@kagihq "I don’t think I need to list the large number of tasks where LLMs can save humans time" - I naively thought this would be the whole point of the post? It'd be also important to back up that "large number of tasks" with data (e.g. time to result with/without LLM).

BINGO TIME! With CVE-2025-58034, Fortinet secures the crown in my Insecurity Appliance Bingo. This is technically a "high" severity vuln, but since it's being actively exploited and has landed a spot on CISA KEV, I'm admitting it.

https://cku.gt/appbingo25

Reaching a bingo took longer than expected, with FortiNet and Ivanti sitting at 5/6 vulns since about July. But now, there is a well-deserved winner.

I'm now taking new vuln class and vendor suggestions for next year's edition.

[RSS] Reverse Engineering Casio's .CR5 File Format

https://old.reddit.com/r/ReverseEngineering/comments/1p3ldfq/reverse_engineering_casios_cr5_file_format/

[RSS] FreeBSD considering end of ppc64 support

https://www.talospace.com/2025/11/freebsd-considering-end-of-ppc64-support.html

@tmr232 So you didn't see the highlight either? Took me a while to realize that it's the _text color_ that changes, and once I knew that I started seeing it! But since I expected the background to change I basically went color blind!

every time I take a selfie I admire influencers a bit more - this shit ain't easy!

Thanks @pancake for the swag!

Happy Max Headroom Incursion Day to all who celebrate!

11/22/87 never forget

@ajroach42 @loriemerson Came here to say the exact same thing!

OTD 1999: #SunMicrosystems announces the Sun Ray thin client. Great blog about its development: https://marcschneider.weebly.com/sun-ray.html

How it started / How it's going

https://www.neowin.net/news/microsoft-finally-admits-almost-all-major-windows-11-core-features-are-broken/

#AI #Microsoft #Windows

This will probably get spread around as misinformation, because people read the titles, not the articles. So let's start with the obvious:

#Signal is secure.

Now what everyone didn't read:

> The FBI said the information came from a “sensitive source with excellent access” and introduced the report as a warning about “extremist actors targeting law enforcement officers and federal facilities”.

In other words, the FBI had an informant on the inside. AKA, "a spy".

https://www.theguardian.com/us-news/2025/nov/21/fbi-signal-group-chat-immigration

not enough people are talking about this gif from the wikipedia article on the falling cat problem

Please help making #TreeSitter Playground better by doing this little experiment:

https://tree-sitter.github.io/tree-sitter/7-playground.html

Write some JS, like `var x=1;`. Enable Query and provide the `(identifier) @foo` pattern in the new Query textbox.

Do you see the code highlighted? (if not, turn on Accessibility, a'la GH issue #1714)

[RSS] exploits.club Weekly(ish) Newsletter 92 - S23 N-Day PoCs, Printer Overflows, DNG OOB Writes, And More

https://blog.exploits.club/exploits-club-weekly-ish-newsletter-92-s23-n-day-pocs-printer-overflows-dng-oob-writes-and-more/

We have updated the #Pwn2Own Automotive rules to expand the target scope of the #Alpitronics category and to clarify the model of the ChargePointHome Flex model number. Check out the rules at https://www.zerodayinitiative.com/Pwn2OwnAuto2026Rules.html

CrowdStrike says it caught an insider sharing screenshots taken on internal systems with unnamed threat actors.

https://www.bleepingcomputer.com/news/security/crowdstrike-catches-insider-feeding-information-to-hackers/

@jimfl I'm a master of suspense!