Posts
4247
Following
736
Followers
1631
"I'm interested in all kinds of astronomy."
repeated

TrendAI Zero Day Initiative

It's landed. The bug apocalypse is upon us as releases patches for 620+ CVEs to go along with 's 88. @TheDustinChilds has done his best to make sense of it all. Read his analysis at https://www.zerodayinitiative.com/blog/2026/7/14/the-july-2026-security-update-review

0
2
0
I read that a passenger was almost sucked out of a #Ryanair flight after a window broke. What will be the next move of the airline?
66% Charge the sucked out passenger for the extra space
33% Charge all other passengers because they could remain in their seats during the whole flight
1
0
1
repeated

@cR0w when I need to do substitutions or otherwise want to push bash to its limits, my first reference was always the Bash Hacker's Wiki, which is now defunct but I'm thankful for flokoe for being back the content: https://flokoe.github.io/bash-hackers-wiki/

1
6
0
repeated

Lorenzo Franceschi-Bicchierai

NEW: The Iranian government abused well-known flaws in the global telecoms infrastructure — specifically SS7 — to locate U.S. military personnel in the Middle East at the beginning of the war.

https://techcrunch.com/2026/07/14/iran-abused-mobile-networks-vulnerabilities-to-locate-u-s-military-in-the-middle-east-report-says/

1
6
0
@h0ng10 @Rapid7Official @attackerkb One nice thing about similar initiatives is that people can use them differently. Some moderation work would've been required for sure, but I don't see that as a major, shutdown triggering problem.
0
0
2
@h0ng10 I maintain @attackerkb and I don't see an alarming level of spam. I see this more as one of the last community-driven knowledge-bases turning into a service/product.

@Rapid7Official
1
1
1
repeated

So, @Rapid7Official is shutting down AttackerKB (https://attackerkb.com/) soon.

I view this as a case where an initially promising idea became overwhelmed by low‑quality reports from contributors.

Anyway, archive any data you wish to retain.

1
2
0
repeated
repeated

CVE-2026-42980: Reversing and Exploiting the Windows Kernel WMI Underflow https://blog.grunt.ar/bin-exploitation/binary-gecko-academy/cve-2026-42980-wmi-underflow-en/

0
4
0
repeated

So @chompie1337 and I are on a mission to find creative artists who want to help design the cover for Phrack #73.

retro sci-fi & chrome futures
▸ cyberpunk / terminal aesthetics
▸ dystopian systems
▸ hacker manuals from an alternate timeline
▸ weird cool stuff and machines

Keen? Fancy helping?

📮 arts@phrack.org
⏰ Deadline: August 15

1
8
0
repeated

Show HN: Sx 2.0 – Share AI skills with your team through a Dropbox folder

Wait a moment. Aren't "AI" "skills" just markdown files in a skills directory? So to share them through Dropbox, you'd... drop them in your dropbox folder? And doing so needs a tool? What happened to cp? Or selecting files with your mouse, right click, copy, and paste it somewhere? Or I dunno, any of the myriad ways you can get files from one place to another on the same computer?

Oh, right, yes. We do not touch computers anymore. We let our agents do that! Right, right, sorry. I got left behind y'know, still have this mushy thing in my skull, so sorry. I'll try to use it less  to keep up with "progress".

#algernonReviewsHackerNews

3
1
0
On the bright side now I *think* I figured out why the documented process fails, and now that I understand the problem better I know how to solve it correctly.

Now I'm entering the "How Could This Ever Work?!" phase.

#fail
0
0
3
This is pretty cool: AI conference prompt injects chatbots to watermark their output in order to catch reviewers who use LLM for peer review:

https://pivot-to-ai.com/2026/07/10/neurips-conference-ai-cheats-outraged-they-got-caught/

/via @pivot-to-ai.com
0
6
0
repeated

First batch of 44CON 2026 tickets are available now.

These are the lowest-priced tickets we'll offer.

Prices go up with each batch, so if you want in early, now is the time...

Get yours: https://44con.com/product/44con-2026-ticket/

0
3
0
repeated

A little bit on machine-id from a friend:

https://ransomware.sh/posts/machine-id/

,

3
3
0
In case you haven't figured it out already: meming is my coping mechanism
4
17
46
repeated

today on MALtv 😢

0
4
0
repeated

Default deny

I'll open by saying that I'm not anti-AI. I think it can be a net positive. Take my own profession, information security: the world is worse off because most code out there hasn't been looked at by a security engineer. LLMs can automate finding security bugs, so we can get better software for less.

But then, I have to square this with the fact that one of the first casualties of AI were “bug bounty” programs that paid people to report security flaws. LLMs could produce plausibly-sounding reports long before they could find real bugs. Unscrupulous “researchers” figured out they could extract money from the 5-10% of vendors who were not paying attention by slop-bombing us all and wasting everyone’s time.

When it comes to social media, there’s a similar dynamic at play. Human writing, good or bad, was inherently rate-limited; LLM output is not. If someone spent hours or days writing an article, it clearly mattered to them and I could spare minutes of my time to read and engage. For LLM output, this no longer holds. There’s an infinite supply of content entirely disconnected from the human condition that still demands your attention and time.

In contrast to infosec, social media engagement isn’t utilitarian: you gain nothing if you read 1,000 machine-generated opinion pieces a day. Promoters say that it shouldn’t matter who or what is doing the writing — you should only ask if the output is good. To me, quality is secondary. I come here to talk to humans, not to yell into the probabilistic token-void.

Yes, there are rare exceptions, there are people who use LLMs as an assistive technology, and so on. But in 99% of the cases, if you couldn’t be bothered to write it, I won’t bother to read it. Default deny.

7
9
0
repeated

Micropatches released for Desktop Window Manager Elevation of Privilege Vulnerability (CVE-2026-20871)
https://0patch.com/blog/micropatches-released-for-desktop-window-manager-elevation-of-privilege-vulnerabi

1
4
0
Show older