We’ve always had a problem with least privilege, but users needed to be owned for it to visibly hurt the enterprise.

Kevin didn’t know what to do with the extra creds, but his agent will.

Maybe the first run of the “paperclip” problem will be agents wiping shares to save us..

Okay these "Background Security Improvements" are definitely worse than RSRs. They show up at random times in your Settings app, and if you tap anywhere else, they disappear immediately. You can find them again, but they're not under Software Updates where they should be, but under Privacy & Security > Background Security Improvements, which also does not seem to show up in search.

EDIT: HOLY SHIT I have to enable "Automatically Install" in order to even be allowed to download them MANUALLY?! And there's no progress indicator either?? Whoever approved this should be hurled into the sea.

Fixing a Buffer Overflow in UNIX v4 Like It’s 1973

https://sigma-star.at/blog/2025/12/unix-v4-buffer-overflow/

Exploit su on a PDP-11 :)

🚨 We are extending the deadline for our Volume 5 Call For Papers and its Rootkit Competition!

Check out the updated dates below:

→ https://tmpout.sh/blog/vol5-cfp.html (until May 1st 2026)
→ https://tmpout.sh/blog/vol5-rootkit-competition.html (until May 31st 2026)

We are looking forward to reading your work!

Whenever I use Chrome to debug a modern website, it's so funny to see all the requests usually blocked by my normal setup. It's like watching a fish being released back into the sea, swimming happily, gobbling up all the data and sending telemetry out to the other fish.

AI is going great at MS:

"You will see us be more intentional about how and where Copilot integrates across Windows [...] we are reducing unnecessary Copilot entry points, starting with apps like Snipping Tool, Photos, Widgets and Notepad"

To tilt Hungarian election, Russians proposed staging assassination attempt - The Washington Post

https://archive.ph/f8zdV

Great, I finally get myself to learn a Python project management tool then it immediately gets slurped up by OpenAI :P

https://simonw.substack.com/p/thoughts-on-openai-acquiring-astral

Since I read the JPL coding manual I'm always very considerate before introducing an infinite loop.

Then I usually decide that "it's fine, this is not a spaceship" and forget to implement the exit path.

"Intego X9: Never trust my updates"

Read @coiffeur0x90's research showing how XPC interprocess communications and the update mechanism of the Intego antivirus for MacOS can be abused for local privilege escalation.

https://blog.quarkslab.com/intego_lpe_macos_3.html

Call me crazy, but there are times when I think that ChatGPT sprinkling in knowledge about what I normally ask is... not useful.

This is from a question I asked about grease.

Chuck Norris didn't die, he just roundhouse kicked all of us into this shit timeline :(

R.I.P.

CVE-2026-20963 Sharepoint Insecure Deserialization 8.8/10

Weekend soon. Where @watchTowr blog? Need lolz. I can has?

Remote development mode in @zed is true killer feature! Previously I highlighted its usefulness for x-platform Rust dev, but now I'm using it instead of devcontainers to develop some not-very-trustworthy Python stuff.

Debugging worked out-of-the-box, I only had some trouble figuring out that LSP is not available until I mark the remote project as Trusted too.

Today is #iocaine 3.3.0 release day.

I'd like if it included a Grafana dashboard for the built-in script. But I'm yet to build one. It's very similar in shape to NSoE's, mind you... but I'd still need to do some work on it.

I've been postponing this since forever. But this is likely going to be the last 3.x release, I really, really should.

I'll go grind some spoons¹, and see if I can manage.

---

1. Well, hello there The Pitt S02E11! ↩︎

"There are repairs to be done, sometimes, both up there and down here."

A new page of my comic Ekphrasis, which you can read for free at https://ekphrasiscomic.neocities.org/

SWIMSUIT/APPLE01.GIF

Let Me Explain How a State Actor Could Perform a Denial-of-Service Attack on the Entire UK Government in the Wake of Ofcom “Online Safety Act” Client-Side Scanning
https://alecmuffett.com/article/150401
#ClientSideScanning #NationalSecurity #OnlineSafetyAct #PhotoDna #censorship #surveillance

Final report on last year's Iberian blackout has been released, including this very interesting diagram showing the contributing factors

https://eepublicdownloads.blob.core.windows.net/public-cdn-container/clean-documents/Publications/2025/iberian-blackout/Final%20Report%20on%20the%20Grid%20Incident%20in%20Spain%20and%20Portugal%20on%2028%20April%202025.pdf

Super weird experience: have #Microsoft #Copilot 365 installed on iOS connected to an “Enterprise Tenant”.

This morning I get an urgent alert from Copilot 365, I click on it and there’s a web query for “Tell me the latest trends in IT jobs” running which I never asked for.

I stop it and prompt: “I never asked for this”.

Reply: “Sorry for overstepping and running queries without being prompted”

WTF?!?!?

This is literally a “kill them all with fire, salt the ashes and, for good measure, flood the area.”