(#2zhuzoa) @eapl.me@eapl.me This is one of my concerns too. The moment you post publicly ciphertext, you open yourself up for future attacks on …
@eapl.me @eapl.me This is one of my concerns too. The moment you post publicly ciphertext, you open yourself up for future attacks on the ciphertext, which you really want to avoid if you can. If you have a read of the Salty.im Spec you’ll note we went to great lengths to protect the user’s … ⌘ Read more
So pretty anie attack on titan ⌘ Read more
There’s one way you can make your super more secure
Super funds are attractive targets for hackers, and recent attacks on funds have put the sector’s security practices under the microscope. ⌘ Read more
@movq@www.uninformativ.de @ionores@twtxt.net Thank you! Nope, still a petting farm over here. The only dangerous (to humans) animals are boars and ticks. But I only ever encountered a wild hog once in my entire life so far. Luckily, it took off and didn’t attack me. Ticks, on the other hand, regularly attack me.
Chaos and Corruption Weekly Digest: Week 11
, - American Federation of Government Employees
Stephan: Week 11 of the corruption that is the unacknowledged but defining character of the coup.
Week 11 saw Trump’s attack on the free press, our country’s economy and ability to fight diseases and find cures. But the American people pushed back against his attacks in four elect … ⌘ Read more
Hardening the Firefox frontend
Tom Schuster, Frederik Braun, and Christoph Kerschbaumer have
published an article
on the Firefox Security team’s Attack & Defense
blog that explains recent work to harden Firefox’s frontend code.
We have rewritten over 600 JavaScript event handlers to mitigate XSS
and other injection attacks in the main Firefox user interface. This
mitigation will ship in … ⌘ Read more
Reputation Lag Attack - Computerphile ⌘ Read more
I can live without my phone, survive without my keys, and replace my wallet… But when the cat disappears? Instant heart attack. ⌘ Read more
10 People Who Were Attacked for the Clothes They Wore
Black clothing. A sweatshirt. A “too small” skirt. A “blasphemous” dress. A crop top. Pretentious attire. Hats. A bikini. Jeans. Zoot suits. These clothes outraged some, who associated the articles of clothing with devil worship, immorality, nontraditional attire, and beliefs, attitudes, or behaviors that outraged the spectators. The attacks weren’t really about the victims’ clothing. […]
The post [10 People Who Were Attacke … ⌘ Read more
Attack on Booty (Jerk Dibuja) ⌘ Read more
athena was NOT making that night longer for ODYSSEUS to enjoy the sex get serious. she made that man see the gods above so clearly that he almost had a panic attack
@kat@yarn.girlonthemoon.xyz it’s mostly under control now but jesus christ i almost had a panic attack
Law firms refuse to represent Trump opponents in the wake of his attacks
Michael Birnbaum , - msn | The Washington Post
_Stephan: One of the keys to all fascist takeovers of democracies when the democracy is being taken apart is to so threaten and badly damage the legal system that when critics and opponents are attacked by the authoritarian, they cannot even get a lawyer to represent and defend them in the courts while, at the same time, the cour … ⌘ Read more
Speaker Mike Johnson floats eliminating federal courts as GOP ramps up attacks on judges
Scott Wong, Melanie Zanona and Rebecca Kaplan, Reporters - NBC News
_Stephan: The Speaker of the House, Mike Johnson, is not functioning as the leader of a coequal branch of the Executive branch. Instead, he behaves like a White House staff assistant. He is clearly a participant in the authoritarian dismantlement of the legal system of the United … ⌘ Read more
Hi! i’m a paralyzed cat. When i was just one month old, i was attacked by a dog or a human and my spine was broken. This is how meowmy found me and adopted. Meowmy always helps me with difficulties in my daily life ⌘ Read more
Here are the 60 universities under investigation by the Trump administration
Ray Bogan , Political Correspondent - Straight Arrow News
_Stephan: The Trump coup has made clear it considers the universities of America enemies of its authoritarian takeover of the United States. So completely predictably, like all fascist coups in history, the Trumpers (read neo-Nazis) are attacking and attempting to take control of American higher education. They g … ⌘ Read more
[$] LWN.net Weekly Edition for March 20, 2025
Inside this week’s LWN.net Weekly Edition:
Front: Oxidizr; Spectre mitigations; Frozen pages; Mapcount madness; Open-source risks; /e/OS.
Briefs: Supply chain attacks; SystemRescue 12.00; Casual Make; GIMP 3.0; Git 2.49.0; GNOME 48; PeerTube 7.1; Quotes; …
Announcements: Newsletters, conferences, security updates, patches, and more. ⌘ Read more
Apple Passwords App Bug Left Users Vulnerable to Phishing Attacks for Months Before Being Fixed
Apple fixed a bug in its Passwords app with December’s iOS 18.2 update that had left users vulnerable to phishing attacks in the three months since the launch of iOS 18.
