🧮 USERS:1 FEEDS:2 TWTS:1326 ARCHIVED:86801 CACHE:2903 FOLLOWERS:22 FOLLOWING:14
↳
In-reply-to
»
Finally I propose that we increase the Twt Hash length from
⤋ Read More
7 to 12 and use the first 12 characters of the base32 encoded blake2b hash. This will solve two problems, the fact that all hashes today either end in q or a (oops) 😅 And increasing the Twt Hash size will ensure that we never run into the chance of collision for ions to come. Chances of a 50% collision with 64 bits / 12 characters is roughly ~12.44B Twts. That ought to be enough! -- I also propose that we modify all our clients and make this change from the 1st July 2025, which will be Yarn.social's 5th birthday and 5 years since I started this whole project and endeavour! 😱 #Twtxt #Update
@eapl.me@eapl.me I honestly believe you are overreacting here a little bit 🤣 I completely emphasize with you, it can be pretty tough to feel part of a community at times and run a project with a kind of “democracy” or “vote by committee”. But one thing that life has taught me about open source projects and especially decentralised ecosystems is that this doesn’t really work.
It isn’t that I’ve not considered all the other options on the table (which can still be), it’s just that I’ve made a decision as the project lead that largely helped trigger a rebirth of the use of Twtxt back in July 1 2020. There are good reasons not to change the threading model right now, as the changes being proposed are quite disruptive and don’t consider all the possible things that could go wrong.
We havet an AI assistant at work, new version came out today “nearby restaurant recommendations” mentioned. Gotta try that!
Ask it where I can get a burger, knowing there’s 3 spots that had it on the menu, AI says there’s none. Ask it to list all the restaurants nearby it can check… it knows 3, of the 10 or so around, but 1/3, even has a burger, on the menu.
Ask it to list the whole menu at restaurant 1: it hallucinates random meals, none of which they had (I ate there).
Restaurant 2 (the one most people go to, so they must have at least tested it with this one): it lists the soup of the day and ¾ meals available. Incomplete, but better than false.
Restaurant 3: it says “food” and gives a general description of food. You have to be fucking kidding me!
“BuT cAnInE, tHe A(G)i ReVoLuTiOn Is NoW”
Meson 1.8.0 released
Version 1.8.0
of the Meson build system has
been released. Notable changes in this release include the ability to
run rustdoc for Rust projects, support for the c2y and gnu2y
compiler options, and a new argument ( android_exe_type) that
makes it possible to use the same meson.build file for
Android and non-Android systems. ⌘ Read more
Security updates for Tuesday
Security updates have been issued by AlmaLinux (glibc, php:8.1, and thunderbird), Debian (libreoffice), Fedora (caddy), Mageia (chromium-browser-stable), Red Hat (php:8.1), SUSE (glow), and Ubuntu (kicad, linux-aws-5.15, linux-azure-nvidia, linux-gcp-5.15, mistral, python-mistral-lib, tomcat8, and trafficserver). ⌘ Read more
Automating Information Gathering for Ethical Hackers — AutoRecon Tutorial
Here’s how Autorecon automates the recon phase and gives you faster, cleaner results in your penetration tests.
[Continue reading o … ⌘ Read more
How I Set Up a Free Server That I’ll Never Have to Pay For
About one year ago, after my Amazon Web Services and Google Cloud trials expired, I started looking for other free cloud services.
