🤯🚨 BREAKING NEWS 🚨🤯

In a shocking development, new additions to the #ECMAScript standard WILL UNLEASH THE HERETOFORE UNAVAILABLE POWER OF ADDITION _IN JAVASCRIPT_ upon the world!

👉 https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Math/sumPrecise

Only works in Firefox ATM. Like, Chrome and Safari can't even add numbers currently.

#javascript #webdev

Eerie Linux posted an extensive introduction to using CP/M that assumes no previous knowledge of early operating systems. They also link to other posts they wrote on the evolution of CP/M.

https://eerielinux.wordpress.com/2025/08/28/a-gentle-introduction-to-cp-m

#cpm #retrocomputing #os

Ksmbd Fuzzing Improvements and Vulnerability Discovery https://blog.doyensec.com/2025/09/02/ksmbd-2.html

[RSS] Linux I/O Port Access Checks on x86_64

https://u1f383.github.io/linux/2025/09/02/linux-io-port-access-checks-on-x86_64.html

go to the cloud they said
it'll be fine they said
https://www.bleepingcomputer.com/news/security/zscaler-data-breach-exposes-customer-info-after-salesloft-drift-compromise/

@lintile buuut IIRC WEP's flaw was unrelated to RSA (on the shirts), but WEP's key size *was* limited because of export controls:

https://en.wikipedia.org/wiki/Wired_Equivalent_Privacy

@lintile FTR here's the code and the design: http://www.cypherspace.org/adam/rsa/

Your #DFIU category today is OG HACKER SHIRTS

This Ron Rivest 1987 cipher, illegal to export from the US (mathematical munitions), fit on 3 lines of Perl and adorned t-shirts as a form of civil disobedience before becoming the WEP protocol's greatest weakness

I don't like this custom protocol, I'm sure there is a common library that could be used! Let's take a look at this alternative repository...

"import org.springframework...."

*drop and run*

Yes, there’s another phishing campaign contacting fediverse users to fill out a form to avoid being suspended or whatever. Stay calm and just report them and be sure to check the option to inform their home instance so the account gets suspended for everyone.

Also, please consider enabling moderated signups if you don’t already have them. I get it - signups dropped by >90% when I did it, but there’s very little capability for dealing with bad actors proactively once they have an account. I know it’s not a foolproof way to keep the scammers out, but it is an improvement.

[RSS] STAR Labs Summer Pwnables Linux Kernel Challenge Writeup

https://u1f383.github.io/linux/2025/09/01/starlabs-summer-pwnables-linux-kernel-challenge-writeup.html

you had ONE job

"Just fucking use HTML"- https://justfuckingusehtml.com/

Just a tiny bit offensive. 🤏

🔥 So, at DEF CON there was a talk about deobfuscation: VMDragonSlayer by @van1sh_bsidesit.

The author released the code and there's clearly huge amounts of AI slop.🤖

Now, WE WENT TO THE TALK and spoke with the speaker after the talk. 🧵
https://bird.makeup/users/dodo_sec/statuses/1960547263605772738

@lazyb0y from my previous answer: "Please don't tell me it should be adtech that should play nicely, while the regulation is there because they don't play nicely in the first place"

@davidkarlas @Viss @jason @codinghorror I don't have hard data on this unfortunately, but I tend to browse in incognito, so I get all cookie notifications all the time. Based on this experience GH is a rare exception. I must add, that this is in part because the EU is not only failing in proper enforcement, but also communication as I know of multiple well intentioned site owners who implemented this BS because they didn't understand the regulation.

To be fair I also hear marketing crying over constent requirements, which is good, but overall the adtech industry is still thriving while user experience deteriorated. In other words the regulation doesn't have the intended effect, while causing negative externalities, making things worse. (Please don't tell me it should be adtech that should play nicely, while the regulation is there because they don't play nicely in the first place)

@jason @codinghorror @Viss And they reacted in a way that made said behavior even worse. Well done!

[RSS] Netskope Client for Windows - Local Privilege Escalation via Rogue Server (CVE-2025-0309)

https://blog.amberwolf.com/blog/2025/august/advisory---netskope-client-for-windows---local-privilege-escalation-via-rogue-server/

newtons per kernel module