got a fun reply yesterday that was like "yeah I can't believe people are taking such a lax approach to verifying the behaviour of software especially if they use LLMs. we never would have done this when I worked at <well known arms manufacturer>"

Managed to set up cross-platform #Rust development environment with @zed using Windows as a remote host. Some tips:

* You have to let Zed proxy through the Windows firewall (I just disabled it as usual, since this is a lab network)
* The default cmd.exe shell doesn't seem to work with remote tasks (I suspect character escaping error), you have to explicitly set powershell.exe

I was initially concerned about usual Windows SSH shenanigans, but surprisingly my config (with jumphost and an agent) worked flawlessly from Linux.

h/t @raptor for the tip!

Frida 17.8.0 dropped with frida-strace syscall tracing on Android & iOS, no jailbreak required 🙌 https://github.com/frida/frida/releases/tag/17.8.2

A very detailed tutorial from "Joaquin Pinillos"

Walk x86-64 page tables by hand in qemu and gdb. Decompose a virtual address, follow cr3 through all levels of physical memory, and extract a flag from raw bytes.

https://github.com/jazho76/page_table_walk

#reverseengineering #linux #ctf

Battlefield: Budapest - An Unprecedented Russian Operation to Influence the Hungarian Elections

https://eurazsiaijegyzetek.substack.com/p/battlefield-budapest-an-unprecedented

RegPwn was a Windows 0-day that we were using for LPE in our Red Team for a year (discovered by Filip D. In January 2025). Unfortunately it got fixed 🥲

Good bye RegPwn 🫡

https://www.mdsec.co.uk/2026/03/rip-regpwn/

An update to our bug bounty policy: https://attackanddefense.dev/2026/03/13/bug-bounty-program-updates-2026.html

RegPwn - Windows LPE vulnerability (now fixed) https://www.mdsec.co.uk/2026/03/rip-regpwn/

This timeline is truly amazing:

There is an ongoing case in front of the #EU Curia to test #copyright laws vs LLMs:

https://infocuria.curia.europa.eu/tabs/document?source=document&text=&docid=301042&pageIndex=0&doclang=en&mode=doc&dir=&occ=first&cid=489283

This would be pretty boring, BUT the case is based on a story of this guy who became a singer celebrity in the '90s in #Hungary, then a few years ago he gave an interview sky-high on cocaine talking about the awesome dolphins in lake Balaton:

https://www.youtube.com/watch?v=kxkiM635LMk

(there are no dolphins in Balaton)

Being the self-promotion genius he is, he actually kept on promoting the deployment of dolphins to Balaton, and (copyrighted) reports of this activity are now part of the court case! Naturally, he also wrote a song about the topic:

https://www.youtube.com/watch?v=mUJXhAjZQ7A

#Kozsó

AI is the Best Thing to Happen to Art

https://geohot.github.io/blog/jekyll/update/2026/02/19/ai-art.html

(See also: photography vs painting)

"AI is giving attackers a huge advantage!"

"Yes, it is. It's amazing how quickly it has destroyed dev, sec, ops, management, company missions and priorities, regulations, information literacy, and civil society, making everyone more vulnerable."

"I traced $2 billion in nonprofit grants and 45 states of lobbying records to figure out who's behind the age verification bills."

https://web.archive.org/web/20260313090844/https://www.reddit.com/r/linux/comments/1rshc1f/i_traced_2_billion_in_nonprofit_grants_and_45/

https://github.com/upper-up/meta-lobbying-and-other-findings

Spoiler: It's Meta.

Kagi's Small Web just got a big upgrade! Introducing browser extensions, mobile apps and categories:

https://blog.kagi.com/small-web-updates

#Kagi #SmallWeb #Blogs #Apps

RE: https://hachyderm.io/@pheonix/116221805295722939

#Meta only exists for two reasons:

- Money
- Info gathering on everyone for reason 1

Wrote down everything I wish I knew earlier about Python supply chain security. Hash pinning, pip-audit, SBOMs, trusted publishing — the whole thing. Enjoy 🐍🔒https://bernat.tech/posts/securing-python-supply-chain/

What we get upset about. Cartoon for Dutch newspaper Trouw: https://www.trouw.nl/cartoons/tjeerd-royaards~bcb45712/

#GasPrices #oil #OilPrices #Iran

"There are, of course, an infinity of variations to that single routine."

A new page of my comic Ekphrasis, which you can read for free at https://ekphrasiscomic.neocities.org/.

Remote Pre-Auth Buffer Overflow in GNU Inetutils telnetd (LINEMODE SLC)

https://seclists.org/oss-sec/2026/q1/300

#NoCVE yet?

[RSS] Archive of classic reverse engineering tutorials (Armadillo, ASProtect, Themida, SoftICE era)

https://github.com/Show0ne/archivo-syxe05-snat