Oregon State University Teaches “White Rage” as Computer Science
OSU’s Computer Science program — which had a $1 Million Dollar grant for “Gender-Inclusive Open Source” — teaches about “White Supremacy” and “Reparations” instead of programming. ⌘ Read more
@movq@www.uninformativ.de streamlining jenny.vim?
index adc0db9..cb54abc 100644
--- a/vim/ftdetect/jenny.vim
+++ b/vim/ftdetect/jenny.vim
@@ -1 +1,2 @@
au BufNewFile,BufRead jenny-posting.eml setl completefunc=jenny#CompleteMentions fo-=t wrap
+au BufRead,BufNewFile jenny-posting.eml normal $
Mathieu Pasquet: slixmpp v1.12
This version is out mostly to provide a stable version with compatibility with the newly released Python 3.14, there are nonetheless a few new things on top.
Thanks to all contributors for this release!
Fixes- Bug in MUC self-ping ( XEP-0410) that would create a traceback in some uses
- Bug in SIMS ( XEP-0447) where all media would be marked as inline
- Python 3.14 breakage
- Prono … ⌘ Read more
Ireland plans to make a $1,500 a month basic income for artists permanent ⌘ Read more
Russia loses 1,150 soldiers over past day ⌘ Read more
Unveiling Hidden AWS Keys In My First Android Pentest
We often find our greatest challenges — and lessons — in the most unexpected places. For me, it was during a casual, personal e … ⌘ Read more
**How I Became an Accidental Admin and Almost Got Fired (From Someone Else’s Company) **
Free Link 🎈
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-i-became-an-acci … ⌘ Read more
️ Spring Boot API Security Like a Pro: Rate Limiting, Replay Protection & Signature Validation…
Learn how to secure your Spring Boot APIs using rate lim … ⌘ Read more
25. Monetizing Your Skills Beyond Bug Bounty
Turn your hacking expertise into a thriving career beyond bounties.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/25-monetizing-your-skills-beyond-bug-bounty-a6b503d6b6dc?source=rss—-7b722bf … ⌘ Read more
Mastering Host Header Injection: Techniques, Payloads and Real-World Scenarios
Learn How Attackers Manipulate Host Headers to Compromise Web Applications and How to Defend Against It
[Continue re … ⌘ Read more
The Ultimate Guide to 403 Forbidden Bypass (2025 Edition)
Master the art of 403 bypass with hands-on examples, tools and tips..
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/the-ultimate-guide-to-403-forbidden-byp … ⌘ Read more
How to Identify Sensitive Data in JavaScript Files: (JS-Recon)
A complete guide to uncovering hidden secrets, API keys, and credentials inside JavaScript files
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/h … ⌘ Read more
FFUF Mastery: The Ultimate Web Fuzzing Guide
Practical techniques, wordlists, and templates to fuzz every layer of a web app.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/ffuf-mastery-the-ultimate-web-fuzzing-guide-f7755c396b92?source= … ⌘ Read more
How I Mastered Blind SQL Injection With One Simple Method
Transforming my web security skills by learning to listen to a silent database
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-i-mastered-blind-sql-injection-w … ⌘ Read more
ProtoVault Breach Forensics Challenge Offsec CTF Week 1
Maverick is back again with a fresh article this time I dug into ProtoVault Breach, the Week 1 forensics challenge from the Offsec CTF…
[Continue reading on InfoSec Write-ups »](ht … ⌘ Read more
Internal Password Spraying from Linux: Attacking Active Directory
[Continue rea … ⌘ Read more
How I Found a $250 XSS Bug After Losing Hope in Bug Bounty
📌 Free Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-i-found-a-250-xss-bug-after-losing-hope-in-bug-bounty-8ab557df4d1d?source=rss—-7b722bf … ⌘ Read more
23. Tools vs. Mindset: What Matters More in 2025
Why the Right Mindset Will Outperform the Most Advanced Tools
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/23-tools-vs-mindset-what-matters-more-in-2025-1be217350787?source=rss—-7b7 … ⌘ Read more
How to Find XSS Vulnerabilities in 2 Minutes [Updated]
My simple yet powerful technique for spotting XSS vulnerabilities during bug hunting.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/find-xss-vulnerabilities-in-just-2-minutes-d14b63d00 … ⌘ Read more
Drones reportedly target Russian oil refinery in Ufa, more than 1,300 kilometers from Ukraine ⌘ Read more
@madcap duas perguntas:
1 você anda vendo um aviso de “demasiados pedidos” ou algo assim? Tenho visto isso no cliente Moshidon. Uma amiga minha na instância pynews.com.br também teve esse problema um tempo atrás…
2 de tempos em tempos eu esqueço como põe na interface aquela opção de posts só para a nossa instância… como faz mesmo?