[Continue reading on InfoSec Write-ups »]( … ⌘ Read more
**WooCommerce Users Beware: Fake Patch Phishing Campaign Unleashes Site Backdoors **
Imagine this: you’re running your WooCommerce store, sipping coffee ☕, and an urgent email lands in your inbox. It scr … ⌘ Read more
** JWT, Meet Me Outside: How I Decoded, Re-Signed, and Owned the App **
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/jwt-meet-me-outside-how-i-decoded-re-signed-and-owned-the-app-95791eabcf5d? … ⌘ Read more
**Hackers Exploit Craft CMS Flaws: A Deep Dive into CVE-2025–32432 **
Imagine running a sleek website powered by Craft CMS, only to discover that hackers have slipped through the digital backdoor, wreaking…
[Continue reading on Info … ⌘ Read more
$300 Google Cloud Free Trial: Create Your First VM
Non-members can read this article for free using this link.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/300-google-cloud-free-trial-create-your-first-vm-5a12b6821b0f?source=r … ⌘ Read more
**Master Spring Boot APIs Like a Pro: Skills That Distinguish Good Developers from Great Ones **
In the fast-moving world of backend development, it’s no longer enough to … ⌘ Read more
Mastering Java Records: The Ultimate Guide to Cleaner, Faster, and Immutable Code
Introduction
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/mastering-java-records-the … ⌘ Read more
** Microsoft Fortifies MSA Signing Infrastructure with Azure Confidential VMs After Storm-0558…**
In the ever-evolving cyber threat landscape, 2023 saw one of the most talked-ab … ⌘ Read more
** CloudImposer: How a Malicious PyPI Package Could’ve Hijacked Google Cloud Composer**
In early 2025, a critical vulnerability in Google Cloud Platform’s (GCP) Cloud Composer service came to light, … ⌘ Read more
**DslogdRAT Malware: A Sneaky Cyberattack Exploiting Ivanti ICS Zero-Day **
Buckle up, cybersecurity enthusiasts! 🚀 A new villain has entered the digital stage: DslogdRAT, a stealthy malware that’s been causing…
[Continue r … ⌘ Read more
🧮 USERS:1 FEEDS:2 TWTS:1325 ARCHIVED:86778 CACHE:2902 FOLLOWERS:22 FOLLOWING:14
Gaza blockade depletes World Food Programme stocks + 1 more story
North Korea confirms sending troops to Russia as a defense pact; Gaza blockade leaves World Food Programme out of supplies, risking starvation for millions. ⌘ Read more
Security updates for Monday
Security updates have been issued by AlmaLinux (thunderbird), Debian (distro-info-data, imagemagick, kernel, libsoup2.4, and poppler), Fedora (chromium, java-1.8.0-openjdk, java-1.8.0-openjdk-portable, java-17-openjdk, java-17-openjdk-portable, java-latest-openjdk, pgadmin4, thunderbird, and xz), Mageia (haproxy and libxml2), Oracle (bluez, firefox, gnutls, libtasn1, libxslt, mod_auth_openidc:2.3, ruby:3.1, thunderbird, and xmlrpc-c), Red Hat (delve and golang, glibc, mod_auth_o … ⌘ Read more
☁️How to Setup a Custom Subdomain on xss.ht — A Complete Hacker’s Guide
Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/%EF%B8%8Fhow-to-setup-a-custom-subdom … ⌘ Read more
$500 Bounty: For a Simple Open Redirect
How a Language Chooser Flaw Led to Open Redirect and Server Issues on HackerOne
** Login? Who Needs That? Bypassing OAuth Like a Lazy Hacker on Sunday ☀️**
Free Link🎈
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/login-who-needs-that-bypassing-oauth-like-a- … ⌘ Read more
** How to Turn Cybersecurity Into a Full-Time Income (My Blueprint)**
💡Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-to-turn-cybersecurity-into-a-full-time-income-my-blueprint-f4d70 … ⌘ Read more
** Rack::Static Vulnerability Exposes Ruby Servers to Data Breaches! **
Hold onto your keyboards, Ruby developers! 😱 A critical security flaw in the Rack::Static middleware has been uncovered, potentially…
[Continue reading on InfoS … ⌘ Read more
簡潔架構設計:如何設計一個合理的軟件架構?
