Honestly I think there's a disconnect between LLM proponents when it comes to code and the rest of us. They see code as a purely mechanical thing, and so ripe for automation. To them claims of artistry and craft are something to roll your eyes at, arrogance from senior engineers who think too highly of themselves

Meanwhile said senior engineers have the decades of experience to know how much of programming relies on artistry and craft, how much of it is fundamentally a creative endeavor

shot, chaser

@jt_rebelo @0xabad1dea Yes, the system works this way fortunately. But talk to Average Joe and ask him who paid for his tax refund.

New Project Zero issues disclosed affecting Samsung media codecs:

https://project-zero.issues.chromium.org/issues/395975495
https://project-zero.issues.chromium.org/issues/396226992
https://project-zero.issues.chromium.org/issues/388115013

CVE-2025-20963 CVE-2025-20964 CVE-2025-20944

@0xabad1dea Yet too many Europeans can't tell the difference between the government and the state...

New assessment for topic: CVE-2025-48734

Topic description: "Improper Access Control vulnerability in Apache Commons. ..."

"On May 28 2025, Apache posted an [advisory](https://www.openwall.com/lists/oss-security/2025/05/28/6) to the OSS Security mailing list warning that Apache Commons BeanUtils versions 1.x before 1.11.0 and 2.x before 2.0.0-M2 were vulnerable to insecure access to the Java Classloader via exposed enum properties, namely the `declaredClass` property ..."

Link: https://attackerkb.com/assessments/1d98f952-f6f1-475a-8646-74062d040247

CVE-2025-31200 Writeup from noahhw

https://blog.noahhw.dev/posts/cve-2025-31200/

#jailbreak #ios #apple #vulnerability

Nietzsche Discovers AI Art
http://existentialcomics.com/comic/605

#existentialcomics #aiart #ai #art #comic

"ChatGPT isn't its own, unique problem. It's a symptom of a totalizing cultural paradigm in which passive consumption and regurgitation of content becomes the status quo"

Many strong quotes in this one

#LLM

Teachers Are Not OK
https://www.404media.co/teachers-are-not-ok-ai-chatgpt/

We have finished going through the court docs and hearing transcripts from the WhatsApp v. NSO lawsuit.

Here's everything we learned, from how NSO's customers use Pegasus, to the spyware's cost.

https://techcrunch.com/2025/05/30/eight-things-we-learned-from-whatsapp-vs-nso-group-spyware-lawsuit/

#OT #Advisory VDE-2025-020
WAGO: Switches affected by year 2k38 problem

#CVE CVE-2025-1235

https://certvde.com/en/advisories/VDE-2025-020

#CSAF https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-020.json

@ciaranmak secrets.club never disappoints!

New blog post!

How I got a Root Shell on a Credit Card terminal

https://stefan-gloor.ch/yomani-hack

[RSS] Hypervisors for Memory Introspection and Reverse Engineering

https://secret.club/2025/06/02/hypervisors-for-memory-introspection-and-reverse-engineering.html

[oss-security] Roundcube webmail: Post-Auth RCE via PHP Object Deserialization reported by firs0v /by @hanno

https://www.openwall.com/lists/oss-security/2025/06/02/1

#NoCVE

@cR0w @Viss Are there any reports about itw exploitation? Asking for https://github.com/v-p-b/xss-reflections

I always learn something new from @tomasp . This time, it was the existence of this book.

Can you write a whole book about a program? About a *1-line program*?

Turns out you can, and it is totally worth reading:
https://10print.org/
I can't praise this enough.

Re: NetLock distrust, this ticket is a good starting point to figure out what exactly the compliance issues were:

https://bugzilla.mozilla.org/show_bug.cgi?id=1904041

It's not a nice read with comments like "was comment 20 AI generated?"...

This was the original version. While Adeptus Mechanicus clearly represents my general understanding of things, the Sister of Sororitas praying on a hill of skulls better captures my current mental state. #wh40k #IT #Windows

I have no idea why this works now and why it didn't work before...

Praise be the Omnissiah!