@sassdawe @ludicity 100%, I definitely not meant to piss on sw engineers in particular, median skill isn't great industry-wide.

[RSS] Building a Custom Architecture and Platform: Part 1

https://binary.ninja/2026/02/20/quark-platform-part-1.html

#BinaryNinja

@b0rk I miss a hotkey to search for "identifiers", e.g. if I want to search for `-x` I don't want to see `-X --xenomorph`. The situation is even worse for one character identifiers/symbols (think tmux, bash, etc.).

I also find it impossible to remember section/page arguments (argument order + what number means what in `man N printf`).

[RSS] "They even thanked the coders for giving them such a difficult challenge."

https://unsung.aresluna.org/they-even-thanked-the-coders-for-giving-them-such-a-difficult-challenge

On how Spyro PlayStation edition (2000) was cracked.

@ludicity I worked mostly at (pen)testing and have always been astonished how basics of basics were unclear for many people (e.g. "does this code run on the client or the server?"). My opinion in summary is that the general quality of sw engineering/ers declined since managers figured out they can bill by the hour instead of fulfillment under the guise of "agile" (see "I'm gonna write myself a new minivan this afternoon").

Try it out yourself: https://zellic.ai

Here it is, our biggest issue to date, Issue #8!
Read, share, enjoy!
https://pagedout.institute/?page=issues.php
Get prints here - https://www.lulu.com/search?page=1&pageSize=4&sortBy=PRICE_ASC&q=PAGEDOUT8&adult_audience_rating=00

And with that CFP for #9 is open - deadline 30 April 2026

@Natasha_Jay Next up: kindergarten teachers

Wikipedia bans Archive.today after site executed DDoS and altered web captures
If DDoSing a blog wasn't bad enough, archive site also tampered with web snapshots.
https://arstechnica.com/tech-policy/2026/02/wikipedia-bans-archive-today-after-site-executed-ddos-and-altered-web-captures/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social

RE: https://infosec.exchange/@timb_machine/116068550511596363

If there's anyone on here that works at GitHub, do you think you could remind your support team to check their emails.

For reasons unknown you decided to suspend my account a week ago and I'm yet to even get a response that a ticket has been opened to investigate. I'm sure there's a reason (although I suspect it's debatable) but it would at least be nice to hear from you that it's being looked at.

#github

[RSS] Reverse engineering the Creative Katana V2X soundbar to be able to control it from Linux

https://blog.nns.ee/2026/02/20/katana-v2x-re/

[RSS] Discovery & Analysis of CVE-2025-29969

https://www.safebreach.com/blog/safebreach_labs_discovers_cve-2025-29969/

(Windows MS-EVEN RPC Remote Code Execution Vulnerability)

[RSS] Mailbag: URLs as UI

https://unsung.aresluna.org/mailbag-urls-as-ui

[RSS] OpenCFD OpenFOAM Code Stream directive arbitrary code execution vulnerability

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2292

Before launch, Perplexity hired us to test the security of Comet, their AI browser assistant. We demonstrated how four prompt injection techniques could extract users' private information from Gmail. https://blog.trailofbits.com/2026/02/20/using-threat-modeling-and-prompt-injection-to-audit-comet/

@leyrer Wait till one of those techbros announce they reserved capacity for future weapons manufacturing...

SGI stack overflow 😱
booting the IRIS Indigo R3k..

Just shipped updates for rhabdomancer, haruspex, and augur. Now compatible with @HexRaysSA IDA 9.3 and @xorpse's idalib-rs 8.0.

These headless #IDA plugins are built for #VulnerabilityResearch workflows where you want IDA's power without the GUI. This release brings a bunch of small improvements and bug fixes.

https://hnsecurity.it/blog/streamlining-vulnerability-research-with-the-idalib-rust-bindings-for-ida-9-2/

[RSS] CVE-2026-20841: Arbitrary Code Execution in the Windows Notepad

https://www.thezdi.com/blog/2026/2/19/cve-2026-20841-arbitrary-code-execution-in-the-windows-notepad

ZDI analysis of the notorious vuln

[RSS] "Good enough" emulation: Fuzzing a single thread to uncover vulnerabilities

https://blog.talosintelligence.com/good-enough-emulation/