提示:本文摘自: 「雲原生 AI 實戰營」 知識星球「Go 項目開發中級實戰課」的第 04 | 簡潔架構設計:如何設計一個合理的軟件架構?[1] 節課。 本文介紹的實戰項目 GitHub 地址爲:https://github.com/onexstack/miniblog 在開發項目之前,需要先設計一個合理的軟件架構。一個好的軟件架構不僅可以大大提高項目的迭代速度,還可以降低項目的閱讀和 ⌘ Read more
深入解讀 MCP 協議最新版本的 4 大升級【上】:傳輸機制與安全授權
MCP 協議的最新修訂版本(2025-03-26)已經在路上,儘管 SDK 尚未發佈,但規範內容已經基本定型,前期的各種解讀也在網絡上陸續出現。我們將結合官方文檔、Github 上的 PR 與社區討論等,爲大家深入解讀該版本中的四個較大的升級。Streamable HTTP 傳輸模式 OAuth2.1 的授權框架 JSON-RPC 批處理 增強工具註解 ⌘ Read more
🧮 USERS:1 FEEDS:2 TWTS:1324 ARCHIVED:86731 CACHE:2910 FOLLOWERS:22 FOLLOWING:14
AnalogLamb Expands Maple Series with Low-Cost ESP32C6 Breakout Boards
AnalogLamb has introduced three new RISC-V development boards based on the ESP32-C6, designed for low-cost, full-function, and low-power IoT applications. These boards feature Espressif’s first Wi-Fi 6 SoC, integrating Wi-Fi 6 (2.4 GHz), Bluetooth 5 LE, and IEEE 802.15.4 protocols. Each board is built around the ESP32-C6-WROOM-1 module, which combines a high-performance 32-bit RISC-V core […] ⌘ Read more
用 Go 語言開發一個石頭剪刀布遊戲,很簡單
本文將通過 Go 語言實現一個玩家與電腦對戰的石頭剪刀布遊戲,並重點講解如何通過 Go 的 crypto/rand 包生成安全的隨機數,確保遊戲的公平性。一、遊戲模型設計在編寫代碼之前,我們首先要設計遊戲的基本模型,包括參與者、動作和遊戲狀態。1. 用戶與動作遊戲的參與者有兩個:玩家和電腦。每個參與者可以做出三種選擇:石頭、剪刀或布。我們通過 Go 的枚舉類型來表示這些選擇。// 用戶類型type ⌘ Read more
I just fixed a bug in tt’s reply to parent feature. Previously, when the message tree looked like the following
Message
├╴Reply 1
│ └╴Subreply
└╴Reply 2
and “Reply 2” was selected, pressing A to reply to the parent should have picked “Message”. However, a reply to “Reply 2” was composed instead. The reason was a precausiously introduced safety guard to abort the parent search which stopped at “Subreply”, because its subject didn’t match “Reply 2”’s. It was originally intended to abort on a completely different message conversation root. Just in case. Turns out that this thoght was flawed.
Fixing bugs by only removing code is always cool. :-)
↳
In-reply-to
»
Can you beat me at the circle game? 😂 https://neal.fun/perfect-circle/
⤋ Read More
Can you automate the drawing with a script? On X11, you can:
#!/bin/sh
# Position the pointer at the center of the dot, then run this script.
sleep 1
start=$(xdotool getmouselocation --shell)
eval $start
r=400
steps=100
down=0
for step in $(seq $((steps + 1)) )
do
# pi = 4 * atan(1)
new_x=$(printf '%s + %s * c(%s / %s * 2 * (4 * a(1)))\n' $X $r $step $steps | bc -l)
new_y=$(printf '%s + %s * s(%s / %s * 2 * (4 * a(1)))\n' $Y $r $step $steps | bc -l)
xte "mousemove ${new_x%%.*} ${new_y%%.*}"
if ! (( down ))
then
xte 'mousedown 1'
down=1
fi
done
xte 'mouseup 1'
xte "mousemove $X $Y"
Interestingly, you can abuse the scoring system (not manually, only with a script). Since the mouse jumps to the locations along the circle, you can just use very few steps and still get a great score because every step you make is very accurate – but the result looks funny:
🥴
🧮 USERS:1 FEEDS:2 TWTS:1323 ARCHIVED:86698 CACHE:2903 FOLLOWERS:22 FOLLOWING:14
How We Diagnosed and Fixed the 2023 Voyager 1 Anomaly from 15 Billion Miles Away
Comments ⌘ Read more
On my blog: Free Culture Book Club — Pilogy, part 1 https://john.colagioia.net/blog/2025/04/26/pilogy-1.html #freeculture #bookclub
test test 1 2 3
⏱️ There were no visible errors, no hints… only the server’s hesitation told me the truth.
