@andrewnez This is art.

Incident Report: CVE-2024-YIKES

A series of unfortunate events.

https://nesbitt.io/2026/02/03/incident-report-cve-2024-yikes.html

This petition wants contributing to Free Software to be legally and officially recognized as volunteering in Germany on the same level as youth work or ambulance service:

https://www.openpetition.de/petition/online/recognition-of-work-on-open-source-as-volunteering-in-germany#petition-main

This would bring fiscal and funding advantages for FLOSS organizations and the volunteers themselves.

If you are a German citizen, please sign the petition and let's get our volunteers the recognition they deserve!

---

Photo credit: Redazione Cultura. distributed under CC By SA license

@ybon Did you experience keyboard issues with KaiOS (doubling key presses specifically, I had this with multiple KaiOS phones)? If so, does the new software solve that issue?

[RSS] Exploiting CVE-2025-49825 (authentication bypass vulnerability in Teleport)

https://blog.offensive.af/posts/exploiting-cve-2025-49825/

After all these years I still rely on brute-force when it comes to copy-pasting on #Linux:

- Which paste should I use for vim's * and + buffers?
- Which clipboard is used by Java GUI's?
- Did JavaScript manage to put text on the clipboard this time? Which one?
- etc.

How do fellow #X11 users keep track of your clipboards?

RE: https://cyberplace.social/@GossiTheDog/116003657697941309

There were lots of folks in MS when I was there who were willing to tell management that this was a mistake. They were the ones given lower bonuses and told that they needed to get behind the corporate priorities. Some of them found niches where they could work on something they found interesting without management noticing, a lot more left. The people who were promoted were the ones who either had terrible judgement or were willing to lie to management.

The board needs to hold Satya Nadella and Kevin Scott accountable for creating that environment. If not, shareholders might start asking why 20% of the company’s value was wiped out in six months.

Schrödinger’s Cat is the most misunderstood meme in physics.
Pop-science says: “The cat is both alive and dead.”
Schrödinger said: “That’s absurd!” (He called it a 'burlesque case').
He created the experiment to prove quantum mechanics was incomplete, not to celebrate "weirdness." If a theory suggests a cat is smeared between life and death, it's missing a piece of reality.
Stop the mysticism. Schrödinger wanted a better map of the real world.
#Physics #Science #schrodinger

It's a lesser known fact that these bad boys are still used to serve Windows updates:

RE: https://mastodon.social/@bagder/116001950411560304

My CVEs are still at 0 medals, but thanks to VxWorks I was able to achieve a CVE on Mars (#Curiosity rover, CVE-2023-38346) 😉

Btw. if anyone from #NASA could confirm curiosity was/is really affected (but probably without attack vector so no impact I guess), that would mean a lot to me

/cc @realhackhistory

Epstein and Steve Bannon discussing how to get spectrum boys^W^Whackers on their side as they are the "most powerful (dangerous) US group":

https://threadreaderapp.com/thread/2018146239716667744.html

Also, how to get Bannon to stage at DEFCON lol

One of many talks I missed for not going to #fosdem, happy to watch them online now! “ga68, the GNU Algol 68 compiler at FOSDEM 2026” — https://m.youtube.com/watch?v=42rOV7mBd1E

The cathartic effect of reverse engineering without a business objective should have its own therapy book.

Gen Alpha smashes the stack with "gggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg"... (0x67676767)

One of our AI threat team pointed me at this:

https://zenodo.org/records/18444900

Interesting analysis of Moltshite.

#threatintel, #aislop

i made a version of wikipedia you can doomscroll
https://xikipedia.org/

[RSS] vr2jb: Pwning the PlayStation VR2 using Sony's hidden recovery mode

https://bnuuy.solutions/2026/02/01/ps-vr2-recovery-mode.html

Help needed: I'm writing a commissioned piece on getting business insurance for AI issues. Are you an expert I could quote on the topic? Do you know one? Please forward this around! Email is dgerard@gmail.com. Thank you!

[RSS] Pipe Dreams: Remote Code Execution via Quest Desktop Authority Named Pipe

https://www.netspi.com/blog/technical-blog/adversary-simulation/pipe-dreams-remote-code-execution-via-quest-desktop-authority-named-pipe/