@seecurity @freddy Damn, I have to level up my act!

@seecurity @freddy It helps me dealing with taxes a lot if I imagine myself as the protagonist of a Kafka novel (or any other absurd/surreal work). Maybe it helps with SAP/other horrors too?

I'll be back at @recon teaching a training with @KeithRamphal, we'll be bringing our combined malware reverse engineering experience to the masses! Whatever runs, wherever it runs, cause the days of your boring ol' Windows C bot are over. https://recon.cx/2026/en/trainingAdvancedMalwareRE.html

@TarkabarkaHolgy Heel hammer-kick to balls during sleep -> 2d6 minutes of temporary paralysis

@buherator This VSCode issue can also take some love from the community:

https://github.com/microsoft/vscode/issues/229861

General Devices for Lowering Morale and Creating Confusion

@TheBreadmonkey

“This must be Thursday,' said Arthur to himself, sinking low over his beer. 'I never could get the hang of Thursdays.”

#THHGTTG

[RSS] A gentle introduction to binary analysis and Ghidra's SLEIGH

https://blog.thalium.re/posts/sleigh/

Impacket 0.13.1 is out, with a lot of improvements and some new relay options. https://www.coresecurity.com/blog/whats-new-impacket-0131

FatGid+4
A four-byte type, an eight-byte stride, one root shell. #FreeBSD

https://fatgid.io/

/via @Hetti

Your next AI agent

I love how the Unix commands have such intuitive naming. Like 'find' if you need to find a file, or 'grep' if you need to grep for a string

Part of why I'm baffled and outraged by #AI is because I'm a traditional storyteller. The stories I tell are fascinating to me because they have been told by countless generations. Shaped by every single person who passed them on. In spoken word, person to person, retelling them in the moment with deep attention to their audience's moods and needs. The stories kept changing but they changed through human connection.

Stories are not "content" or "text". They are connection.

#storytelling

How to Treat Sunburn on the Face

@airwhale I never heard that one, is this a Swedish term?

Micropatches released for Windows Accessibility Infrastructure Elevation of Privilege Vulnerability (CVE-2026-24291, CVE-2026-25186, CVE-2026-25187) https://blog.0patch.com/2026/05/micropatches-released-for-windows.html

[RSS] Deep dive into the object creation flow in Windows - PART 4: Handle table internals.

https://winware31.blogspot.com/2026/05/deep-dive-into-object-creation-flow-in_01568126117.html

@tychotithonus My problem is that on Linux they don't even try to connect to the device, and since passkey support on Linux is shit, they essentially disable HW key 2FA for all Linux users. I'm so mad about this.

Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as "YellowKey". The proof of concept for this vulnerability has been made public violating coordinated vulnerability best practices.

I know people here probably don't want to rehash the disclosure discussion for the 683,547,329th time, but fuck Microsoft and this passive aggressive bullshit trying to frame their own interests as "best practices" in a vuln mitigation publication. Your shit is getting torn apart. Act like you've been there before because we all know you have.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45585

@ramin_hal9001 Right, I actually read this one just forgot about it! Thanks for the reminder!