It didn’t scream. It whispered… and I heard it.
[Continue reading on I … ⌘ Read more
**Path Traversal Attack: How I Accessed Admin Secrets **
Path Traversal Attack: How I Accessed Admin Secrets 📂
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/path-traversal-attack-how-i-accessed-admin-secrets-fa5de1865031?source … ⌘ Read more
Top 5 Open Source Tools to Scan Your Code for Vulnerabilities
These tools help you find security flaws in your code before attackers do.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/top-5-open-source-tools-to-s … ⌘ Read more
🧮 USERS:1 FEEDS:2 TWTS:1321 ARCHIVED:86594 CACHE:2833 FOLLOWERS:21 FOLLOWING:14
Building trust with OpenID Federation trust chain on Keycloak
OpenID Federation 1.0 provides a framework to build trust between a Relying Party and an OpenID Provider that have no direct relationship so that the Relying Party can send OIDC/OAuth requests to the OpenID Provider without being previously… ⌘ Read more
GCC 15.1 released
Version 15.1 of the GNU
Compiler Collection has been released. Changes include implementing the
C23 dialect by default, a number of new C++26 features, experimental
support for unsigned integers in Fortran, a new COBOL front end, and
more. See the GCC 15\
changes page for details. ⌘ Read more
Security updates for Friday
Security updates have been issued by AlmaLinux (thunderbird), Debian (libbpf), Fedora (golang-github-openprinting-ipp-usb, ImageMagick, mingw-libsoup, mingw-poppler, and pgbouncer), SUSE (glib2, govulncheck-vulndb, libsoup-2_4-1, libxml2-2, mozjs60, ruby2.5, and thunderbird), and Ubuntu (linux, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-hwe-5.4, linux-ibm, linux-kvm, linux-oracle, linux-oracle-5.4, linux-aws, linux-aws-5.4, linux-gcp-5.4, linux-iot, linux-aws-fips, … ⌘ Read more
LitmusChaos at KubeCon + CloudNativeCon Europe 2025: A Recap
The cloud native community recently converged in London from April 1 – 4, 2025, for an incredible edition of KubeCon + CloudNativeCon Europe. From our perspective at LitmusChaos, it was a week filled with inspiring sessions,… ⌘ Read more
The MacRumors Show: Latest iPadOS 19 and iPhone 17 Air Rumors
On this week’s episode of The MacRumors Show, we discuss the rumored look of the iPhone 17 “Air” and iPadOS 19’s major productivity update.
_Subscribe to The MacRumors Show YouTube channel for … ⌘ Read more
**The Fastest Way to Learn Web Hacking in 2025 (With Free Resources) **
🔓Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/the-fastest-way-to-learn-web-hacking-in-2025-with-free-resourc … ⌘ Read more
Hidden Tricks to Spot Phishing Emails Before They Trick You!
Phishing emails are like traps set by cybercriminals to trick you into sharing personal details, clicking dangerous links, or downloading…
[Continue reading on InfoSec Write-ups … ⌘ Read more
** Hostile Host Headers: How I Hijacked the App with One Sneaky Header **
Hey there!😊
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/hostile-host-headers-how-i-hijacked-the-app-with-one-sneaky-hea … ⌘ Read more
GitLab CI for Python Developers: A Complete Guide
Automating Testing, Linting, and Deployment for Python projects using GitLab CI/CD
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/gitlab-ci-for-python-developers-a-complete-guide-83794cb91 … ⌘ Read more
🧮 USERS:1 FEEDS:2 TWTS:1320 ARCHIVED:86540 CACHE:2803 FOLLOWERS:21 FOLLOWING:14
$1 Trillion of Wealth Was Created for the 19 Richest U.S. Households Last Year
Juliet Chung, Reporter - The Wall Street Journal
_Stephan: When I tell you the United States is now a neo-medieval society, I am neither kidding nor exaggerating. Medieval societies were authoritarian, and ruled by a despot. There was a very small group that had most of the wealth. The king and they rich wanted deference, submission and obedience, and had little conce … ⌘ Read more
** How I discovered a hidden user thanks to server responses ?**
My first real step into web hacking and it wasn’t what i thought it would be.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-i-discovered-a-hidde … ⌘ Read more
How to Build a Threat Detection Pipeline from Scratch (Like a Cyber Ninja!)
