OVE-20260330-0003: Linux: KVM shadow EPT stale rmap use-after-free https://www.openwall.com/lists/oss-security/2026/03/30/5
Found through fuzzing, exploitable from any x86 guest with nested virtualization enabled or using shadow paging. Guest-to-host DoS and kernel heap corruption, potentially aiding VM escape.

It's no secret that I've been struggling, and my therapist said I need to find things to keep me busy, so I created the @cdnspace Artemis II dashboard.

I reverse-engineered the Unity Engine powering the NASA AROW visualization and found an absolute treasure trove of data to display.

Little did I expect that it's now being seen by anywhere from 200 to 600 people at any given time with 130,000 people having looked at it in the last 24 hours. People are even building projects around my API.

Yesterday, I received a message on LinkedIn from someone working in Mission Control in Houston... and they're using my dashboard! He even sent me a photo, but I can't share it until after the crew has splashed down.

Mind blown, and an absolute pick-me-up. The best part? It's being served from my basement.

https://artemis.cdnspace.ca/

#artemis #artemis2 #artemisII #nasa #csa

German digital ID will require an Apple/Google Account

Rooted/jailbroken phone? Custom ROM? Latest updates not applied? Authentication denied, Mutterficker!

Apple & Google become gatekeepers. "Your" device will be constantly monitored - for "compliance". "And you will be happy".

https://bmi.usercontent.opencode.de/eudi-wallet/wallet-development-documentation-public/latest/architecture-concept/06-mobile-devices/02-mdvm/

#DigitalID #IDVerification #Google #Apple #Android #iOS #technology #privacy #surveillance #enshittification #dystopia #BigTech #Germany #EU

Hello fedi!

I have an .MVAX #firmware #update file for an MV Silicon chip (unknown model).

Has someone already encountered those? And if yes, is there some documentation, tooling or existing #ReverseEngineering work done of that format?

For the record, the file magic (first 8 bytes) is as follow:
4D 56 B5 58 05 01 13 00

And the end of the file contains the following (no spaces, wrapping is mine):

MVSKeyFileMVBP10<0x90>0xBE>SIMPLEs
<0xD3><0x9A>.<0x90><0xD9>
MVSILICONKEYFL<0x00><0x00>
<0xFF><0xBD><0x00>0x00>

Thanks in advance for your help!!

#embedded #mcu #blob #fileformat #FileFormatAnalysis #binary #extraction

Right now, there's a really funny opportunity to burn an Outlook zero day.

Open Graphics Card Powers Cyberpunk “Laptop”

https://hackaday.com/2026/04/04/open-graphics-card-powers-cyberpunk-laptop/

Yay! @kagihq have provided a URL where you can continue to use their "1996-style" search as your home page.

It's so nice to have a bit of colour and human interaction there. "Small Web" has already become a favourite after just a few days. So many great, mad, creative websites to browse!

https://kagi.com/?year=1996

Hey folks, a headhunter got a hold of me recently for a senior-level role at Hudson River Trading.

The position is for Security Operations-type stuff, and it appears to be a somewhat senior position.

Downside is that its hybrid, with at least two days a week in the office, and the office, from what I can tell is at 3 world trade center.

Their job openings have the salary range in the description, and from what I saw, one of the perks states that they cover your healthcare premium.

If you think you can fit the bill, go take a look:

https://www.hudsonrivertrading.com/careers/?locations=new-york%2C&job-category=information-security%2C

Additionally, here is a direct link to the dude who directed me to the position:

https://www.linkedin.com/in/aaron-wescott-b552ba182/

Wasn't a good fit for me, as I'm not really in a position nor do I have any desire to move back to the east coast, but maybe it'll be a better fit for you instead. Best of luck.

#InfosecJobs #GetFediHired

Edit: I'm not affiliated with Hudson River Trading or Fourier.

50 years on and space travel has become the techno utopia we have always wanted, as summed up in this quote from NASA's Artemis II livestream

Crises precipitate change. That's no reason to induce a crisis, but you'd be a fool to let a crisis go to waste. Donald Trump is the greatest crisis of our young century, and the EU looks set to squander the opportunity, to its own terrible detriment.

--

If you'd like an essay-formatted version of this thread to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:

https://pluralistic.net/2026/04/04/digital-subjugation/#greenlands-next

1/

This is someting I wish I'd realized a lot sooner in life.

High level diff of iOS 26.5 beta1 vs. iOS 26.5 beta1 (v2) 🎉

https://github.com/blacktop/ipsw-diffs/blob/main/26_5_23F5043g__vs_26_5_23F5043k/README.md

😂 credit https://ashermaxperlman.com/#cartoons