[RSS] CVE-2026-2103 - Infor Syteline ERP - Keys Included: No Assembly Required

https://blog.blacklanternsecurity.com/p/cve-2026-2103-infor-syteline-erp

I am losing it at how many of my peers have forgotten what software engineering is. It is not typing in lines of code.

git ass

i'm making a #QBasic game using mode 13h, 320x200 8bpp. i'm using the line doubling feature of the VGA card to make it 320x100 then manually doubling each pixel horizontally for 160x100

i realized i could use a palette with 3 bits red/green and 2 blue, and then do "subpixel" dither to generate the in between colors. i made a converter to test if that would look good, and it does

here's a thread of images showing what that looks like

1/5

#PixelArt #QBasic #dos #RetroComputing #RetroDev

The latest Hacklore newsletter is out. Be sure to subscribe!

Boost for reach! 🙏

https://buttondown.com/hacklore/archive/hacklore-the-valentines-day-edition/

Dear FOSS maintainers,

here’s a list of funding programs currently accepting proposals for maintenance work:

Codeberg: https://codeberg.org/mechko/awesome-maintainer-funding

GitHub: https://github.com/mechko/awesome-maintainer-funding

Thanks to everyone who helped crowdsource it! I’ll keep it updated, issues and PRs are very welcome :)

#opensource #funding #maintenance #foss

First research in a while! Here's my brain dump on reverse-engineering and auditing Lenovo Vantage. In total, I found four (4) vulns. Check out the post and my custom tooling if you're interested.

https://mkiesel.ch/posts/lenovo-vantage/

BMW’s latest “innovation” isn’t about performance or safety. It’s a logo-shaped screw designed to keep owners out of their own cars. We dug into the patent, the intent behind it, and why Adafruit is already working on a custom bit to undo BMW’s attempt to block repair. Learn more at the link below.

http://ifixit.com/News/115528/bmws-newest-innovation-is-a-logo-shaped-middle-finger-to-right-to-repair
—
#iFixit #RightoRepair #FixTheWorld

In a joint security notice BfV & BSI warn that a likely state-controlled threat actor is conducting phishing attacks via messaging services such as Signal. The targets are high-ranking individuals in politics, military & diplomacy and investigative journalists in Germany & Europe. https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2026/202602_BfV_BSI_Sicherheitshinweis.html

[RSS] Memory Integrity Enforcement (MIE) on iOS Deep Dive - Part 1 - 8kSec

https://8ksec.io/mie-deep-dive-kernel/

Me: *drinks coffee*
My brain: DRINK MORE COFFEE!!!1

Due to $reasons I came across this blogpost https://www.elttam.com/blog/env/ about turning ENV variables into code execution which is nice. But the Python vector is depending on Perl, I didn't like that :P.

Digging a bit deeper in the code often helps, so it did this time:

Looking at https://github.com/python/cpython/blob/d73634935cb9ce00a57dcacbd2e56371e4c18451/Lib/webbrowser.py#L51-L52 I could simplify the payload to:

PYTHONWARNINGS='module::antigravity.'  BROWSER='sh -c id #%s' python whatever.py

Good news!
We kept aside a few more bundles of training+conference ticket.
To secure your place, send an email to tickets@offensivecon.org or DM us on socials.
Be quick..

Good update to the MSRC leaderboards now that everything is in scope by default: https://www.microsoft.com/en-us/msrc/blog/2026/02/points-to-payouts-evolution-of-microsoft-security-researcher-leaderboard

LLMs are the anti-vax of software and engineering ;-)

In this video, I'm analyzing a really confusing dialog on macOS. Let's dig a bit deeper into what it should do and what it's actually doing. #reverseengineering

https://youtu.be/P7hYg2GpsTk

Recently I switched my music experience from SoundCloud to Bandcamp. I went through my playlists, albums and likes and bought matching tracks on Bandcamp.

