How to build a high-performance network fuzzer with LibAFL and libdesock https://lolcads.github.io/posts/2025/05/high_performance_network_fuzzing/

@G33KatWork Military drones apparently: https://www.twz.com/news-features/inside-ukraines-fiber-optic-drone-war

Stats: I collected ~2600 bookmarks during ~30 months, archiving all of them takes about 2 GB of disk space (with #Readeck)

Multiple vulnerabilities in Parallels Desktop for Mac disclosed by Talos:

https://talosintelligence.com/vulnerability_reports/TALOS-2024-2123
https://talosintelligence.com/vulnerability_reports/TALOS-2024-2124
https://talosintelligence.com/vulnerability_reports/TALOS-2024-2126

CVE-2024-52561 CVE-2024-54189 CVE-2024-36486

If you wanna automatically produce shit code and spend your time babysitting the lying machine then that's a you problem. I'm sure you'll make a consultant who bills out at $150/hour very happy some day. But your character flaws have nothing to do with me so keep that shit to yourself

Honestly I think there's a disconnect between LLM proponents when it comes to code and the rest of us. They see code as a purely mechanical thing, and so ripe for automation. To them claims of artistry and craft are something to roll your eyes at, arrogance from senior engineers who think too highly of themselves

Meanwhile said senior engineers have the decades of experience to know how much of programming relies on artistry and craft, how much of it is fundamentally a creative endeavor

shot, chaser

@jt_rebelo @0xabad1dea Yes, the system works this way fortunately. But talk to Average Joe and ask him who paid for his tax refund.

New Project Zero issues disclosed affecting Samsung media codecs:

https://project-zero.issues.chromium.org/issues/395975495
https://project-zero.issues.chromium.org/issues/396226992
https://project-zero.issues.chromium.org/issues/388115013

CVE-2025-20963 CVE-2025-20964 CVE-2025-20944

@0xabad1dea Yet too many Europeans can't tell the difference between the government and the state...

New assessment for topic: CVE-2025-48734

Topic description: "Improper Access Control vulnerability in Apache Commons. ..."

"On May 28 2025, Apache posted an [advisory](https://www.openwall.com/lists/oss-security/2025/05/28/6) to the OSS Security mailing list warning that Apache Commons BeanUtils versions 1.x before 1.11.0 and 2.x before 2.0.0-M2 were vulnerable to insecure access to the Java Classloader via exposed enum properties, namely the `declaredClass` property ..."

Link: https://attackerkb.com/assessments/1d98f952-f6f1-475a-8646-74062d040247

CVE-2025-31200 Writeup from noahhw

https://blog.noahhw.dev/posts/cve-2025-31200/

#jailbreak #ios #apple #vulnerability

Nietzsche Discovers AI Art
http://existentialcomics.com/comic/605

#existentialcomics #aiart #ai #art #comic

"ChatGPT isn't its own, unique problem. It's a symptom of a totalizing cultural paradigm in which passive consumption and regurgitation of content becomes the status quo"

Many strong quotes in this one

#LLM

Teachers Are Not OK
https://www.404media.co/teachers-are-not-ok-ai-chatgpt/

We have finished going through the court docs and hearing transcripts from the WhatsApp v. NSO lawsuit.

Here's everything we learned, from how NSO's customers use Pegasus, to the spyware's cost.

https://techcrunch.com/2025/05/30/eight-things-we-learned-from-whatsapp-vs-nso-group-spyware-lawsuit/

#OT #Advisory VDE-2025-020
WAGO: Switches affected by year 2k38 problem

#CVE CVE-2025-1235

https://certvde.com/en/advisories/VDE-2025-020

#CSAF https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-020.json

@ciaranmak secrets.club never disappoints!

New blog post!

How I got a Root Shell on a Credit Card terminal

https://stefan-gloor.ch/yomani-hack

[RSS] Hypervisors for Memory Introspection and Reverse Engineering

https://secret.club/2025/06/02/hypervisors-for-memory-introspection-and-reverse-engineering.html

[oss-security] Roundcube webmail: Post-Auth RCE via PHP Object Deserialization reported by firs0v /by @hanno

https://www.openwall.com/lists/oss-security/2025/06/02/1

#NoCVE