🎞️ A developer managed to reverse pixelation in video using FFmpeg, GIMP and edge detection - no AI involved.

By analyzing motion and edges across frames, they could reconstruct original content from blurred areas.

It’s a reminder: pixelation is visual, not secure.

🛠️ Code & demo: https://github.com/KoKuToru/de-pixelate_gaV-O6NPWrI

#infosec #opensource #ffmpeg #linux #osint #devtools #technews

#writers, #blog aficionados, #web enjoyers, #website browsers: lend me your ears! i need help with a big push to get the word out about #writing for GOOD INTERNET magazine's autumn issue! a digital AND physical magazine that ships all over the world, run & contributed to by volunteers! (‼️)

in case you're unaware, GOOD INTERNET covers a lot of different aspects of the #SmallWeb: unplugging from the corporate web, fighting #enshittification, migrating from data-harvesting corpo social media, creating your own personal website, using code and website-building as an art form, federation, and creating websites for fun. the aim is to be approachable for beginners and enjoyable for seasoned #indieweb travelers!

you don't have to be a professional #webdev or a #coding smartypants to write about all the good things happening on "this side" of the web. the idea here is to spread the word about and share thoughts, independent web projects, services, methods, sites, meet-ups, and celebrate the non-corporate web together while making it easier for us to partake and unplug from #bigtech.

📏 looking for 1,000- to 4,000-word articles aimed at website owners and hobbyists, digital (and traditional) #artists, #internet culture enthusiasts, #technology nerds, #socialmedia expatriates, & anyone who wants to unplug from the corporate-owned #web.

⏲️ the deadline is AUGUST 22, 2025 ⏲️

ℹ️ more info here: https://goodinternetmagazine.com/contact/

#personalweb #websites #web #fediverse #neocities #nekoweb #html #css #zine #zines #indie #independent #creativity #tech #smalltech #opensource #degoogle #media

Jurisdiction Is Nearly Irrelevant to the Security of Encrypted Messaging Apps

Every time I lightly touch on this point, I always get someone who insists on arguing with me about it, so I thought it would be worth making a dedicated, singular-focused blog post about this topic without worrying too much about tertiary matters. Here's the TL;DR: If you actually built your cryptography properly, you shouldn't give a shit which country hosts the ciphertext for your…

http://soatok.blog/2025/07/09/jurisdiction-is-nearly-irrelevant-to-the-security-of-encrypted-messaging-apps/

If you have a machine with PKEY support and somewhat recent Linux kernel you can now play around with hardware support for the V8 sandbox. When active, JS + Wasm code has no write permissions outside the sandbox address space. To enable, simply set `v8_enable_sandbox_hardware_support = true` at build time.

It's not (yet) meant for production use, but should offer a preliminary look at where things might be heading. See https://crbug.com/350324877 for more details.

Feedback welcome! :)

More links to information about the IBM Power11, that was announced yesterday.
💙 #IBMi #rpgpgm #IBMChampion
https://www.rpgpgm.com/2025/07/more-details-about-power11.html

New by Security Explorations:

"eSIM Security - We broke security of Kigen eUICC card with GSMA consumer certificates installed into it."

https://security-explorations.com/esim-security.html

🔓⏫ After compromising every endpoint within an organization, our “Caught in the FortiNet” blog series comes to an end with one more thing.
Read more about FortiClient's XPC mistake that allows local privilege escalation to root on macOS:

https://www.sonarsource.com/blog/caught-in-the-fortinet-how-attackers-can-exploit-forticlient-to-compromise-organizations-3-3?utm_medium=social&utm_source=mastodon&utm_campaign=research&utm_content=blog-caught-in-the-fortinet-080725-&utm_term=&s_category=Organic&s_source=Social%20Media&s_origin=social

#appsec #security #vulnerability

[RSS] Privilege Escalation Using TPQMAssistant.exe on Lenovo

https://trustedsec.com/blog/cve-2025-1729-privilege-escalation-using-tpqmassistant-exe

The #Adobe patches may be late, but 130 new CVEs from #Microsoft, there's still plenty to talk about. Join @TheDustinChilds as he covers the release and point out why it's a bad month to be a SQL Server admin. https://www.zerodayinitiative.com/blog/2025/7/8/the-july-2025-security-update-review

#Adobe has (finally!) released their updates for July. 13 bulletins addressing 60 CVEs in various products. Nothing is listed as under active attack. The patch blog has bee updated with all the details. https://www.zerodayinitiative.com/blog/2025/7/8/the-july-2025-security-update-review

This is exactly what the internet is for.

Give lengthy and incomprehensible explanations when questioned.

Operating a Certificate Transparency log is now within reach of many organizations.

I wrote up the requirements: essentially one small server process, a couple people, and the capacity to host 3-5 TB of static files. https://words.filippo.io/run-sunlight/

I'd love to chat with anyone who's considering running one!

@lcamtuf websites are boomer, what we need are anime style videos: https://m.youtube.com/watch?v=u0aoByec99Q

[RSS] Dubious security vulnerability: If I perform this complex series of manual steps, I can crash a program I am running

https://devblogs.microsoft.com/oldnewthing/20250707-00/?p=111351

@cR0w Oh, that's s surprising, thanks for clarifying for me! Still, my concern is given their track record I'm not sure the priorities are right.

@cR0w CWE-613 -> someone thought it's a good idea to run a 3-day pentest on a commercially available product, then demanded support to fix all Low's

@tychotithonus I guess it's about requiring signing for the SMB client?

[RSS] Linux kernel double-free to LPE

https://ssd-disclosure.com/ssd-advisory-linux-kernel-pipapo-set-double-free-lpe/

@gsuberland 0xbadc0ffee0ddf00d #IBMi