🗯️ + 🔌 =

A few weeks ago, someone reported an obsrvation on the iocaine bug tracker: ClaudeBot appeared to have figured out how to remove the poison ID from poisoned URLs.

That was a worrying development, so I set out to do some experiments in The Lab. I wasn't unprepared for this development, and had a few tricks lined up to address it. I wanted to test which one works.

After two and half weeks of experiments, I'm happy to report that Claude has not started to remove iocaine's poison IDs from URLs. The bot merely fails at the basic task of resolving relative URLs.

Both the built-in script and Nam-Shub of Enki generate relative URLs, and only include the poison ID if the entry URL didn't have one. Thus, whenever ClaudeBot hit a poisoned URL, it failed to resolve the poison-ID less relative URL, and constructed an URL that did not have one.

The straightforward fix for this is to not trust the crawlers to be able to resolve relative URLs.

There's a new Windows 0day LPE that has been disclosed called BlueHammer. The reporter suggests that it's being disclosed due to how MSRC operates these days.

MSRC used to be quite excellent to work with.
But to save money Microsoft fired the skilled people, leaving flowchart followers.
I wouldn't be surprised if Microsoft closed the case after the reporter refused to submit a video of the exploit, since that's apparently an MSRC requirement now. 😂

Anyway, yeah, it works. Maybe not 100% reliably, but well enough...

Thousands of CEOs said AI had no impact on productivity. We use AI to catch 200 bugs/week where we used to find 15, and generate $8M per sales rep.

95% of the company pushed back when we started. At unprompted, Dan Guido explains how our 140-person team went AI-native.
https://www.youtube.com/watch?v=kgwvAyF7qsA

Before its launch, we audited WhatsApp's Private Processing TEEs and found 8 high-severity issues (patched). The enclaves yielded to injected config files, unmeasured ACPI tables, spoofed firmware levels, and stale attestation reports.

TEE security is only as good as the implementation details. Four lessons and the full report: https://blog.trailofbits.com/2026/04/07/what-we-learned-about-tee-security-from-auditing-whatsapps-private-inference/

I've put up the slides from my Zer0Con 2026 presentation on Administrator Protection. https://github.com/tyranid/infosec-presentations/blob/master/Zer0Con/2026/Protecting%20your%20Administrator.pdf

Firefox added split tab views and absolutely killed it. I didn't even know I needed this feature and now I cannot live without it. Awesome work. Right click on a tab and select "Add Split View" to try it out. #mozilla #firefox

If your Open Source project sees a steep increase in number of high quality security reports (mostly done with AI) right now (#curl, Linux kernel, glibc confirmed) please tell me the name of this project.

(I'd like to make a little list for my coming talk on this.)

Is your shitposting quantum ready?

Another Monday, another EITW Fortinet 0day. This is the song that never ends.

Trivy supply chain attack enabled European Commission cloud breach https://www.helpnetsecurity.com/2026/04/03/european-commission-cloud-breach/

The results and all releases are in. You crazy people. ❤️
https://www.pouet.net/party_results.php?which=1550&when=2026&font=4
https://files.scene.org/view/parties/2026/revision26/info/results.txt