@jpkeisala https://github.com/jgraph/drawio-desktop

Full-Blown Cross-Assembler…in a Bash Script

https://hackaday.com/2026/02/06/full-blown-cross-assembler-in-a-bash-script/

It doesn't matter whether C is good or not. It matters that if I write code in two languages that aren't C, and I want it to all be part of the same process, I need to care about C. C pervades all. You cannot escape it. C will outlive all of us. The language will die and the ABI will persist. The far future will involve students learning about C just to explain their present day. Our robot overlords will use null terminated strings. C will outlive fungi.

@TarkabarkaHolgy that's actually reasonable, it's expectations of modern family logistics that is bonkers

PSA: Did you know that it’s **unsafe** to put code diffs into your commit messages?

Like https://github.com/i3/i3/pull/6564 for example

Such diffs will be applied by patch(1) (also git-am(1)) as part of the code change!

This is how a sleep(1) made it into i3 4.25-2 in Debian unstable.

[RSS] Django SQL Injection in RasterField lookup (CVE-2026-1207)

https://vulnerabletarget.com/VT-2026-1207

New Project Zero issue:

Samsung: QuramDng Warp opcodes out-of-bounds read

https://project-zero.issues.chromium.org/issues/462544562

CVE-2026-20973

[RSS] CVE-2025-6978: Arbitrary Code Execution in the Arista NG Firewall

https://www.thezdi.com/blog/2026/2/4/cve-2025-6978-arbitrary-code-execution-in-the-arista-ng-firewall

When a piece of type gets damaged, it's like a fingerprint that can be used to tie all the work of a printer together, whether or not their name appears on the title page. The Catalog of Distinctive Type is building a database of these fingerprints for Restoration England. https://cdt.library.cmu.edu/

RE: https://infosec.exchange/@albinowax/116018773839725691

I'm happy to be on the TOP 10 list for the second time, this time with the fun SOAP stuff.

I'm even more happy to see ORM research in 2nd place. I saw it live during BHEU and it was awesome 🤟

The path to #pwning the PS VR2 (part 1) - "Recovery mode" <- yet another case study on how assumptions should always be checked in practice 🤷

https://bnuuy.solutions/2026/02/01/ps-vr2-recovery-mode.html

Electronic Waste Graveyard Immortalizes Dead Electronics

https://hackaday.com/2026/02/05/electronic-waste-graveyard-immortalizes-dead-electronics/

@algernon TIL about this initiative. Aiming to index things that are "hosted in Europe" tells me there is a fundamental misunderstanding how the web works, very disappointing :(

A good blog about computer viruses in Soviet times, the KGB and computer security in the USSR.
#hacking #history
https://fromcyberia.substack.com/p/how-the-kgb-discovered-computer-viruses

🚨 New advisory was just published!

A flaw that exists within the handling of sch_cake can allow a local user under the CentOS 9 operating system to trigger an use-after-free. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. This vulnerability won first place in the Linux category during the TyphoonPWN 2025 event: https://ssd-disclosure.com/linux-kernel-net-sched-cake-qdisc-use-after-free-lpe/

https://www.c0t0d0s0.org/blog/tarxpathology.html

I sat through way too many #pentest interviews where the candidates had no clue about the fundamentals of web security, like the Same-Origin Policy.

If you want to make a career of finding flaws in (web)apps, do yourself a favor and read @b0rk's HTTP zine:

https://wizardzines.com/comics/same-origin-policy/

While waiting for the upcoming release of #IDAPro 9.3 by @HexRaysSA, I have made some updates and bug fixes to my idalib-based headless IDA #plugins rhabdomancer, haruspex, and augur.

Check out the changelogs for all the details and enjoy!

https://hnsecurity.it/blog/streamlining-vulnerability-research-with-the-idalib-rust-bindings-for-ida-9-2/

@xabd Could you ELI5 how this sw (or LinkTree) is different from a HTML(+CSS) page with links on it?

High level diff of iOS 26.3 beta3 vs. iOS 26.3 RC 🎉

https://github.com/blacktop/ipsw-diffs/blob/main/26_3_23D5114d__vs_26_3_23D125/README.md