Posts
4234
Following
735
Followers
1631
"I'm interested in all kinds of astronomy."
@electret @lrhodes Honest question: What on Earth made you feel that way? I see absolutely zero indicators of privacy in any mainstream LLM app (similarly to Google/Meta).
1
0
0
@electret @lrhodes It's always been someone else's computer...
2
0
1
@lrhodes So anything written on GDocs or sent to a GMail address is also fair game then?
2
0
2
repeated

CVE-2025-45422: Proximus b-box UPnP Persistence & Access Control Bypass https://github.com/Cedrico03/CVE-2025-45422---Bbox

0
1
0
repeated
Edited 2 days ago

EDIT SIGNUP TO TEST https://desk.parare.al/apps/forms/s/eHC5EaqZTTGe4DSBcS893XYE

So
after 14 months(?) of work
and a lot of frustration
barely knowing what i was doing
i think i made someting special (!)

presenting:

a Wine fork
for Ableton Live 12

on Linux

stable
pixel perfect
vst support
1st class gnome citizen
device hotwire support
low latency audio

tell ur friends 🥹🥹

2
8
0
repeated

How ChatControl passed in the EU parliament.

1
33
0
[RSS] The other kind of control flow guard check: The combined validate and call

https://devblogs.microsoft.com/oldnewthing/20260708-00/?p=112510
0
0
0
[RSS] Reverse-engineering a Neopets shop with 48,000 inventory snapshots

https://danielmay.co.uk/posts/redistributing-billions-neopets/
0
0
1
repeated
Edited 2 days ago
This is in fact

Foxit Foxit Reader Javascript checkbox CBF_Widget code execution vulnerability (CVE-2026-57256)

(Hope this is just a temporary problem with the bot and I don't have to touch the HTML parser :P)

RE: https://infosec.place/objects/48afd31c-35ab-4cfa-b28d-4a27e66c1259
0
0
1
repeated

Cursed circuits #6: reverse avalanche oscillator - https://lcamtuf.coredump.cx/blog/avalanche/

1
1
0
repeated

Project Zero Bot

New Project Zero issue:

Adobe DNG SDK: Heap memory disclosure via LZW-compressed semantic masks rendered through MaskedRGBTables

https://project-zero.issues.chromium.org/issues/514643907

CVE-2026-47963
0
1
0
repeated

Project Zero Bot

New Project Zero issue:

Adobe DNG SDK: Heap memory disclosure via uninitialized MCU buffer in Hasselblad 3FR lossless JPEG decode path

https://project-zero.issues.chromium.org/issues/514249399

CVE-2026-47934
0
1
0
repeated

Project Zero Bot

New Project Zero issue:

Adobe DNG SDK: Heap memory disclosure in ReorderSubTileBlocks due to truncated row block count for clipped strips

https://project-zero.issues.chromium.org/issues/514247216

CVE-2026-47927
0
1
0
repeated

Project Zero Bot

New Project Zero issue:

Adobe DNG SDK: heap buffer overflow in DecodeFPDelta due to missing pixel format validation and non-fatal error handling for semantic mask IFDs

https://project-zero.issues.chromium.org/issues/509923792

CVE-2026-47964
0
1
0
[RSS] Some interesting findings in Windows Defender

https://blog.projectnightcrawler.dev/posts/2026-07-09-some-interesting-findings-in-windows-defender/

Client-side DoS via ADS :)
0
1
0
repeated

Spent my childhood optimizing CONFIG.SYS and AUTOEXEC.BAT to fit everything into 640 KB.

Now one browser tab needs 2 GB of RAM so 17 analytics companies can find out I looked at socks.

12
43
1
repeated

Meta faces $1.4 trillion in damages for hooking kids on purpose. The company's market cap is $1.5 trillion. They're arguing the number is unprecedented in consumer protection history, which is technically true. It's also the first time anyone built a $1 trillion business on deliberately addicting children.

https://gizmodo.com/metas-teen-safety-case-just-became-a-1-4-trillion-existential-threat-2000782306

1
13
0
repeated

If you're just now hearing about GhostLock and looking to fix it, make sure you don't introduce two unpriv-reachable DoSes associated with its fixes. The fix the Linux CNA lists for CVE-2026-43499 introduces a NULL deref, which caused CVE-2026-53166 to be issued. Unfortunately...

1
1
0
Show older