Now I'm in a nasty rabbit hole, because the Zed server doesn't seem to use /TCP/UDP connections, yet it is somehow affected by the firewall...

Managed to set up cross-platform #Rust development environment with @zed using Windows as a remote host. Some tips:

* You have to let Zed proxy through the Windows firewall (I just disabled it as usual, since this is a lab network)
* The default cmd.exe shell doesn't seem to work with remote tasks (I suspect character escaping error), you have to explicitly set powershell.exe

I was initially concerned about usual Windows SSH shenanigans, but surprisingly my config (with jumphost and an agent) worked flawlessly from Linux.

h/t @raptor for the tip!

Frida 17.8.0 dropped with frida-strace syscall tracing on Android & iOS, no jailbreak required 🙌 https://github.com/frida/frida/releases/tag/17.8.2

"Justice is what love looks like in public." Via Natalie Foster and Cornel West, commissioned by me through Clay Graham Art https://www.claygrahamart.com/products/robo-justice-battle-damage-variant-matte-poster

A very detailed tutorial from "Joaquin Pinillos"

Walk x86-64 page tables by hand in qemu and gdb. Decompose a virtual address, follow cr3 through all levels of physical memory, and extract a flag from raw bytes.

https://github.com/jazho76/page_table_walk

#reverseengineering #linux #ctf

@stf gotcha, I think this is in part the balancing I mentioned, "Facebook style" (some constructs feel much weirder on substack than on FB, no clue why), and a common mistake of trying to translate everything to HU. With those updates a minor breakdown may also play a part...

@stf https://hvg.hu/itthon/20260314_az-mcc-oroszorszag-kutatoja-szerint-peldatlan-orosz-muvelet-zajlik-a-magyar-valasztasok-befolyasolasara

@stf I fount it from HVG, you can find an analysis there.

@stf I'm not sure if you are talking about the same "feeling", but the guy works at MCC and I only felt that he was _really_ careful at choosing his language. There are also some minor differences in editing (parenthesis for example), but I haven't compared the two versions.

Battlefield: Budapest - An Unprecedented Russian Operation to Influence the Hungarian Elections

https://eurazsiaijegyzetek.substack.com/p/battlefield-budapest-an-unprecedented

@raptor I wonder how they chose the name though...

@raptor remote dev sounds really useful for xplatform dev too, RR had trouble with that!

RegPwn was a Windows 0-day that we were using for LPE in our Red Team for a year (discovered by Filip D. In January 2025). Unfortunately it got fixed 🥲

Good bye RegPwn 🫡

https://www.mdsec.co.uk/2026/03/rip-regpwn/

An update to our bug bounty policy: https://attackanddefense.dev/2026/03/13/bug-bounty-program-updates-2026.html

RegPwn - Windows LPE vulnerability (now fixed) https://www.mdsec.co.uk/2026/03/rip-regpwn/

This timeline is truly amazing:

There is an ongoing case in front of the #EU Curia to test #copyright laws vs LLMs:

https://infocuria.curia.europa.eu/tabs/document?source=document&text=&docid=301042&pageIndex=0&doclang=en&mode=doc&dir=&occ=first&cid=489283

This would be pretty boring, BUT the case is based on a story of this guy who became a singer celebrity in the '90s in #Hungary, then a few years ago he gave an interview sky-high on cocaine talking about the awesome dolphins in lake Balaton:

https://www.youtube.com/watch?v=kxkiM635LMk

(there are no dolphins in Balaton)

Being the self-promotion genius he is, he actually kept on promoting the deployment of dolphins to Balaton, and (copyrighted) reports of this activity are now part of the court case! Naturally, he also wrote a song about the topic:

https://www.youtube.com/watch?v=mUJXhAjZQ7A

#Kozsó

AI is the Best Thing to Happen to Art

https://geohot.github.io/blog/jekyll/update/2026/02/19/ai-art.html

(See also: photography vs painting)

"AI is giving attackers a huge advantage!"

"Yes, it is. It's amazing how quickly it has destroyed dev, sec, ops, management, company missions and priorities, regulations, information literacy, and civil society, making everyone more vulnerable."

"I traced $2 billion in nonprofit grants and 45 states of lobbying records to figure out who's behind the age verification bills."

https://web.archive.org/web/20260313090844/https://www.reddit.com/r/linux/comments/1rshc1f/i_traced_2_billion_in_nonprofit_grants_and_45/

https://github.com/upper-up/meta-lobbying-and-other-findings

Spoiler: It's Meta.