🌪️Heads up speakers: TyphoonCon 2025 Call for Papers is now open! https://typhooncon.com/call-for-papers-2025/

Missed the first round of RE//verse ticket sales? Don’t worry—we’re back with another round on December 1st! In the meantime, stay in the loop and be the first to know when tickets go live again by joining our mailing list here: https://re-verse.us13.list-manage.com/subscribe?u=6dcc880ba666c9187461a2462&id=5285601ec7

Debugging an OpenJDK crash on SPARC

https://ptribble.blogspot.com/2024/11/debugging-openjdk-crash-on-sparc.html

(with apologies for the fonts and formatting)

CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
Not quite hot, but I was stuck in meetings. CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

• CVE-2024-9463 (9.9 critical) Palo Alto Networks Expedition OS Command Injection Vulnerability
• CVE-2024-9465 (9.2 critical) Palo Alto Networks Expedition SQL Injection Vulnerability

#cisa #cisakev #vulnerability #kev #knownexploitedvulnerabilitiescatalog #CVE_2024_9463 #CVE_2024_9465 #cve #paloaltonetworks #pan #infosec #cybersecurity

The Onion acquiring Infowars with their bid backed by the actual families of Sandy Hook victims and aiming to use it to raise awareness about gun violence wasn't on my 2024 bingo card, but can't really complain about this turn of events.

"The Onion acquired the conspiracy theory platform’s website; social media accounts; studio in Austin, Texas; trademarks; and video archive. The sale price was not immediately disclosed. The Onion said its “exclusive launch advertiser” will be the gun violence prevention organization Everytown for Gun Safety. "

https://abcnews.go.com/Business/wireStory/satire-slinger-onion-buys-alex-jones-infowars-auction-115858173

#InfoWars #TheOnion #AlexJones #news

This meeting could have been a blood ritual in the woods.

Thanks to the efforts of @yossarian, @di, Facundo Tuesca and yours truly, we have PEP 740 attestations available on PyPI.

If you use modern pypi-publish with trusted publishing, your dists are signed automatically by default.

https://blog.pypi.org/posts/2024-11-14-pypi-now-supports-digital-attestations/

#Python #Packaging #sigstore

https://security.googleblog.com/2024/11/new-real-time-protections-on-Android.html

cool, all you need to do is LET GOOGLE FUCKING EAVESDROP ON YOUR PHONECALLS TO TRAIN ITS AI

Love Kagi Search? The best way to help is simply sharing it! Tell friends why you love it, show them how it works, help them explore the difference and benefits.

Word of mouth is how meaningful products become movements 💪

#AdFree #deGoogle

Security researcher Cristian Cornea authored a fake ransomware builder dubbed Jinn ransomware builder.

It was a fake Builder — it was actually a payload.

It infected over 100 people on Breached.

https://corneacristian.medium.com/how-i-hacked-100-hackers-5c3c313e8a1a

#Bitdefender's website is tracking me with 27 cookies – including TikTok. How can anyone trust a company that willingly hands over my privacy to multiple entities? #antivirus

Analyzing Firefox Animation CVE-2024-9680 https://dimitrifourny.github.io/2024/11/14/firefox-animation-cve-2024-9680.html

Wow Intel SGX and Sub-Page Protection exploded at the same time yesterday. The latter is so broken Intel removes it from all future processors. 👀

We've released #LibAFL 0.14 with an afl-fuzz rewrite in #LibAFL, better QEMU, FRIDA scripting, intel_pt tracing support and more!
Check it out:

https://github.com/AFLplusplus/LibAFL/releases/tag/0.14.0