GNU Emacs 30.1 released with 2 CVE fixes https://www.openwall.com/lists/oss-security/2025/02/26/2
Fix shell injection vulnerability in man.el (CVE-2025-1244). We urge all users to upgrade immediately.
New user option 'trusted-content' to allow potentially dangerous features. This fixes CVE-2024-53920.

@VoltPaperScissors @marove @VVoidCamp We're going to have so much fun with this (and not just with kids)! Thank you!

My new DIY video is online! RGB Mushrooms that change color! 🍄💡🌒

Check it out: https://youtu.be/5Ar3oKDBxPA

@marove @VVoidCamp wär das nicht was fürs VVoidCamp?

#papercircuit #papercraft #electronics #diy #stem #mint

The SEC has ruled that meme coins aren’t securities since they “typically have limited or no use or functionality” and are “more akin to collectibles.”

These means getting rug pulled on a memecoin isn’t securities fraud. It’s more like overpaying for Beanie Babies.

https://www.cnbc.com/2025/02/27/sec-says-most-meme-coins-are-not-securities.html

@Aurimas @tychotithonus At least you don't have to deal with this in case of CrowdStrike :)

@tychotithonus I think this dilemma is equivalent to the USGOV vs. Kaspersky case. After some point you have to trust your supply chain. If that's not reasonable, you cut ties.

(I know this is not an answer, but my gut tells me this isn't really a technical problem to solve)

@bascule Or at least buy a CO detector! I also lost a friend to that shit...

Gene Hackman’s Family Reveals What They Believe Caused His Death: Carbon Monoxide

Yet another reason to get rid of all the gas appliances in your home if you can: they’re dangerous!

https://www.thedailybeast.com/gene-hackmans-family-daughter-elizabeth-hackman-reveals-what-they-believe-caused-his-death/

@cR0w Also considering the recent activity around the Linux kernel...

I'm tired enough to read "CVE Nürnberg Authority" and think that vulnerability management took a quite radical turn

SEC Consult SA-20250226-0 :: Multiple vulnerabilities in Siemens A8000 CP-8050 & CP-8031 PLC

https://seclists.org/fulldisclosure/2025/Feb/19

- Firmware Downgrade (CVE-2024-39601)
- Firmware Update Decryption via Secure Element Oracle (CVE-2024-53832)

If a government can issue a secret order to push a 'special' version of a mobile app just to a specific person (or set of people), how can this be mitigated?

• How can app "rarity" be detected locally? (Antivirus and its descendants have a concept of a "well-known benign executable" vs one that has only been rarely seen.

• Can a local app, or an OS feature, be used to compare local apps with a list of expected versions?

• Can this be done independently of the OS (since the order could also subvert the rarity check)? (Even an independent app can be subverted if the only app store is the official one maintained by the same vendor.)

• To detect unusual app versions, reproducible builds are necessary but not sufficient, unless the project is also FOSS -- because even if everyone gets the same APK, the app might receive different instructions from its server depending on unique metadata.

Today in "#systemd ruins everything", Jan learns that systemd-resolve...

- runs a proxy DNS server on 127.0.0.53 (which is in /etc/resolv.conf)
- uses it's own /run/systemd/resolve/resolv.conf
- will read and cache /etc/hosts regardless of what /etc/nsswitch.conf says (`ReadEtcHosts` defaults to `yes` in /etc/systemd/resolved.conf)

Applications that follow traditional libc resolver logic now will continue to get /etc/hosts results even if /etc/nsswitch.conf excludes 'files'.

🤦‍♂️

[RSS] Taking the relaying capabilities of multicast poisoning to the next level: tricking Windows SMB clients into falling back to WebDav

https://www.synacktiv.com/en/publications/taking-the-relaying-capabilities-of-multicast-poisoning-to-the-next-level-tricking

[RSS] A Deep Dive into JS Trusted Types Violations

https://bughunters.google.com/blog/5850786553528320/a-deep-dive-into-js-trusted-types-violations

Hyperlight is a library for creating micro virtual machines — or sandboxes — specifically optimized for securely running untrusted code with minimal impact.

https://github.com/hyperlight-dev/hyperlight

It supports both Windows and Linux, utilizing Windows Hypervisor Platform on Windows, and either Microsoft Hypervisor (mshv) or KVM on Linux.

#hypervisor #virtualization

“HKEY_CURRENT_USER. You will never find a more wretched hive of scum and villainy.”

@joxean As I see there are several ...Demangler classes under the Features directory along with wrapper scripts too that demonstrate their use. If you need help translating this Java->Python lmk!

Anybody knows how to demangle a string, not a symbol, in #Ghidra using Python?

@joxean This seems useful: https://hwreblog.com/9.1/api/ghidra/app/util/demangler/DemanglerUtil.html#demangle(java.lang.String) ?