** Encrypt & Decrypt Database Fields in Spring Boot Like a Pro (2025 Secure Guide)**
“Your database backup just leaked. Is your data still safe?”
[Continue reading on InfoSec Write-ups »](https://infos … ⌘ Read more
Ukrainian assault units advance up to 1.6 km in Donetsk region – Armed Forces chief ⌘ Read more
Russia Loses 1,200 Troops in a Day of 190 Clashes as Moscow Claims “Everything Is Going According to Plan” ⌘ Read more
A Bug Hunter’s Guide to CSP Bypasses (Part 1) ⌘ Read more
CTF to Bug Bounty: Part 1 of the Beginner’s Series for Aspiring Hunters
From CTF flags to real-world bugs — your next hacking adventure starts here.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups. … ⌘ Read more
Bypass 403 Response Code by Adding Creative String | IRSYADSEC
HTTP 403 is a response code indicating that access to the requested resource is forbidden. This can happen due to various reasons, such as…
[Continue reading on Inf … ⌘ Read more
Beyond the Shell: Advanced Enumeration and Privilege Escalation for OSCP (Part 3)
Part 3 reveals the high-value Windows PrivEsc methods that defeat rabbit holes. Master file transfer, service … ⌘ Read more
** SecurityFilterChain Explained: The Secret Sauce Behind Spring Security**
Spring Security has evolved — the old WebSecurityConfigurerAdapter is gone, and the new SecurityFilterChain is now the backbone of Spring…
… ⌘ Read more
NI down but not out after ‘sore’ Germany defeat
Northern Ireland’s young squad were down but not out, as Michael O’Neill describes the 1-0 World Cup qualifying defeat by Germany as “sore”. ⌘ Read more
Sam Whited: Coffeeneuring 2025
This year I haven’t blogged much at all, but it’s time for the 15th annual
Coffeeneuring and who-knows-how-many-annual Biketober challenges so here we go!
This post will be updated with each of my Coffeeneuring rides as the month goes
on, and may (or may not) contain a few fun C+1 rides that count towards
Biketober, but not for Coffeeneuring.
… ⌘ Read more
Russia’s Oil Exports Declines by 17.1% After Massive Drone Strikes Hit Key Refineries ⌘ Read more
Littler demolishes Humphries to win World Grand Prix
World champion Luke Littler clinically defeats world number one Luke Humphries 6-1 to win his first World Grand Prix title. ⌘ Read more
“The Overlooked P4 Goldmine: Turning Simple Flaws into Consistent Bounties”
We’ve all been there — scrolling through bug bounty platforms, seeing hunters post about critical RCEs and complex chain exploit … ⌘ Read more
Master Web Fuzzing: A Cheat‑Sheet to Finding Hidden Paths
Hey there, back again with another post! 😄
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/master-web-fuzzing-a-cheat-sheet-to-finding-hidden-paths-6c2bcf5 … ⌘ Read more
** How to Use AI to Learn Bug Hunting & Cybersecurity Like a Pro (in 2025)**
Hey there 👋,
I’m Vipul, the mind behind The Hacker’s Log — where I break down the hacker’s mindset, tools, and secrets 🧠💻
[Continue reading … ⌘ Read more
** The Access Control Apocalypse: How Broken Permissions Gave Me Keys to Every Digital Door**
Hey there😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/th … ⌘ Read more
Authentication bypass via sequential user IDs in Microsoft SSO integration | Critical Vulnerability
If you’re a penetration tester or bug bounty hunter, n … ⌘ Read more
Account Take Over | P1 — Critical
It started off like any other day until I got an unexpected email — an invite to a private bug bounty program. Curious, I jumped in. The…
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/account-take-over-p1-critical-5468ce8218b9?sour … ⌘ Read more
22. How to Get Invites to Private Programs
Unlock the secrets to landing exclusive private program invites and level up your bug bounty journey.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/22-how-to-get-invites-to-private-programs-9bbb5166 … ⌘ Read more
Littler demolishes Humphries to win World Grand Prix
World champion Luke Littler clinically defeats world number one Luke Humphries 6-1 to win his first World Grand Prix title. ⌘ Read more
Littler demolishes Humphries to win World Grand Prix
World champion Luke Littler clinically defeats world number one Luke Humphries 6-1 to win his first World Grand Prix title. ⌘ Read more
Littler demolishes Humphries to win World Grand Prix
World champion Luke Littler clinically defeats world number one Luke Humphries 6-1 to win his first World Grand Prix title. ⌘ Read more
Sam Whited: 2025-09-30 Trolley Barn Contra Post Mortem
The first time I DJed for a Contra Dance1 was at Inman Park’s
famous Trolley Barn.
At the time I was DJing in the way other social dances are normally DJed: I had
a laptop, I played a song, everyone danced.
