A major flaw in modern #StarWars: bar tenders would never be replaced by droids at troublesome space ports

Obscure Element: Reverse engineering Xiaomi's MJA1 secure chip.

Mengsi Wu's journey starts here:

https://blog.quarkslab.com/black-box-probing-a-security-analysis-of-xiaomis-mja1-secure-chip.html

The fact that we're willing to rely on LLMs to generate code knowing that it only mostly works because that code has been generated before thousands of times is not an indication that stochastic models are good, it's a massive, punishing indictment of computing as a field.

Using an insanely huge expensive model to quasi-reproduce work that's been created thousands of times already isn't productive or efficient. It's a symptom of profound failures of language, practice, process and imagination.

Today Oura announced the Ring 5, a nearly $500 wearable which locks you into a monthly subscription fee to even really use the data generated about your own health. Or, you could use Cracked Oura, which someone made to bypass the need for a monthly sub https://www.404media.co/cracked-oura-can-you-use-oura-without-monthly-subscription/

Google has tracked TeamPCP to one individual in South Africa

PAN believes the main TeamPCP hacker uses the name ResoluteXBF in some underground communities

https://cyberscoop.com/teampcp-breaks-open-source-software-trust-model/

Talos' latest blog demonstrates how exposing internal object models allows you to turn static analysis tools into queryable data servers, empowering AI agents to automate complex reverse-engineering tasks locally and securely: https://blog.talosintelligence.com/scripting-the-disassembler

This #Moscow tank cover has a huge memic potential - this one was published by “Wagner Group” (!) channel “Alex Parker returns” who had been mercilessly ridiculing Putin for months now.

EU folks: What are the tax etc. implications if I, as a non EU resident/citizen with no existing business connection to the EU, want to offer a paid training at a conference in Europe? Do I have to collect VAT or sales tax or something along those lines? Or if I'm not a European citizen/business or collecting less than X million EUR in the tax year am I tax-exempt?

Is this such a paperwork nightmare I shouldn't even attempt it unless an existing EU entity wants to handle all of this and just contract with me for my time?

Fuck AI?

Katie Moussouris absolutely nails it from start to end on the stupidity of the white house’s export control own-goal. It’s a short read so give it a click

Choice quote:

> The same holds for every capable AI model, including the foreign and open-weight systems the United States cannot reach with export controls, many of which will match Fable and Mythos capabilities within months

💯 and it’s already happening. There is existing research yielding similar results to those claimed by Mythos, but with open models

https://www.lutasecurity.com/post/the-fable-5-export-controls-harm-us-cyber-defense

@derpostillon cc @joern !

I'll do my part!

RE: https://mastodon.social/@simple_sabotage/116770427737800461

AFL++ 5.01c release! Bug fixes, faster persistent fuzzing, better MOpt mutator, new qemu binary-only alternative, etc. https://github.com/AFLplusplus/AFLplusplus/releases #afl #fuzzing

[RSS] Too Much Crypto explained

https://bfswa.substack.com/p/too-much-crypto-explained

[RSS] Zombie COTables: Resurrecting Freed Memory to Escape VirtualBox

https://blog.exodusintel.com/2026/06/15/zombie-cotables-resurrecting-freed-memory-to-escape-virtualbox/

@jonny @yadt Maybe I'm overly generous here, but Vendor Lock-In?

Thx for the thread btw, still epic.

I hear a lot of ppl rightfully complain about the looks of #Ghidra.

I recently started using themes (which are just text files with color codes, as it should be) and even though I'm not at all picky about these things OMG it's so much better now!

Great news: in the 5 years 2020-2024, know how many 20-24 year olds died of cervical cancer in England?

ZERO.

That's the first cohort of folks that age who were offered the HPV vaccine when they were 12 or 13.

Before the vaccine was used, on average about 20 people in that age range died of cervical cancer in a 5 year span.

We're looking forward to more dramatic results as that group enters their 30s & 40s.

https://www.bbc.com/news/articles/c621z28z138o

#HPV #Gardasil #vaccines

Politicians are freaking out about Mythos access, but it's not such a big deal.

Europe is leading the way with AISLE, a startup based out of Europe, using widely available and open-source-derived models, and can even run it air-gapped if needed. The defensive capability the whole world is suddenly afraid of losing was, fortunately, never locked inside Mythos in the first place.

https://aisle.com/blog/mythos-at-home-and-its-called-aisle

I think the secret reason that so much open source software is designed for CLI use is NOT just that we really like the console, but the deeper and much more true reason is that writing a GUI is a pain