Besides watermelon, there should be windmelon, firemelon and earthmelon - the four elemelons.

@matildalove @soatok
ISO: "We created global standards for everyone to follow"
Everyone: "Can we see them?"
ISO: "No"

The Tiny Awards are back, and so am I! After a year off, I'll be a judge helping to decide "the best of the small, poetic, creative, handmade web" made in the last 12 months. Nominations open until the end of June, submit anything you love! https://tinyawards.net/

So, my technical report on fuzzing CPython with fusil is almost done.

I'd really appreciate some help categorizing the found issues by relevance/severity/importance or any other name for impact.

Do you have the chops to help with that? And do you have time and interest? Please get in touch if so! And please boost if you can :)

A plot, some tables, links to the report and some discussion are available in this thread:

https://discuss.python.org/t/feedback-on-the-recent-fusil-fuzzing-campaign-of-cpython/91737

#Python #CPython #fuzzing #fuzzer #fusil

I tried to improve on @carrot_c4k3 's work to bypass Windows KASLR with a prefetch side-channel. I summarized my results in a new blog post, spiced up with some geek art:

https://scrapco.de/blog/visualizing-prefetch-infoleaks-to-defeat-kaslr.html

[RSS] SonicDoor - Cracking SonicWall's SMA 500

https://blog.scrt.ch/2025/06/04/sonicdoor-attacking-sonicwalls-sma-500/

Project: microsoft/typescript https://github.com/microsoft/typescript
File: src/compiler/program.ts:3242 https://github.com/microsoft/typescript/blob/81c951894e93bdc37c6916f18adcd80de76679bc/src/compiler/program.ts#L3242

function checkModifiers(modifiers: NodeArray<ModifierLike>, isConstValid: boolean)

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?github=https%3A%2F%2Fgithub.com%2Fmicrosoft%2Ftypescript%2Fblob%2F81c951894e93bdc37c6916f18adcd80de76679bc%2Fsrc%2Fcompiler%2Fprogram.ts%23L3242&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?github=https%3A%2F%2Fgithub.com%2Fmicrosoft%2Ftypescript%2Fblob%2F81c951894e93bdc37c6916f18adcd80de76679bc%2Fsrc%2Fcompiler%2Fprogram.ts%23L3242&colors=light

USMC AH-1Z Viper working the pattern at Pt. Mugu, July 2024 #USMC #choppa #rotor #Mugu #AH1Z #aviationphotography #planespotting #AvGeek #spotter #photography #Nikon #aircraft #nikonphotography

[RSS] Solo: A Pixel 6 Pro Story (When one bug is all you need)

https://starlabs.sg/blog/2025/06-solo-a-pixel-6-pro-story-when-one-bug-is-all-you-need/

[RSS] exploits.club Weekly Newsletter 74 - iOS 18 mitigations, CoreAudio RCAs, kCTF optimizations, and More

https://blog.exploits.club/exploits-club-weekly-newsletter-74/

@Viss Not sure, but sure it was MTV

https://archive.org/details/fur-tv-the-complete-series

@Viss Remember Fur TV? (literally everything was better back in the day...)

@kajer

Fucking stupid UI/UX choices.

Fortigate Firewall/Routers - All options for BGP/IPSEC are behind an "advanced options" user preference.... IT'S A FORTIFUCKINGROUTER the only people in this interface are advanced users.

PaloAlto XDR portal - Right-click for options on a line... fine... But wait, if you hold option/alt, you get even more options. I get the need to define which options are less common choices, but you should not be hiding things behind click-modifiers. The only people using the XDR interface will be advanced users. If a user doesn't have authorization for a command, then don't show it. If the option is destructive, then confirm with N number of dialogs. Also, the ENTIRE user interface is in italics.

Admin interfaces should never have hidden options.

@G33KatWork Ja bitte!

Make some noise!

There’s still time for you to submit your article for the 40th anniversary edition of Phrack!

https://bird.makeup/@phrack/1901633924532408680

What is the most inappropriate connector with enough pins to support USB-C?

I suggest:

[RSS] Too Much of a Good Thing: (In-)Security of Mandatory Security Software for Financial Services in South Korea

https://kaist-hacking.github.io/publication/yun-ksa/