Is it possible/reasonable to compile @fridadotre with V8 in 2026? (I just reported a couple of QuickJS bugs that are blockers for me)

If so, are there any documentation available about the build process or is that knowledge lost to bitrot?

#Frida #ReverseEngineering

[ZDI-26-124|CVE-2025-15060] claude-hovercraft executeClaudeCode Command Injection Remote Code Execution Vulnerability (CVSS 9.8; Credit: Peter Girnus of Trend Research) https://zerodayinitiative.com/advisories/ZDI-26-124/

Today's oofness is on us :(:

https://blog.talosintelligence.com/uat-8616-sd-wan/

#threatintel, #sdwan

And so but anyway, did I ever tell you about my most humiliating experience as a skilled and successful computer programmer?

How many people know that #WordPress was co-founded by a black man, Mike Little?

Or that he's from the north of England? A self-taught coder from #Stockport, just south of #Manchester? Or that he never received so much as a share, cent or job offer from the $7bn+ valued Automattic after spending five months working exclusively with Matt Mullenweg on the B2 fork?

After @bevangelist told me about @mikelittle I interviewed him for a documentary I never got round to making. Back then I was left with two certainties: he's Wozniak to Mullenweg's Jobs. Among other things he added the one-click upgrade that's been central to WP's bonkers 45%-of-the-web-success. And he's one of the nicest people I've ever interviewed, which is also bonkers given that he not only didn't share in WP's financial success, but that he's barely known.

But he should be - so, better late than never - please meet #MikeLittle, perhaps the most-influential-least-known person in #foss… https://25.netribution.co.uk/nic/mike-little-the-british-co-founder-of-wordpress-youve-probably-never-heard-of/

@cR0w @Sempf I love how we're talking a whole *era* <3

Observation:

- People started deploying anti-scraping measures to fight LLM scraping
- Web indexers can't index stuff anymore
- Search results are even worse than before
- The only way to retrieve the information is to use models that were trained in pre-anti-scraping times (or beat anti-scraping)

If I'm right, anti-scraping can actually push people towards LLM's (who currently absolutely have the capacity to circumvent most anti-scraping).

If you think you share knowledge worth finding, please consider this before deploying countermeasures!

#scraping #search #llm

Something new in our community and that deserves more attention: Breakdown of BLERP, the BLE re-pairing attacks by
Daniele Antonioli
& Sacchetti (NDSS 2026). TL;DR: the BLE standard doesn't authenticate re-pairing.
Paper + PoC indexed there:
https://community.penthertz.com/t/blerp-ble-re-pairing-attacks-and-defenses/17

Access control bypass via header smuggling, with no desync required! Using header smuggling for more than HTTP desync like this is totally underrated - a lot of defences only filter the CL and TE headers. You can detect these with Parser Discrepancy Scan.
https://www.linkedin.com/posts/jakedmurphy1_excited-to-share-that-i-recently-identified-activity-7431735557115789313-xhnA/

[RSS] Abusing Cortex XDR Live Terminal as a C2

https://labs.infoguard.ch/posts/abusing_cortex_xdr_live_response_as_c2/

I have a successful build and I only had to patch Meson twice!

@opensource shout-out to @kirschner , for his post about the 500 million euro that the German government spends each year (!) on Microsoft licensing, while asking how much #opensource we could have procured and developed with a fraction of that money. During @nlnet 's presentation.

@timb_machine https://theamazingworldofgumball.fandom.com/wiki/The_Revolt

@soatok

"why are compilers, man?"

So toolchain engineers have a safe space to recover after working on linkers.

( @resistor )

@chrisvest @bagder "there is no bug-bounty no money for vulnerability reports" comma/colon missing?

#curl security moves again. Back to #hackerone

https://daniel.haxx.se/blog/2026/02/25/curl-security-moves-again/

It often feels like the world of tech is nothing but bad actors and bad news these days, it is always refreshing to read about something that is a fundamentally amazing example of technology and human ingenuity. This article about the process and people that sit behind the undersea cables that connect our world (and how they are productively recovered) is an example of that type of story. You should check it out!

https://www.wired.com/story/say-goodbye-to-the-undersea-cable-that-made-the-global-internet-possible/

The Cycle 2 deadline for the USENIX WOOT Conference is in just one week (March 3, 2026).

Full details are available in the Call for Papers:
https://www.usenix.org/conference/woot26/call-for-papers

IBM crashes because we’re gonna YOLO a replacement for banking and credit-card back-ends, replacing billions of lines of COBOL with vibe code. Uh…

https://www.techbuzz.ai/articles/ibm-crashes-11-as-anthropic-threatens-cobol-empire

@timbray