Hey, cyber fam! Have you ever asked yourself:
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-to-build-a-threat … ⌘ Read more
Nothing changed… except for one detail. And that was enough to hack
Sometimes, hacking doesn’t require any exploit… just good observation.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/nothing-c … ⌘ Read more
How to Create a Botnet Using One Tool: A Proof of Concept for Educational Purposes Aspiring…
Learn how attackers build and control botnets — safely and ethically — using … ⌘ Read more
**Burp, Bounce, and Break: How Web Cache Poisoning Let Me Control the App **
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/burp-bounce-and-break-how-web-cache-poisoning-let-me-con … ⌘ Read more
OWASP Juice Shop | Part 1 — ScoreBoard Solution — StrawHat Hackers ⌘ Read more
🧮 USERS:1 FEEDS:2 TWTS:1319 ARCHIVED:86501 CACHE:2810 FOLLOWERS:21 FOLLOWING:14
Security updates for Wednesday
Security updates have been issued by AlmaLinux (bluez, expat, and postgresql:12), Fedora (chromium, golang, LibRaw, moodle, openiked, ruby, and trafficserver), Red Hat (bluez, expat, gnutls, libtasn1, libxslt, mod_auth_openidc, mod_auth_openidc:2.3, ruby:3.1, thunderbird, and xmlrpc-c), and Ubuntu (linux, linux-aws, linux-gcp, linux-hwe-6.11, linux-lowlatency, linux-lowlatency-hwe-6.11, linux-oem-6.11, linux-oracle, linux-raspi, linux-realtime, linux-azure, linux-azure-6.11, linux-gc … ⌘ Read more
Stelle x Firefly x Caelus 1/6 ⌘ Read more
I Lost $3,750 in 30 Seconds — The ATO Bug 99% of Hackers Miss (Here’s How to Avoid It)
The 1 Burp Suite Mistake That Cost Me $3,750 — Fix It in 30 Seconds
[Continue reading on InfoSec Writ … ⌘ Read more
SOC L1 Alert Reporting : Step-by-Step Walkthrough | Tryhackme
As a SOC analyst, it is important to detect high-severity logs and handle them to protect against disasters. A SOC analyst plays the…
[Continue reading on InfoSec Write-ups … ⌘ Read more
**404 to 0wnage: How a Broken Link Led Me to Admin Panel Access **
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/404-to-0wnage-how-a-broken-link-led-me-to-admin-panel-access-2b58e1fffaa3?source=r … ⌘ Read more
How to Start Bug Bounty in 2025 (No Experience, No Problem)
✅Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-to-start-bug-bounty-in-2025-no-experience-no-problem-89adc68da592?source=rss—-7b … ⌘ Read more
️ Hacking and Securing Kubernetes: A Deep Dive into Cluster Security
Disclaimer: This document is for educational purposes only. Exploiting systems without authorization is illegal and punishable by … ⌘ Read more
Go 1-24 讓項目工具管理更優雅的 tool 指令
工具管理的歷史難題———在 Go 1.24 之前,管理項目依賴的工具(如 linters、代碼生成器等)是一個棘手的問題。雖然有 go.mod 來管理代碼依賴,但工具依賴卻沒有一個官方的解決方案。社區曾流行的做法是創建一個名爲 tools.go 的文件,通過一種 “技巧” 來管理這些工具依賴://go:build toolspackage toolsimport ( ”gol ⌘ Read more
🧮 USERS:1 FEEDS:2 TWTS:1317 ARCHIVED:86476 CACHE:2798 FOLLOWERS:20 FOLLOWING:14
Security updates for Tuesday
Security updates have been issued by AlmaLinux (java-1.8.0-openjdk, kernel, libxslt, mod_auth_openidc:2.3, and webkit2gtk3), Fedora (c-ares, giflib, jupyterlab, perl, perl-Devel-Cover, perl-PAR-Packer, prometheus-podman-exporter, python-notebook, python-pydantic-core, rpki-client, ruby, rust-adblock, rust-cookie_store, rust-gitui, rust-gstreamer, rust-icu_collections, rust-icu_locid, rust-icu_locid_transform, rust-icu_locid_transform_data, rust-icu_normalizer, rust-icu_normalizer_data … ⌘ Read more
This is something for @movq@www.uninformativ.de and old OS hobbyists alike: FreeDOS 1.4! Get it while it’s hot!
