Posts
4263
Following
738
Followers
1632
"I'm interested in all kinds of astronomy."
repeated

Oh dear the entire https://www.lyonlabs.org site is offline *and* excluded from archive.org.

It's a massive archive of vintage and modern GEOS and C64 material a lot of it seemingly not found elsewhere.

1
2
0
repeated

Google research created a dataset with rainbow tables for NetNTLMv1 with the 1122334455667788 challenge.
https://research.google/resources/datasets/
Dataset is available for download at:
▪️https://console.cloud.google.com/storage/browser/net-ntlmv1-tables [Login required]
▪️gs://net-ntlmv1-tables

1
3
0
repeated

hmmmm idk about this verification method Discord is offering

2
6
0
repeated

TrendAI Zero Day Initiative

It's the final Patch Tuesday of 2025! and took it easy on us with a smaller release, but there's 1 0-day being exploited & an Exchange bug reported by the NSA. @dustin_childs fills you in on the details & where to focus your priorities. https://www.zerodayinitiative.com/blog/2025/12/9/the-december-2025-security-update-review

0
2
0
repeated

i finally gave in and started using uv to manage the dependencies for my Python scripts and it’s great https://jvns.ca/til/python-inline-dependencies/

4
2
1
Edited 7 months ago
I recently posted about looking for an artist and got a bunch of replies.

Problem is 1) there are many obvious bots 2) those who are likely not bots also seem to use LLM/templates to communicate, making them look like bots.

If you don't want to get reported, use your own voice!

#fedihire
0
1
1
repeated

Phrack #72 PUZZLE CHALLENGE >>> WALKTHROUGH <<< is OUT.

Everyone who did not find the hidden secrets in the hardcopy release: This is your chance.

♥️ Stay curious and live forever ♥️

http://phrack.org/dl/72/puzzle-challenge.pdf

0
4
0
repeated

We derestricted a number of vulnerabilities found by Big Sleep in JavaScriptCore today: https://issuetracker.google.com/issues?q=componentid:1836411%20title:JavascriptCore

All of them were fixed in the iOS 26.1 (and equivalent) update last month. Definitely some cool bugs in there!

0
3
0
repeated

V8 now has a (experimental) JS bytecode verifier!

IMO a good example for the benefits of the V8 Sandbox architecture:
- Hard: verify that bytecode is correct (no memory corruption)
- Easier: verify that it is secure (no out-of-sandbox memory corruption)

The sandbox basically separates correctness from security.

More details: https://docs.google.com/document/d/1UUooVKUvf1zDobG34VDVuLsjoKZd-CeSuhvBcLysc7U/edit?usp=sharing

Implementation: https://source.chromium.org/chromium/chromium/src/+/main:v8/src/sandbox/bytecode-verifier.cc

0
3
0
repeated

American IT software company Ivanti warned customers today to patch a newly disclosed vulnerability in its Endpoint Manager (EPM) solution that could allow attackers to execute code remotely.

https://www.bleepingcomputer.com/news/security/ivanti-warns-of-critical-endpoint-manager-code-execution-flaw/

1
2
0
repeated

Gandi disabled my U2F keys without warning. This sort of incompetence is why I moved all my domains away from them earlier this year (to Namecheap; Porkbun was runner-up).

1
3
0
repeated

Day 9 of Advent of Compiler Optimisations!

Loop with `i * i` inside? Surely the compiler replaces that expensive multiply with clever addition tricks — like manually tracking an accumulator. But no! The compiler keeps the multiply because it enables something more valuable. Why is "more expensive per iteration" sometimes faster overall? The answer lies in how modern CPUs actually execute code.

Read more: https://xania.org/202512/09-induction-variables
Watch: https://youtu.be/vZk7Br6Vh1U

0
4
0
repeated
repeated

Project Zero Bot

New Project Zero issue:

Windows: Administrator Protection UI Access Shared Profile EoP

https://project-zero.issues.chromium.org/issues/437868751

CVE-2025-60721
0
1
0
repeated

Does your cybersecurity awareness training contain any hacklore?

I’m collecting examples of hacklore in the wild. Whether it’s training slides, quiz questions, or instructions that focus on rare threats instead of the ones causing the most real-world harm, I want to see it all.

Post some screenshots or notes here, or email them to "info" at hacklore.org. Let’s help organizations replace stale guidance with advice that truly keeps people safe.

3
7
0
I updated the structure of the #Ghidra documentation that I host so now you can access the latest of both version 11.x and 12.x:

https://scrapco.de/ghidra_docs/

I'm still looking for the docs of the new features in 12. If you think something is missing from the web that is available in the source lmk!
0
0
3
repeated
Edited 7 months ago

Do I know anyone working on freedesktop.org / mesa? A security contact would be ideal :)

Edit: Resolved

1
5
0
GitHub Actions Has a Package Manager, and It Might Be the Worst

https://nesbitt.io/2025/12/06/github-actions-package-manager.html
0
1
3
repeated
repeated

okay so like a month ago @trashpanda sent me one of those 'spycam finder' doodads that you see going for like 80-100 dollars online that supposedly 'find spy cameras and gps trackers'. I've always been curious if they actually work or whats inside. So I just tore the thing open and this is what I found:

7
4
0
Show older