SolarWinds RCE (@chudypb), Windows 11 Recall-based LPE (@filip_dragovic), Robot RCEs (@olivier_boschko + @ruikai), EDR as a RAT (@p0w1_), and more!

https://blog.badsectorlabs.com/last-week-in-security-lwis-2026-03-02.html

My second article in Paged Out! #8 was about the architecture of the terminal emulator on Linux - it's a really obvious thing until you start digging into details, as usual.

Web viewer: https://pagedout.institute/webview.php?issue=8&page=43&article=Linux+terminal+emulator+architecture
PDF download: https://pagedout.institute/?page=issues.php

f(x,y) = ((((-y) % (y ^ 11)) / ((1 % x) * (-x))) & (-((~y) | (~x)))) % 13

Extent: 256x256 (scaled x2)

"Onebit" colouring scheme.

Axios: Exclusive: Researchers trick a bot that prescribes meds

"Security researchers used relatively simple jailbreaking techniques to trick the AI system powering Utah's new prescription refill bot.

Researchers were able to make the bot spread vaccine conspiracy theories, triple a patient's prescribed pain medication dosage, and recommend methamphetamine as treatment."

https://www.axios.com/2026/03/04/doctronic-utah-prescriptions-ai-jailbreak

#AI #doctor #health #prescription #utah

Solved but now unsolved problems in computer science:
- copying files off a phone without using a network/cloud/internet

NEW macOS 26.3 🥫🍝 sauce! 🎉

xnu:
https://github.com/apple-oss-distributions/xnu/compare/xnu-12377.61.12...xnu-12377.81.4

dyld:
https://github.com/apple-oss-distributions/dyld/compare/dyld-1335...dyld-1340

Security:
https://github.com/apple-oss-distributions/Security/compare/Security-61901.60.40...Security-61901.80.25

- this post was generated by `ipsw` 🤖

»CBP Tapped Into the Online Advertising Ecosystem To Track Peoples’ Movements« https://www.404media.co/cbp-tapped-into-the-online-advertising-ecosystem-to-track-peoples-movements/?Fedizen.EU #Fedizen #Fediverse #ActivityPub #News

That one XKCD thing, now interactive.

This is so much fun... Craig S. Kaplan: In my online undergraduate P5.js course, students are about to begin the module on motion and physics, including a bit of physics simulation using Matter.js. It suddenly...
https://jwz.org/b/yk4B

Can you feel it too?

Join us today for our analysis of Juniper's recent pre-auth RCE - CVE-2026-21902 - affecting a very specific set of devices. Curious?

https://labs.watchtowr.com/sometimes-you-can-just-feel-the-security-in-the-design-junos-os-evolved-cve-2026-21902-rce/

where is the punch line?

Google has discovered a new iOS exploit kit containing five full iOS exploit chains and a total of 23 exploits

It tracked it to a surveillance vendor, which sold it to both Russian and Chinese customers

https://cloud.google.com/blog/topics/threat-intelligence/coruna-powerful-ios-exploit-kit/