@TomSellers "Every time Prometheus says 'up' I ask: 'up, compared to what?'" https://www.youtube.com/watch?v=rXPpkzdS-q4

HTTP Request Smuggling in Kestrel via chunk extensions (CVE-2025-55315) https://www.praetorian.com/blog/how-i-found-the-worst-asp-net-vulnerability-a-10k-bug-cve-2025-55315/

Few exploits with their CVEs for the Unitree G1 humanoid robot https://github.com/Bin4ry/UniPwn

HyperDbg v0.17 is out! ✨🥂

This update brings major improvements to the script engine, including multidimensional arrays, compound & multiple assignments, plus key interpretation bug fixes.

Check it out:
https://github.com/HyperDbg/HyperDbg/releases/tag/v0.17

For more information, you can check:

Compound assignments:
https://docs.hyperdbg.org/commands/scripting-language/variables-and-assignments#compound-assignment

Arrays:
https://docs.hyperdbg.org/commands/scripting-language/variables-and-assignments#arrays

Multidimensional arrays:
https://docs.hyperdbg.org/commands/scripting-language/variables-and-assignments#multidimensional-array

@Toastie “Your homework tonight, and I’ll remind you of this later, go listen to the song ‘43% Burnt.’” Hell yeah, this guy doesn't fuck around \m/

I've never published anything so close to my heart. Hope ya love it.

https://www.hcn.org/issues/57-11/heavy-metal-is-healing-teens-on-the-blackfeet-nation/

#Indigenous #metal

@lichtlos I'm genuinely curious how the code is handled internally. Sure, you'd have the source and all that but as a dev I'd flip tables because the API would get in my way constantly.

I'm seriously considering creating a Yelp account just because of this shit...

@lichtlos Yes, it doesn't even have the features that I need.

/me after a chill Sunday with #IDAPython

I'm now basically doing this out of spite.

We wrote up a blog post detailing our development and quality assurance workflow. We describe how new contributions are merged into the code base, and we address the change to our policy regarding AI-assisted code submissions and the concerns raised about it. https://keepassxc.org/blog/2025-11-09-about-keepassxcs-code-quality-control/

Google Chrome will deprecate and remove XSLT support (the XML CSS thing) by late-2026

Cites security reasons

https://developer.chrome.com/docs/web-platform/deprecating-xslt

I'm old enough to remember years ago comrades predicting the inevitable fall of software and services which work just fine today.

I moved my fork of pdbparse to uv and tested it with Construct v2.10 - earlier versions weren't compatible with recent Python stdlibs.

Everything seems to work fine (tested with REshare vs big MS .pdb's) so you can use this fork with Python >= 3.12:

https://github.com/v-p-b/pdbparse

If you find a bug please open an Issue/PR!

#ReverseEngineering

Mark Zuckerberg seems to have a band with his clones:

https://www.youtube.com/watch?v=3OrHy_TRudo

I had this #electronics project idea several months ago... The original concept involved like two transistors and a basic "framework" of $5 consumer mechanics.

It turns out the "framework" is so primitive (in a good sense!) that now I have an AVR involved and like $50 spent.

But it seems to work! Assembly tomorrow...

In case you're looking for reading material this weekend, keep in mind my investigations team published part 2 of our deep dive on the Great Firewall data dump, this time on technical infrastructure details.

I'd be grateful if you'd read it and pass it along if so inclined.

https://dti.domaintools.com/inside-the-great-firewall-part-2-technical-infrastructure/

[RSS] Kubevirt security audit

http://blog.quarkslab.com/kubevirt-security-audit.html

[RSS] Bringing USB to Life in QEMU - Kernel Build, Debug, and Redirection

https://streypaws.github.io/posts/Android-Kernel-USBRedir-QEMU-Build-Debugging/