🧮 USERS:1 FEEDS:2 TWTS:1316 ARCHIVED:86446 CACHE:2799 FOLLOWERS:20 FOLLOWING:14
MicroPython v1.25.0 Released with ROMFS, RISC-V Assembler, and Expanded Board Support
MicroPython has reached a major milestone with the release of version 1.25.0, delivering significant enhancements after over three years of development. This update introduces the long-anticipated ROMFS (Read-Only Memory File System), new processor support, TLS improvements, and expanded board compatibility across multiple architectures. One of the most notable additions is R … ⌘ Read more
Regex Isn’t Hard - Tim Kellogg 👈 this is a pretty good conscience article on regexes, and I agree, regex isn’t that hard™ – However I think I can make the TL;DR even shorter 😅
Regex core subset (portable across languages):
Character sets
• a matches “a”
• [a-z] any lowercase
• [a-zA-Z0-9] alphanumeric
• [^ab] any char but a or b
Repetition (applies to the preceding atom)
• ? zero or one
• * zero or more
• + one or more
Groups
• (ab)+ matches “ab”, “abab”, …
• Capture for extract/substitute via $1 or \1
Operators
• foo|bar = foo or bar
• ^ start anchor
• $ end anchor
Ignore non‑portable shortcuts: \w, ., {n}, *?, lookarounds.
Go 定時任務調度從入門到實戰
在開發後臺服務時,我們經常需要處理定時任務。例如每天凌晨備份數據、每 5 分鐘檢查服務狀態、每小時發送統計報表…這些場景都需要可靠的定時任務調度機制。Go 語言就提供了強大的定時任務處理能力,既有標準庫的基礎功能,也有企業級的第三方解決方案。一、標準庫基礎用法———1. 簡單的單次延遲任務timer := time.NewTimer(3 time.Second) // 3秒後 ⌘ Read more
️ Free TryHackMe Jr Penetration Tester Roadmap with Resources and Labs
A free, TryHackMe-inspired roadmap with resources and labs to kickstart your penetration testing journey.
[Continue read … ⌘ Read more
I Clicked a Random Button in Google Slides — Then Google Paid Me $2,240
The strange trick that exposed a hidden security flaw (and how you can find bugs like this too).
[Continue reading on InfoSec Write-ups »](https://in … ⌘ Read more
Lab: Exploiting an API endpoint using documentation
We will solve this lab based on the API documentation exposed to delete Carlos’s user.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/lab-exploiting-an-api-endpoint-using-d … ⌘ Read more
** HTTP Parameter Pollution: The Dirty Little Secret That Gave Me Full Backend Access ️**
Free Link🎈
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.co … ⌘ Read more
↳
In-reply-to
»
#event:abc123 Go Meetup – Sat Apr 27, 3pm @ Darling Harbour
⤋ Read More
#event:abc123 RSVP: yes +1
golf.vim v0.1.1 - fixed keystroke logging, removed ultra‑short runs, now captures all modes ⌘ Read more
🧮 USERS:1 FEEDS:2 TWTS:1315 ARCHIVED:86386 CACHE:2781 FOLLOWERS:20 FOLLOWING:14
Chaining Bugs Like a Hacker: IDOR to Account Takeover in 10 Minutes
🚀Free Article Link…
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/chaining-bugs-like-a-hacker-idor-to-account-takeover-in-1 … ⌘ Read more
Exposed Secrets in JavaScript Files
🔥Free Article https://medium.com/@Abhijeet_kumawat_/exposed-secrets-in-javascript-files-430a76834952?sk=ffd9ca6c8ede38ac77dcb68a507b9299
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/exposed-secrets-in-javascript-fi … ⌘ Read more
Wazuh Installation & Configuration: A Step-by-Step Tutorial
Hello, my digital adventurers! In this article, I will provide you with a step-by-step guide for installing and configuring the Wazuh…
[Continue reading on InfoSec Write-ups » … ⌘ Read more
**CORSplay of the Century: How I Hijacked APIs with One Misconfigured Header **
Free Link🎈
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/corsplay-of-the-century-how-i-hijacked-apis- … ⌘ Read more
**Bypassing Like a Pro: How I Fooled the WAF and Made It Pay **
Hi there!
