I totally forgot to post about this huge leak from Chinese government linked infosec company KnownSec (a name that makes me think of 2013 Anonymous more than anything else).
https://www.techradar.com/pro/data-breach-at-mysterious-chinese-firm-reveals-state-owned-cyber-weapons-and-even-a-list-of-targets

did you know that you can find free Cortex M0 development boards at the side of the road? folks call them disposable vapes but they're hackable, and i've reverse engineered a bunch of them! see https://github.com/schlae/VapeRE/

@leadore @gaborudvari Thanks, I'll go through this in a couple of days, now I just managed to unlock fly permission and rn floating around randomly listening to some light house music with beer :D

@gaborudvari Great tips, thanks! I'm experimenting with minetest rn but frankly I have no idea what I'm supposed to do so can't really gauge the feature parity either :D

@gaborudvari well I do mind and I find it disgusting that entire families are made to sell their PII if their kid wants to play a game along with their friends. And yes, I'm willing to pay for an option that doesn't sell my kids personal data, but apparently this is not an option.

TIL Minecraft requires a freaking MS account. I thought it wasn't that bad so we proceeded to create one, but it turns out that if you want to create a child account (based on birth date, to avoid adult ads and shit) you as an adult *also* need a MS account that would be of course immediately connected to your childs account which I assume to be a gold mine for advertisers.

Seriously, fuck #AdTech!

(I also wonder if this is legal in the EU?)

@manjusrii

You might appreciate:

TIL the Task Manager Guy™ once dabbled in scareware?
https://bird.makeup/users/c0ner0ne/statuses/1989395111491588340

Customer burns some of your tooling when using a deprecated version.

https://techcrunch.com/2025/10/28/ceo-of-spyware-maker-memento-labs-confirms-one-of-its-government-customers-was-caught-using-its-malware/

#HackingTeam #MementoLabs #Kaspersky #TheSecurityCommunity

For my blog and newsletter, I wrote about why there have been so many data breaches and security lapses this year *alone* involving the mass-exposure of people's driver's licenses and passports — including new details about an exposure of 223,000 government-issued IDs as recently as this week.

Read more: https://this.weekinsecurity.com/it-is-far-too-easy-to-find-leaked-passports-and-drivers-licenses-online/

Sign up/RSS/subscribe: https://this.weekinsecurity.com

@condret https://en.wikipedia.org/wiki/In-band_signaling

carats per SHA512 hash

@G33KatWork constraints induce creativity: finishing the project without *that* part is almost like writing a haiku :)

@d_olex @whitequark oh I think I misunderstood! I'm concerned about how NDAs the Red Team is usually subject to (the target, data from their systems, etc) can be compatible with these third party services.

#BOFH excuse #225:

It's those computer people in X {city of world}. They keep stuffing things up.

Project: mpengine-x64-pdb 1.1.24090.11
File: mpengine.dll
Address: 75ad42e40

powf

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fmpengine-x64-pdb%2F75ad42e40.json&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fmpengine-x64-pdb%2F75ad42e40.json&colors=light

@d_olex @whitequark Honest question: how is the NDA compatible with SaaS models?

@lcamtuf Thank you for "nerd lore", I add it to my dictionary!

Dear designers: scrollbars are useful and exist for a reason. Don't hide them, please.