According to an Apple security update spotted by _[9to5Mac](https://9to5mac.com/2025/03/18/apples-passwords-app-was-vulnerable-to-phi … ⌘ Read more
Trump’s FBI Moves to Criminally Charge Major Climate Groups
Marin Scotten, Staff Writer - The New Republic
_Stephan: Habitat for Humanity, a non-profit organization dedicated to fostering wellbeing that President Jimmy Carter worked with for years, and to which my wife and I have sent support, is one of a number of wellbeing fostering foundations now being attacked by psychopath fascist Trump using as his agents his corrupted FBI. I predict that any 501©3 that … ⌘ Read more
‘A Hallmark of Autocracy’: Flurry of Trump Attacks on Universities Sparks Alarm
Eloise Goldsmith, Staff Writer - Common Dreams
_Stephan: As many, perhaps most of you, know I live mostly in the world of research and science as an experimentalist. Many of my friends and colleagues come from that world and today, in addition to the letter from the woman about why I call Trump a psychopath, I heard from a researcher at John Hopkins University who ha … ⌘ Read more
Legends of Open Source Under Attack by Leftist Extremists
The most prominent leaders in Free and Open Source Software (from Stallman to Torvalds) are regularly attacked, ostracized, or outright banned by Leftist Extremists. ⌘ Read more
This monster goes from licking my arm to attacking me, all while purring the whole time ⌘ Read more
RFK Jr. targets childhood psychiatric drugs; doctors push back
Joseph Choi , Staff Writer - The Hill
_Stephan: And so it starts. The first child in a decade in the United States has just died of measles, and now Robert Kennedy, jr. is attacking psychiatric drugs used in the treatment of children. So if you have a child who is depressed, anxious, or hyperactive. Trump and the Republican Congress members are telling you, “tough… you need to understand your well … ⌘ Read more
The cat attack ⌘ Read more
I got promoted today to try using Passkeys on Github.com. Fine 😅 I did that, but I discovered that when you use your Passkey to login, Chrome prompts you for your device’s password (i.e: The password you use to login to your macOS Desktop). Is that intentional? Kind of defeats the point no? I mean sure, now there’s no Password being transmitted, stored or presented to Github.com but still, all an attacker has to do is somehow be on my device and know my login password to my device right? Is that better or worse? 🤔
PostmarketOS Joins Codeberg’s Fight Against “Right Wing Forces”
Following dubious announcement of attack by “Right Wing Forces” by Git hosting company, a Linux Phone OS project has joined their crusade. ⌘ Read more
Trump’s plan to kill offshore wind is paying off
Rivard and Marie J. French, - Politico
_Stephan: One of the major goals of “emperor” Trump’s MAGAt coup is to do nothing to prepare the United States for climate change and to trap the nation in the carbon energy era with a “drill, baby… drill” policy to increase the profits of the petroleum oligarchs who helped buy his office for him. To that end, criminal Trump has attacked wind power as he said he would do, and it is h … ⌘ Read more
Yeah nice try assholes 🤣 #failed #phissing #sms href=”https://txt.sour.is/search?q=%23attack”>#attack**
Yeah nice try assholes 🤣
#failed #phissing #sms #attack ⌘ Read more
10 Most Effective Surprise Attacks in Military History
The surprise attack has been a cornerstone of military strategy throughout most of human history. While true surprise attacks are a little more difficult to coordinate on a mass scale in the modern age of warfare, they remain reference points for how to conduct the most effective kind of military campaign: the kind that minimizes […]
The post [10 Most Effective Surprise Attacks in Military History](https://listverse.com/20 … ⌘ Read more
Attacks on Maven proxy repositories
Learn how specially crafted artifacts can be used to attack Maven repository managers. This post describes PoC exploits that can lead to pre-auth remote code execution and poisoning of the local artifacts in Sonatype Nexus and JFrog Artifactory.
The post Attacks on Maven proxy repositories appeared first on The GitHub Blog. ⌘ Read more
Trump issues sweeping pardons and commutations for Jan. 6 rioters
Katherine Faulders and Alexander Mallin, - abc News
_Stephan: Today we witnessed the corruption of our legal system by a convicted felon who a majority of us have once again made America’s leader. I predict these people who attacked the the nation’s Capitol, attacked Congress’ defending police and sought to. hang the Vice President will once again become Trump’s militia. Having been once con … ⌘ Read more
[ANN] Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform
Link: https://gist.github.com/hackermondev/45a3cdfa52246f1d1201c1e8cdef6117
@basses:matrix.org ⌘ Read more
[ANN] Attacks on onion monero nodes with HSDirSniper
Based on connection issues and the monero node trackers, I believe someone is carrying out attacks on monero nodes that have onion addresses using the HSDirSniper attack for tor.
