@corbet Blocked and reported to @kagihq SlopStop: https://help.kagi.com/kagi/features/slopstop.html

#Keycloak CVE-2026-1529: "lack of cryptographic signature verification allows the attacker to successfully self-register into an unauthorized organization, leading to unauthorized access."

https://access.redhat.com/security/cve/cve-2026-1529

#JWT

Apple says it supports competition, privacy, and repair. AirPods say “not for you.” From EU feature lockouts to batteries you can’t replace, we unpack Apple’s most disposable design at the link below.

https://www.ifixit.com/News/115572/apple-airpods-and-malicious-compliance
—
#iFixit #RightoRepair #FixTheWorld

Rust Crate: It's very easy to use me, here's a definition: ...

Me: I don't even know how to type half of these characters :S

New Rapid7 Analysis on AttackerKB topic: CVE-2026-1731

"On February 6, 2026, BeyondTrust published an [advisory](https://www.beyondtrust.com/trust-center/security-advisories/bt26-02) for a new critical command injection vulnerability, [CVE-2026-1731](https://nvd.nist.gov/vuln/detail/CVE-2026-1731), affecting their products Remote Support (RS) and Privileged Remote Access (PRA). ..."

Link: https://attackerkb.com/topics/0e038aee-d044-46cf-8b9e-8f54ca24d80a

my friend @asciimoo built a thing again \o/ and it's great as always. read his own thoughts on this at https://hister.org/posts/how-i-cut-my-google-search-dependence-in-half/

and engage with the cringe on the orange site at https://news.ycombinator.com/item?id=46959554

#search #history #web #browser

@troed

No that I disagree, but I think OP is (at least in part) about scaring away volunteer contributors where nothing vs. something can make a difference. You probably won't start building a sand castle in the dog park.

@chainq

This multi-part blog series is discussing an undocumented feature of Windows: instrumentation callbacks (ICs).

In part 4 we cover ICs from a more theoretical standpoint. Mainly restrictions on unsetting them, how set ICs can be detected and how new ones can be prevented from being set.

Learn more at https://cirosec.de/en/news/windows-instrumentation-callbacks-part-4/

#Blog #Windows #Shellcode #RedTeaming #ReverseEngineering

@troed @chainq One recurring pattern I see with LLM contributions is that code-level abstractions don't make sense. The feature works, all tests pass, but a considerable amount of functionality is at the wrong place. Simplest example is a C project where *technically* it doesn't matter in which file you implement a function, but I've seen the same with Java&classes too. This doesn't matter for machines because they just grep for the function name, but makes human contributions extremely taxing, like living in a mad mans house where the soap is in the fridge and you have to climb a ladder to the attic to find the salt.

I think this can be a valid argument against the LLM push.

The Cycle 2 deadline for the USENIX WOOT Conference is in ~ 4 weeks (March 3, 2026)!

WOOT continues to include both a Systematization of Knowledge (SoK) track and an Up-and-Coming track (industry-focused).

Details are available in the Call for Papers:
https://lnkd.in/gK2RGj-h

It's pretty insane how we live in an age where everything needs to be monetized; every single tear of knowledge must be consecrated to the mighty god of money throught crappy trainings and certificates.

Annie Rauwerda, creator of Depths of Wikipedia, lives for the internet’s weirdest footnotes.

That includes things like the long-gone Garfield the cat “G-Mail,” 🙀📬 a very real web oddity now preserved only on the #WaybackMachine.

Internet history is stranger—and more fragile—than it looks.

Read more 👉 https://blog.archive.org/2026/02/05/depths-of-wikipedia-creator-annie-rauwerda-on-fragile-internet-citations/

@annierau @internetarchive #Wikipedia

Additional reason delete Discord account: Just a few months back someone pilfered all of the ID they'd already collected.

So of course they're asking for more of it.

https://arstechnica.com/security/2025/10/discord-says-hackers-stole-government-ids-of-70000-users/

[RSS] Windows containers network isolation RE

https://safesws.github.io/windows-containers-network-isolation/

[RSS] CVE-2026-2103 - Infor Syteline ERP - Keys Included: No Assembly Required

https://blog.blacklanternsecurity.com/p/cve-2026-2103-infor-syteline-erp

I am losing it at how many of my peers have forgotten what software engineering is. It is not typing in lines of code.

@nieldk we need an official alias

git ass

@csepp Stay strong, you can do this!

@Daffodil