No fancy mixing, or effects: the most technical thing I did was loop 32 bar
sections of music to stretch it out until the caller was ready to end the dance.
This time around, returning to … ⌘ Read more
Ukraine strikes Russian oil refinery 1,400 kilometers from front, SBU source says ⌘ Read more
DebDroid - Debian on Android (v1.1)
Hello guys! I’m happy to share DebDroid, a free and open-source project that aims to bring a real Debian environment to Android devices. It is not Termux-based, nor a simple proot-based wrapper, but a real, near-native chroot environment running on top of the Android kernel.
The project is built around a heavily modified version of the Kali Nethunter’s script I’ve developed 3 years ago. This new version (DebDroid) brings greatly improved security, isolation and additional compatibility patch … ⌘ Read more
21. Tips for Staying Consistent and Avoiding Burnout
What if the secret to lasting success isn’t working harder, but pacing yourself smarter?
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/21-tips-for-staying-consistent-an … ⌘ Read more
Unbelievable Security Hole: JWT Secret in a Series-B Funded Company
It started as a routine penetration test. Little did I know I was about to uncover one of the most basic yet catastrophic security…
[Continue reading on … ⌘ Read more
The $500 Stored XSS Bug in SideFX’s Messaging System
Hacking the Inbox: How a $500 Stored XSS Bug Exposed SideFX’s Messaging Flaw
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/the-500-stored-xss-bug-in-sidefxs-messaging-sys … ⌘ Read more
A Beginner’s Guide to Finding Hidden API Endpoints in JavaScript Files
How to discover what others miss in plain sight
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/a-beginners-guide-to-finding-h … ⌘ Read more
Thousands more university jobs cut as financial crisis deepens
University workers will vote on national strike action this month over a 1.4% pay offer made in the summer. ⌘ Read more
Thousands more university jobs cut as financial crisis deepens
University workers will vote on national strike action this month over a 1.4% pay offer made in the summer. ⌘ Read more
DL40N Fanless 1.3L Mini PC with Intel Twin Lake Processors
The DL40N is a fanless 1.3-liter mini PC powered by Intel Twin Lake processors and up to 16GB DDR5 memory. It supports triple 4K display output, dual 2.5G Ethernet, and multiple USB and COM ports for reliable 24/7 operation in applications such as factory automation, digital signage, kiosks, and more. Built on Intel’s Twin Lake […] ⌘ Read more
Virtium Embedded Artists Expands SoM Lineup with Renesas RZ/G3E Platform
Virtium Embedded Artists has introduced the RZ/G3E SoM, a system-on-module based on the Renesas RZ/G3E processor for industrial and medical human-machine interface applications. The module incorporates a quad-core Arm Cortex-A55 processor running at 1.8 GHz, paired with a Cortex-M33 core at 200 MHz for real-time control. Graphics capabilities include support for dual Full HD displays […] ⌘ Read more
Deals: $200 Off M4 MacBook Air, AirPods from $89, & More
Amazon is cutting $200 off the price of all M4 MacBook Air models, starting at $799 for the 13″ Air, and $999 for the 15″ Air. 13″ M4 MacBook Air ($200 off) 13″ M4 MacBook Air 16GB / 256GB for $799 (MSRP: $999) 13″ M4 MacBook Air 16GB / 512GB for $999 (MSRP: $1,199) 13″ … Read More ⌘ Read more
Ubuntu 25.10 released
Ubuntu\
25.10, “Questing Quokka”, has been released. This release includes
Linux 6.17, GNOME 49, GCC 15, Python 3.13.7,
Rust 1.85, and more. This release also features Rust-based
implementations of sudo and coreutils; LWN covered the switch to the
Rust-based tools in March. The 25.10 version of Ubuntu flavors
Edubuntu, Kubuntu, Lubuntu, Ubuntu Budgie, Ubuntu Cinnamon, Ubuntu
Kylin, Ubuntu MATE, Ubun … ⌘ Read more
**Former Radio 1 DJ Tim Westwood charged with four counts of rape **
He is also charged with nine counts of indecent assaults and two counts of sexual assault. ⌘ Read more
Ex-Radio 1 DJ Tim Westwood charged with multiple rapes and sexual assaults
The former BBC Radio 1 DJ is also charged with nine counts of indecent assaults and two counts of sexual assault. ⌘ Read more
How I Solved TryHackMe Madness CTF: Step-by-Step Beginner-Friendly Walkthrough for 2025
How I Solved “Madness”: An Easy TryHackMe CTF Walkthrough
[Continue reading on InfoSec W … ⌘ Read more
↳
In-reply-to
»
@lyse Great job!
⤋ Read More
@lyse@lyse.isobeef.org In my case it was a silver necklace, a hummingbird with a wing connected with the cold welding I mentioned using thin brass wires.
