You know what, I'm kind of OK with the #Firefox AI opt-whatever solution they have

...compared to the fact that they kill all my sessions by a forced fucking restart when I try to act responsibly and update.

That's fucking outrageous!

Wow, Blogspot seems to have a massive spam problem!

Log4j, *the* project that escalated the need for funding open source in the first place, is currently being DOS’d by slop vulnerability reports. Well done everyone. Slow fucking clap.

https://github.com/apache/logging-log4j2/discussions/4052

#curl is secured for the billions - the steps we take. There is no silver bullet. No magic solution. Just plain engineering and doing everything as good as we can and to keep tightening every bolt there is.

(slide for upcoming presentation)

What Windows Server 2025 Quietly Did to Your NTLM Relay https://decoder.cloud/2026/02/25/what-windows-server-2025-quietly-did-to-your-ntlm-relay/

LOGOS/ASTLOGO.GIF

Want to learn more about Chrome exploitation?

In our latest article, we break down two critical Android GPU driver vulnerabilities that enabled Chrome sandbox escape from a compromised renderer and were used in full device exploit chains. Read the full technical analysis here: https://ssd-disclosure.com/chrome-gpu-sandbox-escape-via-qualcomm-adreno-and-arm-mali-gpu-drivers/

I just realized that my cyclomatic complexity calculator breaks with PyGhidra so I pushed some fixes:

https://github.com/v-p-b/rabbithole

#Ghidra #ReverseEngineering

I found this Veratasium documentary on the xz Jia Tan backdoor adventure quite good and surprisingly detailed:

https://www.youtube.com/watch?v=aoag03mSuXQ

This is really a "WTF how could they ever think this is a good idea?" kind of vulnerability. Usually the kind of stuff you get from shady, incompetent startups, but this is Google...
https://trufflesecurity.com/blog/google-api-keys-werent-secrets-but-then-gemini-changed-the-rules

The package of my toothpaste says "95% Natural Origin".

5% of my toothpaste is supernatural :O

In the Future All Food Will Be Cooked in a Microwave, and if You Can’t Deal With That Then You Need to Get Out of the Kitchen

https://www.colincornaby.me/2025/08/in-the-future-all-food-will-be-cooked-in-a-microwave-and-if-you-cant-deal-with-that-then-you-need-to-get-out-of-the-kitchen/

The truth about "free" search and why it's a trap:

https://www.youtube.com/shorts/IrGegzLXRUk

#Kagi #Search

from my link log —

Turing completeness of GNU find: from mkdir-assisted loops to standalone computation.

https://arxiv.org/abs/2602.20762

saved 2026-02-25 https://dotat.at/:/XR86F.html

Signficant segments of the tech industry think we’re months away from not needing to review LLM-agent code anymore.

I just reviewed an LLM-generated PR in which it quietly switched two out of 100 calls to the get_customer_data() function to the variant that doesn’t check that the customer owns the requested data.

I’m sure this is fine.

Is it possible/reasonable to compile @fridadotre with V8 in 2026? (I just reported a couple of QuickJS bugs that are blockers for me)

If so, are there any documentation available about the build process or is that knowledge lost to bitrot?

#Frida #ReverseEngineering

[ZDI-26-124|CVE-2025-15060] claude-hovercraft executeClaudeCode Command Injection Remote Code Execution Vulnerability (CVSS 9.8; Credit: Peter Girnus of Trend Research) https://zerodayinitiative.com/advisories/ZDI-26-124/

Today's oofness is on us :(:

https://blog.talosintelligence.com/uat-8616-sd-wan/

#threatintel, #sdwan

And so but anyway, did I ever tell you about my most humiliating experience as a skilled and successful computer programmer?

How many people know that #WordPress was co-founded by a black man, Mike Little?

Or that he's from the north of England? A self-taught coder from #Stockport, just south of #Manchester? Or that he never received so much as a share, cent or job offer from the $7bn+ valued Automattic after spending five months working exclusively with Matt Mullenweg on the B2 fork?

After @bevangelist told me about @mikelittle I interviewed him for a documentary I never got round to making. Back then I was left with two certainties: he's Wozniak to Mullenweg's Jobs. Among other things he added the one-click upgrade that's been central to WP's bonkers 45%-of-the-web-success. And he's one of the nicest people I've ever interviewed, which is also bonkers given that he not only didn't share in WP's financial success, but that he's barely known.

But he should be - so, better late than never - please meet #MikeLittle, perhaps the most-influential-least-known person in #foss… https://25.netribution.co.uk/nic/mike-little-the-british-co-founder-of-wordpress-youve-probably-never-heard-of/