https://research.eye.security/rce-windows-update-health-tools/

0
2
0
[RSS] Remotely crashing the Spooler service

https://incendium.rocks/posts/Remotely-crashing-spooler/
0
1
1
repeated
repeated

Breaking Oracle’s Identity Manager: Pre-Auth RCE (CVE-2025-61757) https://slcyber.io/research-center/breaking-oracles-identity-manager-pre-auth-rce/

0
4
0
repeated

In case you had missed it - I had. VirtualBox now supports Windows on Arm.

https://blogs.oracle.com/virtualization/oracle-virtualbox-72

Not a bad alternative to the departed Windows Services for Android.

0
3
0
repeated
repeated
New assessment for topic: CVE-2025-58034

Topic description: "An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.5, FortiWeb 7.4.0 through 7.4.10, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an authenticated attacker to execute unauthorized code on the underlying system via crafted HTTP requests or CLI commands. ..."

"Based on writing the [Rapid7 Analysis](https://attackerkb.com/topics/zClpINmLCh/cve-2025-58034/rapid7-analysis), I have rated the exploitability as `Very High`, as exploitation is trivial and reliable ..."

Link: https://attackerkb.com/assessments/c67a510c-5ac5-43a7-affd-7b7655c4b62f
0
1
1
@rebane2001 that booster thing is plain witchcraft.
0
0
0
repeated
repeated
repeated

Postmortem of the Xubuntu.org download site compromise

https://lwn.net/Articles/1047056/

0
3
0
repeated

Sent from San Francisco, California, U.S.A. on December 20, 1995. https://postcardware.net/?id=12-38

0
1
0
repeated
repeated
Edited 16 hours ago

Cloudflare published a very good article explaining how yesterday's outage happened.

https://blog.cloudflare.com/18-november-2025-outage/

I encourage everyone to read it.

I also think people are focusing on that particular unwrap() too much, and not enough on a bigger picture: lack of fallbacks

Without fallbacks at the interfaces between different subsystems, there's nothing to stop an error in one place from cascading throughout the whole infra

Config parsing is not the only place where such fallback was missing

2
3
0
repeated

First fake ticket spotted in the wild. If you see any offers on platforms like Kleinanzeigen or eBay showing a ticket it is a scam - tickets are not issued and no one knows how they will look like. Flag those offers please.

4
15
1
Edited 18 hours ago
Another humble #UX request:

I know dates look ugly, but "last month" is a pretty wide timeframe and when my brain sees "3 weeks ago" it will recall yesterdays dinner and the 1994 World Cup finals with equal probability.

Please display exact dates on frontends!
1
3
3
TIL cURL only supports the lowercase http_proxy environment variable:

https://curl.se/mail/archive-2001-12/0034.html
0
0
0
[RSS] HEX ADVENT 2025: Crack the Advent, Conquer the Threat

https://starlabs.sg/blog/2025/11-hex-advent-2025/
0
0
0
Show older