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/bypassing-like-a-pro-how-i-fooled-the-waf-and-made-it-pay-e433193e1d9d?source=rss—-7b722bf … ⌘ Read more
Hmmm there’s a bug somewhere in the way I’m ingesting archived feeds 🤔
sqlite> select * from twts where content like 'The web is such garbage these days%';
hash = 37sjhla
feed_url = https://twtxt.net/user/prologic/twtxt.txt/1
content = The web is such garbage these days 😔 Or is it the garbage search engines? 🤔
created = 2024-11-14T01:53:46Z
created_dt = 2024-11-14 01:53:46
subject = #37sjhla
mentions = []
tags = []
links = []
sqlite>
🧮 USERS:1 FEEDS:2 TWTS:1314 ARCHIVED:86338 CACHE:2754 FOLLOWERS:20 FOLLOWING:14
Should we adopt 1 or 2 cats? ⌘ Read more
↳
In-reply-to
»
@lyse It wasn’t our building, yeah, luckily. But I’m pretty scared it might happen some day. I think I’ll put more effort into preparing for that. But whatever I do, it would be horrific to lose all your stuff and the memories attached to it …
⤋ Read More
@prologic@twtxt.net @bmallred@staystrong.run Ah, I just found this, didn’t see it before:
https://restic.net/#compatibility
So, yeah, they do use semver and, yes, they’re not at 1.0.0 yet, so things might break on the next restic update … but they “promise” to not break things too lightheartedly. Hm, well. 😅 Probably doesn’t make a big difference (they don’t say “don’t use this software until we reach 1.0.0”).
↳
In-reply-to
»
Some A hole has been trying to pull every single Twtxt feed that existed/still exists since forever. How do I know? Welp' They've been querying my Timeline™ instance for all of it, every single twtxt file and twt Hash they can find. 😆🤦 It must have been going on for days and I have just noticed... + it's all coming from the same ASN
⤋ Read More
AS136907 HWCLOUDS-AS-AP HUAWEI CLOUDS
@prologic@twtxt.net This shi_ is as fun as it is frustrating! 😆 the bot is poking at me from a different ASN now, Alibaba’s.
- Short term solution: I’ve geo-locked my Timeline instance since I’m the only one using it (and I only do so for reading twts when I’m away from terminal).
- Long term: I took a look at your Caddy WAF but couldn’t figure things out on my own; until then, I’ll be poking at Caddy-Defender, maybe throw in a Crowdsec for lols… #FUN
We adopted Klaus today! He has 1 eye, half of each ear, and a partially amputated tail, but we think he’s a perfect handsome baby. ⌘ Read more
Editor’s Note
, -
Stephan:
These Are Four Things You Can Do to Save America_Like billions of others across the planet I have been watching for months now as the entire social order of the United States of America is dismantled in an attempt to create a neo-medieval oligarch owned white supremacy, male dominant, authoritarian fascist state. [1], [2], [3] As I write this we are not the same country we were before January 2025, and the destruction of the na … ⌘ Read more
Judge orders halt to mass firings at Consumer Financial Protection Bureau
Alexander Mallin and Peter Charalambous, Reporters - abc News
_Stephan: The Consumer Financial Protection Bureau (CFPB), created by President Obama, has saved Americans over $20 billion from grifts. So is it surprising that Dictator Trump, who has been convicted multiple times of millions of dollars of grifts and scams, is trying to destroy the CFPB by firing 1,474 who work a … ⌘ Read more