@jerry Congratulations! :)

In this video, I'm analyzing a really confusing dialog on macOS. Let's dig a bit deeper into what it should do and what it's actually doing. #reverseengineering

https://youtu.be/P7hYg2GpsTk

Recently I switched my music experience from SoundCloud to Bandcamp. I went through my playlists, albums and likes and bought matching tracks on Bandcamp.

At some point I want to delete my SoundCloud account. As they do not offer a data export feature (against GDPR) I created this project to make the export: https://codeberg.org/janikvonrotz/export-soundcloud-data

#SoundCloud #BandCamp #BandCampFriday #stopUsingSpotify #StopUsingSoundCloud #Data #datahoarder #archiving

@paco For random websites, sure, not my business.

But this is software clearly meant for an international audience.

(in the other thread I learned that the linked web page is not even the web page of the software, so linking it as the homepage was probably not a good idea)

@Framasoft

@camillem

Thanks for the explanation, truly appreciated!

I guess you can't do much about it now, but IMO French could've been excellent for finding a unique name (not necessarily with your weirdest spelling, but people learned to spell "kubernetes" too).

We agree that the homepage link is actively misleading, but it should be easy to remove (not a mandatory field) or replace e.g. with the link to the documentation.

@bert_hubert @virdev @sampaccoud

@Di4na These cute little guys from the README disagree with you (image file name: europe_opensource.png):

@vosje62 @buherator Here is a compendium of pain points. Additions welcome: https://berthub.eu/articles/posts/what-the-open-world-must-do-better/

On the ethical obligation to use LLMs for vulnerability research: https://addisoncrump.info/research/a-horrible-conclusion/

@Di4na Even if what you said was true, doing open-source implies that you are willing to collaborate with people all over the world, not to mention that afaik French users also use search engines. Hell, even our asshole far-right government makes almost all .gov.hu websites available in English.

@Di4na "Docs is the result of a joint effort led by the French 🇫🇷🥖 (DINUM) and German 🇩🇪🥨 governments (ZenDiS).

We are always looking for new public partners (we are currently onboarding the Netherlands 🇳🇱🧀), feel free to reach out if you are interested in using or contributing to Docs."

Interesting links of the week:

Strategy:

* https://x-c3ll.github.io/posts/Rant-Red-Team/ - @XC3LL talks red teaming trends
* https://arstechnica.com/security/2026/01/county-pays-600000-to-pentesters-it-arrested-for-assessing-courthouse-security/ - finally settled, the poor testers with a faulty get out of jail card

Threats:

* https://stratcomcoe.org/pdfjs/?file=/publications/download/Social-Media-Manipulation-FINAL-FILE.pdf?zoom=page-fit - STRATCOM talks influence operations
* https://github.com/blackorbird/APT_REPORT/blob/master/summary%2F2026%2F2025%20Global%20APT%20Threat%20Research%20Report.pdf - threat research report from Qihoo 360
* https://www.greynoise.io/blog/unmasking-cisas-hidden-kev-ransomware-updates - @greynoise discuss hidden signals in KEV
* https://www.rapid7.com/blog/post/tr-chrysalis-backdoor-dive-into-lotus-blossoms-toolkit/ - @rapid7's excellent analysis of notepad++
* https://community.plone.org/t/plone-security-advisory-20260116-attempted-code-insertions-into-github-pull-requests/22770/7 - another supply chain woopsie
* https://cert.pl/en/posts/2026/01/incident-report-energy-sector-2025/ - reporting on the .pl power problems
* https://zenodo.org/records/18444900 - content based risk analysis of Moltbook (not for the faint-hearted)

Detection:

* https://zeek.org/2026/01/how-to-use-ja4-network-fingerprints-in-zeek/ - @zeek discuss how to leverage JA4
* https://blog.jmhill.me/deploying-an-opencti-osint-stack-for-cybersecurity-research/ - @jmhill describes how to deploy OpenCTI
* https://www.huntress.com/blog/ldap-active-directory-detection-part-four - the latest of @huntress's excellent blogs on what an attack on LDAP can actually look like
* https://leanpub.com/suri_operator - @da_667's survivors guide to @suricata

Bugs:

* https://labs.watchtowr.com/someone-knows-bash-far-too-well-and-we-love-it-ivanti-epmm-pre-auth-rces-cve-2026-1281-cve-2026-1340/ - @index continue their streak of popping fun bugs in the wild
* https://zeroleaks.ai/reports/openclaw-analysis.pdf - nice technical write up on OpenClaw

Exploitation:

* https://scriptjunkie.us/2026/01/tracking-signal-identifiers/ - leaking Signal IDs from @sj
* https://splintersfury.github.io/mal_blog/post/netfilter_driver/ - reversing Netfilter
* https://alfiecg.uk/2024/09/24/Kernel-exploit.html - Alfie pops iOS
* https://secure.dev/securing_ggml_rpc.html - attack and defend on GGML

Hard hacks:

* https://hexkyz.blogspot.com/2021/11/je-ne-sais-quoi-falcons-over-horizon.html - an oldie on popping NVIDIA's Falcon

Hardening:

* https://itsfoss.com/news/amutable-linux-security/ - @pid_eins triggers systemctl restart
* https://fosdem.org/2026/schedule/event/EW8M3R-island/ - how to get land locked

#security, #research

Coincidentally, keyboard suddenly stopped working in LibreOffice, so I'm sorry but I'm off to GDocs!

It's great to see #EU open tech initiatives popping up, but somehow it feels like we are just **terrible** at making ourselves visible, esp. compared to US.

Like how is anyone supposed find this (otherwise great) project - named "docs" - using a search engine?

https://github.com/suitenumerique/docs/

Even assuming I find this project, how do I search for anything related to it (e.g. install guide)?

Why is the homepage in French by default, without a clearly visible language switcher (also looking at you, @Framasoft )?

Friendly reminder that Binary Ninja aarch64 disassembler is freaking awesome! I need to finish my soft fork of it but I love this one, and it's so fast :-]

https://github.com/Vector35/binaryninja-api/tree/dev/arch/arm64/disassembler

i do not value your privacy, which is why my website does not have any trackers on it what so ever. i have positively no idea if any human being besides myself has ever actually opened my website. your privacy is worth zero dollars to me. you couldn't even pay me to take it away.

RE: https://infosec.exchange/@BleepingComputer/116024815101538859

Such a great example of how one vulnerability can lead to discovering a ton more based almost purely on visibility. I found this 2 days after the first SmarterMail vuln. Three other researchers had identified the bug and reported it, and we only discovered the research collision when they asked us to reserve a CVE.

Under analyzed software vulnerability clustering is really interesting.

@DGutie @xabd Thanks, that's exactly why I don't really see the use-case for this. Even considering the 1-click deployment options - if you know those services, you can write 20 lines of HTML (that will not even look like everyone else's linktree).

[RSS] Pickling the Mailbox: A Deep Dive into CVE-2025-20393

https://starlabs.sg/blog/2026/01-pickling-the-mailbox-a-deep-dive-into-cve-2025-20393/

Update: Lacking any evidence that Signal considers sender consistency a security sensitive property - and given the limited impact I decided to just report this as a UI bug.

tl;dr you can trivially make signal polls that only members using Signal Desktop group can see/interact with/react to.

This allows you to basically hide messages from certain other members. Not great in principle, not very useful in practice. Might have it's uses when combined with other vectors.

https://github.com/signalapp/Signal-Android/issues/14583

I could go into history here, but suffice it to say: if someone tries to explain Class A, Class B, or Class C addresses to you, plug your ears and scream at them not to contaminate your brain with information obsoleted more than two decades ago.