It made it in a goldsmithing class (I went to a private craftmanship high-school) so no phones allowed (no photos of it) and no “take home” of the works.
Here’s a rough sketch of it drawn by memory, the dots in the wing is where it connects to the body.
The technique is basically the same as i described, but the scale is much smaller, the whole piece was about 5-6 cm on the largest side.
The rivet was made by drilling a hole through the parts, than with a short and thicker drill you widen the hole on the surface to let the rivet settle flatter on the piece, then with a rubber hammer you hit it to flatten the head until it’s snug on the hole, lock them together by doing the same on the other side.
Note that widening the hole with a thicker drill head won’t make a difference with bigger holes, mine had holes of about 1-2 mm of diameter maximum.
Here’s a sketch of what is going on for clarity.
Learn what MITM attack is, and how to identify the footprints of this attack in the network traffic.
How I found Multiple Bugs on CHESS.COM & they refused
I found JS crash, disallowing anyone to view your profile and HTML Injection. But they ignored everything.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-i-found-multiple-bug … ⌘ Read more
CORS Vulnerability with Trusted Insecure Protocols BurpSuite Walkthrough
CORS misconfig + HTTP subdomain XSS analysis showing API key exfiltration, exploit breakdown and remediation.
[Continue reading on InfoSec W … ⌘ Read more
[$] LWN.net Weekly Edition for October 9, 2025
Inside this week’s LWN.net Weekly Edition:
Front: Kernel Rust features; systemd v258, part 2; Cauldron kernel hackers; BPF for GNU tools; 6.18 merge window, part 1; Lifetime-end pointer zapping; Robot Operating System.
Briefs: OpenSSH 10.1; Firefox profiles; Python 3.14; U-Boot v2025.10; FSF presidency; Quotes; …
Announcements: Newsletters, conferences, security upda … ⌘ Read more
Trump: Israel und Hamas stimmen 1.Friedensplan-Phase zu ⌘ Read more
Russia Cut Off: Visa, Mastercard Cards Go Dead in Russia After January 1 ⌘ Read more
Security updates for Wednesday
Security updates have been issued by Fedora (apptainer, civetweb, mod_http2, openssl, pandoc, and pandoc-cli), Oracle (kernel), Red Hat (gstreamer1-plugins-bad-free, iputils, kernel, open-vm-tools, and podman), SUSE (cairo, firefox, ghostscript, gimp, gstreamer-plugins-rs, libxslt, logback, openssl-1_0_0, openssl-1_1, python-xmltodict, and rubygem-puma), and Ubuntu (gst-plugins-base1.0, linux-aws-6.8, linux-aws-fips, linux-azure, linux-azure-nvidia, linux-gke, linux-nvidia-tegra- … ⌘ Read more
UK deaths of 1,611 homeless people in 2024 is record high
Most are linked to suicide or drugs, with spice and nitazines increasingly deadly. ⌘ Read more
Why outback life is the best thing for these kids with cystic fibrosis
Two mums in rural Queensland have spoken about why they choose to live more than 1,000 kilometres from the Queensland Children’s Hospital. ⌘ Read more
Beamtengehälter steigen um 1,5 Prozent
Die Bundesregierung hat sich Montagabend mit der Gewerkschaft auf den Beamtengehaltsabschluss geeinigt. Man habe sich auf einen Dreijahresabschluss festgelegt, im Schnitt steigen die Gehälter um 1,5 Prozent. ⌘ Read more
**Hidden API Endpoints: The Hacker’s Secret Weapon **
I’m a cybersecurity enthusiast and the writer behind The Hacker’s Log — where I break down how real hackers think, find, and exploit…
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/ … ⌘ Read more
How a Single Signup Flaw Exposed 162,481 User Records
My $8,500 Bug Bounty Story and the Critical Lesson in Authentication
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-a-single-signup-flaw-exposed-162-481-user-re … ⌘ Read more
Beta 2 of iOS 26.1, macOS Tahoe 26.1, iPadOS 26.1 Available for Testing
Apple has released the second beta versions of iOS 26.1, iPadOS 26.1, and macOS Tahoe 26.1. The new beta builds are available for all enrolled beta testers, and offer continued refinement of the new operating systems. iOS 26.1 beta includes a new “Slide to Stop” feature for turning off alarm clocks on iPhone, which aims … [Read More](https://osxdaily.com/2025/10/06/beta-2-of-ios-26-1-macos-tah … ⌘ Read more
[$] 6.18 merge window, part 1
At the time of writing, there have been 9,099 commits in the 6.18 merge window,
8,475 non-merges and 624 merges. The
changes so far include core-kernel, graphics, and networking work, among others.
There are no big surprises, but several items that were discussed at this year’s
LFSMM+BPF Summit have now been merged. ⌘ Read more