Link: https://farside.link/libreddit/r/Monero/comments/1i2uv5y/
u/jackintosh157 (Reddit) ⌘ Read more
お知らせ:JPCERT/CC Eyes「あなたではなく組織の財産を狙うLinkedIn経由のコンタクトにご用心」 ⌘ Read more
(#tw5ulrq) @bender@bender you’re right the scale wasn’t that large, but analyzing the logs. It definitely was a detox attack. 🤣 I woke up …
@bender you’re right the scale wasn’t that large, but analyzing the logs. It definitely was a detox attack. 🤣 I woke up this morning to see six other small spikes like this which I’ll have to analyze later tonight… ⌘ Read more
**So I need to figure out how to block ASN(s)…
Additionally, I’ thinking of; How to detect DDoS attachs?
Here’s one way I’ve come up that’s qu …**
So I need to figure out how to block ASN(s)…
Additionally, I’ thinking of; How to detect DDoS attachs?
Here’s one way I’ve come up that’s quite simple:
Detecting DDoS attacks by tracking requests across multiple IPs in a sliding window. If total requests exceed a threshold in a given time, flag as potential DDoS. ⌘ Read more
Hmmm so I’ve sustained two DDoS attacks on my Gitea server today. A few hours apar. Still analyzing the traffic…
Hmmm so I’ve sustained two DDoS attacks on my Gitea server today. A few hours apar. Still analyzing the traffic… ⌘ Read more
New Year’s attacks fuel fears of extremism in military
Brad Dress, Staff Writer - The Hill
_Stephan: Did you particularly note that the two terrorists that recently murdered innocent Americans were militarily trained MAGAts? The rising percentage of MAGAts in active service, or recent retirement, in the armed forces is a trend I having been following and reporting on (see SR archive) in SR for years. It really concerns me because if Trump orders the use of the militar … ⌘ Read more
What are subsea cables, and what happens when one gets cut?
The text message you just sent and the last show you streamed was almost definitely facilitated by a subsea cable. So why are they so vulnerable to attack? ⌘ Read more
Everything you need to know about Turo, the car sharing app used in two US attacks
The app – used in the New Orleans and Las Vegas tragedies – has quickly and quietly grown into Australia’s largest car share marketplace. ⌘ Read more
(#mgmtiha) @movq I was using Cloudflare primarily for 3 reasons: 1) For hosting DNS records 2) For reverse proxying into my infra’s services and …
@movq @www.uninformativ.de I was using Cloudflare primarily for 3 reasons: 1) For hosting DNS records 2) For reverse proxying into my infra’s services and 3) As a layer of defense against DDoS attacks or stupid misbehaving bots. I’m still using Cloudflare for 1) but 2/3 are now done entirely by something I’ve … ⌘ Read more
お知らせ:JPCERT/CC Eyes「近年の水飲み場攻撃事例 パート2」 ⌘ Read more
One thing I’ve learned over the many years now (approaching a decade and a half now) about self-hosting is two things; 1) There are many “assh …
One thing I’ve learned over the many years now ( approaching a decade and a half now) about self-hosting is two things; 1) There are many “assholes” on the open Internet that will either attack your stuff or are incompetent and write stupid shit™ that goes crazy on your stuff 2) You have to be careful about resources, especially memory and disk i/o. Especially disk i/o. this can kill your … ⌘ Read more
(#2ati6aq) @movq This was more like a distributed crawl/attack of some kind across many IP(s) though and bypassing Cloudflare somehow, so hmm no …
@movq @www.uninformativ.de This was more like a distributed crawl/attack of some kind across many IP(s) though and bypassing Cloudflare somehow, so hmm not sure 🤔 ⌘ Read more
(#ywl4paq) Ahh I see what I’ve done. That was a bit unfortunate 🤣 Because git.mills.io was a non-proxied DNS entry so that Git+SSH would al …
Ahh I see what I’ve done. That was a bit unfortunate 🤣 Because git.mills.io was a non-proxied DNS entry so that Git+SSH would also work, I now have a problem hmm. How not to expose my IP(s) directly and open them up to attack? 🤔 ⌘ Read more
Well that was fun! 🤩 I was being attacked directly (bypasses Cloudflare somehow) and whatever dafuq that was was killing my ingress and cau …
Well that was fun! 🤩 I was being attacked directly ( bypasses Cloudflare somehow) and whatever dafuq that was was killing my ingress and causing it to get OOM killed 😱 I was seeing 100s of requests per second!!! 😱 ⌘ Read more
お知らせ:JPCERT/CC Eyes「近年の水飲み場攻撃事例パート1」 ⌘ Read more
openSUSE Unable to Find Board Candidates After Banning Conservatives
Over the last 2 years the famous Linux project has attacked and mass-banned non-Leftists. Now there’s nobody left to run openSUSE. ⌘ Read more
[WTS] [DE] [$200] Hardened ThinkPad T420 laptop
This hardened T420 is tailored for those prioritizing security and privacy, with critical modifications ensuring minimal attack surfaces while maintaining its functionality as a reliable workhorse.
