"AI is giving attackers a huge advantage!"

"Yes, it is. It's amazing how quickly it has destroyed dev, sec, ops, management, company missions and priorities, regulations, information literacy, and civil society, making everyone more vulnerable."

"I traced $2 billion in nonprofit grants and 45 states of lobbying records to figure out who's behind the age verification bills."

https://web.archive.org/web/20260313090844/https://www.reddit.com/r/linux/comments/1rshc1f/i_traced_2_billion_in_nonprofit_grants_and_45/

https://github.com/upper-up/meta-lobbying-and-other-findings

Spoiler: It's Meta.

Kagi's Small Web just got a big upgrade! Introducing browser extensions, mobile apps and categories:

https://blog.kagi.com/small-web-updates

#Kagi #SmallWeb #Blogs #Apps

@matildalove "he fed my work into a machine, so I fed him into a machine..."

RE: https://hachyderm.io/@pheonix/116221805295722939

#Meta only exists for two reasons:

- Money
- Info gathering on everyone for reason 1

Wrote down everything I wish I knew earlier about Python supply chain security. Hash pinning, pip-audit, SBOMs, trusted publishing — the whole thing. Enjoy 🐍🔒https://bernat.tech/posts/securing-python-supply-chain/

What we get upset about. Cartoon for Dutch newspaper Trouw: https://www.trouw.nl/cartoons/tjeerd-royaards~bcb45712/

#GasPrices #oil #OilPrices #Iran

@freddy successfully teaching this to a 8yo proves that you really get it ;)

"There are, of course, an infinity of variations to that single routine."

A new page of my comic Ekphrasis, which you can read for free at https://ekphrasiscomic.neocities.org/.

Remote Pre-Auth Buffer Overflow in GNU Inetutils telnetd (LINEMODE SLC)

https://seclists.org/oss-sec/2026/q1/300

#NoCVE yet?

[RSS] Archive of classic reverse engineering tutorials (Armadillo, ASProtect, Themida, SoftICE era)

https://github.com/Show0ne/archivo-syxe05-snat

[RSS] Reverse Engineering the undocumented ResetEngine.dll: A C++ tool to programmatically trigger a silent Windows Factory Reset (PBR) bypassing SystemSettings UI.

https://github.com/arielmendoza/Windows-factory-reset-tool

[RSS] I Hacked My Laundry Card. Here's What I Learned.

https://hanzilla.co/blog/laundry-card-hack/

[RSS] Decrypting and Abusing Predefined BIOCs in Palo Alto Cortex XDR

https://labs.infoguard.ch/posts/decrypting-and-abusing_paloalto-cortex-xdr_behavioral-rules_biocs/

[RSS] A Nerd's Life: Weeks of Firmware Teardown to Prove We Were Right

http://blog.quarkslab.com/nerd-life-weeks-firmware-teardown-we-were-right.html

'An old photo of a very large BBS' posted in 2022, and a writeup about it. https://rachelbythebay.com/w/2022/01/26/swcbbs/

#BBS

AFL++ v4.40c release - best performance ever - optimal hidden coverage instrumentation, FrameShift, LLVM 22 support, IJON fixes, a lot of minor and bigger enhancements! #fuzzer #fuzzing https://github.com/AFLplusplus/AFLplusplus/releases/tag/v4.40c

"in the default installation of Ubuntu Server 24.04.3 plus the Postfix mail server, we create a 'fail-open' situation in Sudo" wat :D

EDIT: See later in thread, it seems like the good news is at least that it's not having auto-merging on, which is where the security risk comes in. I still have other concerns.

Looks like they're also using Claude for PR review https://github.com/systemd/systemd/commit/9a70fdcb741fc62af82427696c05560f4d70e4de

Which probably means systemd is now the most attractive target in FOSS for an AI prompt injection attack to insert a backdoor

EDIT: It does seem that they don't have auto-merging of PRs from the review bot, which is an improvement over the situation (and mitigates the primary security risk, hopefully it stays that way), and AI contributions are asked to be disclosed. That said, it seems like the issue is closed, and they are firmly in the "we will accept AI contributions, as long as disclosed" camp.

Only answer if you have direct and personal experience please. Is there ANY way on IOS (NOT ON ANDROID) to get Signal to help you clean its massive storage? I've manually tried to delete some large things but it is not helping. It is using 11GB and I can't do a thing anymore. Help?