At some point I want to delete my SoundCloud account. As they do not offer a data export feature (against GDPR) I created this project to make the export: https://codeberg.org/janikvonrotz/export-soundcloud-data

#SoundCloud #BandCamp #BandCampFriday #stopUsingSpotify #StopUsingSoundCloud #Data #datahoarder #archiving

On the ethical obligation to use LLMs for vulnerability research: https://addisoncrump.info/research/a-horrible-conclusion/

Interesting links of the week:

Strategy:

* https://x-c3ll.github.io/posts/Rant-Red-Team/ - @XC3LL talks red teaming trends
* https://arstechnica.com/security/2026/01/county-pays-600000-to-pentesters-it-arrested-for-assessing-courthouse-security/ - finally settled, the poor testers with a faulty get out of jail card

Threats:

* https://stratcomcoe.org/pdfjs/?file=/publications/download/Social-Media-Manipulation-FINAL-FILE.pdf?zoom=page-fit - STRATCOM talks influence operations
* https://github.com/blackorbird/APT_REPORT/blob/master/summary%2F2026%2F2025%20Global%20APT%20Threat%20Research%20Report.pdf - threat research report from Qihoo 360
* https://www.greynoise.io/blog/unmasking-cisas-hidden-kev-ransomware-updates - @greynoise discuss hidden signals in KEV
* https://www.rapid7.com/blog/post/tr-chrysalis-backdoor-dive-into-lotus-blossoms-toolkit/ - @rapid7's excellent analysis of notepad++
* https://community.plone.org/t/plone-security-advisory-20260116-attempted-code-insertions-into-github-pull-requests/22770/7 - another supply chain woopsie
* https://cert.pl/en/posts/2026/01/incident-report-energy-sector-2025/ - reporting on the .pl power problems
* https://zenodo.org/records/18444900 - content based risk analysis of Moltbook (not for the faint-hearted)

Detection:

* https://zeek.org/2026/01/how-to-use-ja4-network-fingerprints-in-zeek/ - @zeek discuss how to leverage JA4
* https://blog.jmhill.me/deploying-an-opencti-osint-stack-for-cybersecurity-research/ - @jmhill describes how to deploy OpenCTI
* https://www.huntress.com/blog/ldap-active-directory-detection-part-four - the latest of @huntress's excellent blogs on what an attack on LDAP can actually look like
* https://leanpub.com/suri_operator - @da_667's survivors guide to @suricata

Bugs:

* https://labs.watchtowr.com/someone-knows-bash-far-too-well-and-we-love-it-ivanti-epmm-pre-auth-rces-cve-2026-1281-cve-2026-1340/ - @index continue their streak of popping fun bugs in the wild
* https://zeroleaks.ai/reports/openclaw-analysis.pdf - nice technical write up on OpenClaw

Exploitation:

* https://scriptjunkie.us/2026/01/tracking-signal-identifiers/ - leaking Signal IDs from @sj
* https://splintersfury.github.io/mal_blog/post/netfilter_driver/ - reversing Netfilter
* https://alfiecg.uk/2024/09/24/Kernel-exploit.html - Alfie pops iOS
* https://secure.dev/securing_ggml_rpc.html - attack and defend on GGML

Hard hacks:

* https://hexkyz.blogspot.com/2021/11/je-ne-sais-quoi-falcons-over-horizon.html - an oldie on popping NVIDIA's Falcon

Hardening:

* https://itsfoss.com/news/amutable-linux-security/ - @pid_eins triggers systemctl restart
* https://fosdem.org/2026/schedule/event/EW8M3R-island/ - how to get land locked

#security, #research

It's great to see #EU open tech initiatives popping up, but somehow it feels like we are just **terrible** at making ourselves visible, esp. compared to US.

Like how is anyone supposed find this (otherwise great) project - named "docs" - using a search engine?

https://github.com/suitenumerique/docs/

Even assuming I find this project, how do I search for anything related to it (e.g. install guide)?

Why is the homepage in French by default, without a clearly visible language switcher (also looking at you, @Framasoft )?