"SIGSEGV with large RSA signatures (>512 bytes)" #OpenDMARC

https://github.com/trusteddomainproject/OpenDMARC/issues/183#issuecomment-4556806007

See, my 768-bit key is actually large!!1

Plugin Contest winners used it. Binarly built award-winning Rust bindings with it. BinSync added an idalib mode for headless pipeline support...

... Now it's your turn.

We're hosting a free virtual workshop on idalib — IDA as a library. Call IDA's analysis engine directly from your own code, automate workflows without launching the GUI, and integrate IDA into any toolchain you're already running.

Free. Virtual. Hands-on.
👉 https://2dgu4h.share-eu1.hsforms.com/2D4ZYPjdCRFODEGRKtMILwQ

We're looking for a cover for the next issue of Phrack!

Retro sci-fi, terminals, dystopian systems, chrome futures, hacker manuals from an alternate timeline.

Make something timeless and strange.

Send your work or idea to arts@phrack.org

Deadline June 30th

Binary hacking is something of an art, and AI has been getting significantly better at it. But do the limitations of our foundational tools, like decompilers, limit their ability to hack? Check out my talk that is now public on the topic:
https://youtu.be/ncYo6ZqSRLw?si=UnKwyKr_WqFdkDnYhttps://youtu.be/ncYo6ZqSRLw?si=UnKwyKr_WqFdkDnY

The new CEO of the Wikimedia Foundation worked at J.P. Morgan and Lehman Brothers. The Foundation has now fired a longtime lead developer and disbanded the team whose job was to listen to volunteers. Most of the people they fired were union organizers. Wikipedia’s editors are now threatening to strike. To stand in solidarity with them, sign the petition:

https://en.wikipedia.org/wiki/Wikipedia:Wiki_Workers_United_solidarity

For more, read on!

(1/2)

Hungary Reverses Decision to Exit International Criminal Court

Hungary withdrew its decision to exit the International Criminal Court, reversing a process initiated by the country’s previous leader, Viktor Orban.

https://www.bloomberg.com/news/articles/2026-05-27/hungary-reverses-decision-to-exit-international-criminal-court

[RSS] Analyzing the Taiwan High-Speed Rail (THSR) TETRA incident (part 1)

https://www.midnightblue.nl/blog/analyzing-the-taiwan-high-speed-rail-thsr-tetra-cyber-incident-part-1

[RSS] Docker Internal[s] (1)

https://u1f383.github.io/linux/2026/05/27/Docker-Internal-1.html

"For this year's (2026) Pwn2Own Berlin, I tried to find vulnerabilities in Docekr but came up with nothing. This post simply documents my research on Docker's system implmentation, since it is quite interesting."

@wdormann @troed To be fair the portable, NoGPU version does work, although I find the startup tutorial highly annoying + save doesn't actually save the file you are editing, so I'm looking for some usable alternative for Windows...

@sassdawe Opening inter-dimensional portals with a script counts as advanced sorcery!

Java code can become overly complex due to unnecessary abstractions.

With Rust on the other hand you can simply open up a portal to the Dimension of Pain while trying to implement an interface.

@mwichary Remember Rule 34... @PavelASamsonov

RE: https://techhub.social/@Techmeme/116641025657009645

Finally... they've been yapping about this for ages now

@troed ImHex

... this other damn thing works, but is "dark mode" only, so I can't see shit :P

The only thing that worked today so far was a debugging sleep().

The year is 2026:
- My Windows VM can't handle more than 2 serial ports
- My hexeditor won't run without a GPU

PRESS RELEASE
Today, our engineering team announced a streamlined editorial workflow powered by the Unix tool sed, enabling instant, consistent replacement of the symbol & with the word “and” across all communications. This improvement strengthens clarity, supports accessibility, and ensures brand‑wide linguistic consistency. By integrating sed into our publishing pipeline, we reaffirm our commitment to precision, efficiency, and high‑quality content delivery.

While everyone was on Holiday we scanned a few thousand hosts for #BadHost (CVE-2026-48710): zero auth required and we found clinical trial databases, email mailboxes, MCP server for SSH industrial IoT via bastion servers, and live PII APIs wide open. The FastAPI/MCP ecosystem is sitting exposed - patch to Starlette 1.0.1 now and check your exposure at https://badhost.org

We paired time travel debugging with an #AI agent on a noisy 7B-instruction ARM64 Android trace.

In ~10 minutes, it traced the MTProto v2 decryption chain down to AES-IGE and correctly described the execution flow.

Full write-up 👇
https://www.eshard.com/blog/telegram-ttd-trace-analysis

You should be reading No One:

https://nooneshappy.com/article/the-ai-bubble/

/via @fugueish