We expect to continue support for #MIPS for the foreseeable future, and welcome contributions. Especially now that the patents have expired on many 64-bit MIPS designs! :)

@chaos0815 Yeah, it's moments like this when I become nostalgic for strict typing, but part of Pythons power is exactly this kind of flexibility. I could argue for a more strict API/type checking in this particular lib, but I guess this is also something that makes them (very) popular, so I think I just have to be more careful in the future (like building less funky loops)...

OK, I feel like an absolute noob:

I just spent hours debugging that I left a comma at the end of a #Python assignment, so the value became a tuple instead of the object I wanted 🤦

The library I passed the value to also has very liberal typing so it failed quietly, and the IDE didn't tip me off because I overwrote the value inside a loop...

Extra commas are the new lack of semicolons!

#fail #programming

#curl 8.18.0 has been released. This release fixes 2 medium and 4 low level vulnerabilities:
- CVE-2025-13034: No QUIC certificate pinning with GnuTLS https://curl.se/docs/CVE-2025-13034.html
- CVE-2025-14017: broken TLS options for threaded LDAPS https://curl.se/docs/CVE-2025-14017.html
- CVE-2025-14524: bearer token leak on cross-protocol redirect https://curl.se/docs/CVE-2025-14524.html
- CVE-2025-14819: OpenSSL partial chain store policy bypass https://curl.se/docs/CVE-2025-14819.html
- CVE-2025-15079: libssh global knownhost override https://curl.se/docs/CVE-2025-15079.html
- CVE-2025-15224: libssh key passphrase bypass without agent set https://curl.se/docs/CVE-2025-15224.html

I discovered the last 2 vulnerabilities.

Download curl 8.18.0 from https://curl.se/download.html

#vulnerabilityresearch #vulnerability #cybersecurity #infosec

@bert_hubert Java applets have been disrupting my life for decades!

TIL #pwndbg accepts donations, so if you care about your debuger command line being actually *good* then consider throwing some money at them:

https://github.com/sponsors/pwndbg/

#ReverseEngineering

Well, I didn't have this on my 2026 Bingo card...

"‘Stop sending butt plugs to Bahrain’: Toronto sex store receives letters from U.S. Department of War":

https://www.ctvnews.ca/toronto/article/stop-sending-butt-plugs-to-bahrain-toronto-sex-store-receives-letters-from-us-department-of-war/

[RSS] Micropatches Released for Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability (CVE-2025-47987)

https://blog.0patch.com/2026/01/micropatches-released-for-credential.html

Nominations for the Top 10 (new) Web Hacking Techniques of 2025 are now live! Review the submissions & make your own nominations here: https://portswigger.net/research/top-10-web-hacking-techniques-of-2025-nominations-open

its so cold im using chrome instead of firefox to read news on my phone cuz i need the ads to warm up my phone and hands

Are we entering a world where chatbots will replace devs?
Probably not. Prompting an LLM with natural language is inherently lossy and ambiguous. Up to this point, programming has always been deterministic: Your code does what you say it should do otherwise, it’s a bug. Coding agents break that contract.

Our blog:
https://blog.trailofbits.com/2025/12/19/can-chatbots-craft-correct-code/

buckle up and prepare for an unload of *six* CVEs against #curl getting published tomorrow, severity low and medium

Has someone tried redeploying 2026?

Do your work poorly and blame it on bad tools, machinery, or equipment.

I’m working on the next hacklore newsletter, and the holiday season delivered a fresh wave of peak hacklore! 🎁 😜

📬 If you want fewer security myths and more reality-based advice for everyday people (including ways for you to help!), subscribe here: https://www.hacklore.org/about

Commodore Disk Drive Becomes General Purpose Computer

https://hackaday.com/2026/01/05/commodore-disk-drive-becomes-general-purpose-computer/

@mwichary They present technology as an instrument for art, and you get to play with literally everything (we spent the open hours in full then went back the next day for more). On the flip-side the items are not very well documented, so you often stop to scratch your head what a thing actually is - they are really helpful though and I think this also adds to the "magic" of the place.

@mwichary My recommendation: https://this-museum-is-not-obsolete.com/

Not a typical a museum, more like a playground for geeks :)