Link: https://moneromarket.io/listing/cb5a7f96-c21b-48ff-95f8-0d0009e752af
u/notgiven (MoneroMarket) ⌘ Read more
These Journalists Attacked Me, Where Are They Now? ⌘ Read more
[ANN] The States Active Attack On Monero
“The tools can and should aim towards reducing the particular currencies value, consequently inducing a voluntary outflow of their users.”
Link: https://farside.link/libreddit/r/Monero/comments/1go5yh1/
u/Lumpy-Initiative-779 (Reddit) ⌘ Read more
Robotic dogs helping hazelnut growers battle costly bird attacks
Most hazelnuts consumed in Australia are imported, but in a bid to boost local production growers are testing some creative solutions to stop birds attacking crops. ⌘ Read more
Author of “Stallman Report” Hit Piece Collects and Publishes Child Porn?
A continuing pattern of Leftist Extremists attacking others in Tech for what they, themselves, do. ⌘ Read more
What is zero trust authorization?
Member post originally published on Cerbos’s blog by Twain Taylor Traditional security models, which rely on perimeter-based defenses, have proven to be quite inadequate in the face of sophisticated attacks and the growing adoption of cloud… ⌘ Read more
Remembering When Obama Declared Linux Users “Extremists”
Part of a long pattern of Leftist attacks on Open Source and Free Software. ⌘ Read more
Why Were Russian Programmers Banned From Linux, But Not Huawei Employees?
Plus: Linus Torvalds goes on attack against “Russian Trolls”. ⌘ Read more
Attacking browser extensions
Learn about browser extension security and secure your extensions with the help of CodeQL.
The post Attacking browser extensions appeared first on The GitHub Blog. ⌘ Read more
Twitch Bans All of Israel, Un-Bans Anti-Jewish Terrorists
In response to the Oct 7 attacks on Israel, the Amazon company (with moderators in Egypt) took an anti-Israel stance. ⌘ Read more
[ANN] [Video] Using a Cospend attack to target an individual collecting donations (Canadian Trucker example)
Links:
- https://redirect.invidious.io/watch?v=Cu2dk78165Y
- https://odysee.com/@anti_moonboy:7/AotPO5:7
- https://rumble.com/v5j6cod-aotpo-episode-5
lordx3nu:matrix.org ⌘ Read more
Drew DeVault Behind Stallman-Report.org Hit Piece
Some mild DNS sleuthing has revealed the “anonymous” author of the attack on Richard Stallman. ⌘ Read more
Welcome back online! I thought you abandoned us to our fate :( I had a panic attack as if a hurricane had blown you away.
[ANN] [CVE-2024-9680] Update Tor Browser & Firefox immediately
An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild.
Links:
- https://blog.torproject.org/new-release-tor-browser-1357/
- https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/
n … ⌘ Read more
I am told through various sources that Iran decided last night to attack Israel with over 200 missile strikes in response to Israel attacking Lebanon. 🤔
JMP: CertWatch
As you may have already seen, on October 21st, it was reported that a long-running, successful MITM (Machine-In-The-Middle) attack against jabber.ru had been detected. The nature of this attack was not specific to the XMPP protocol in any way, but it was of special interest to us as members of the XMPP community. This kind of attack relies on being able to present a TLS certificate which anyone trying to connect will accept as valid. In this case, it was done b … ⌘ Read more
The “9.9” Linux Vulnerability Revealed: It’s The Printers
Remote attacker can execute code by simply sending a UDP packet to a Linux machine. ⌘ Read more
If Khzae closes soon I will have a panic attack and will start having fits again.
Privacy Watchdog Group Attacks Mozilla for Firefox User Tracking
Because “Privacy Preserving Attribution” doesn’t actually “Preserve” Privacy. ⌘ Read more
@prologic@twtxt.net Wikipedia claims sha1 is vulnerable to a “chosen-prefix attack”, which I gather means I can write any two twts I like, and then cause them to have the exact same sha1 hash by appending something. I guess a twt ending in random junk might look suspcious, but perhaps the junk could be worked into an image URL like
. If that’s not possible now maybe it will be later.git only uses sha1 because they’re stuck with it: migrating is very hard. There was an effort to move git to sha256 but I don’t know its status. I think there is progress being made with Game Of Trees, a git clone that uses the same on-disk format.
I can’t imagine any benefit to using sha1, except that maybe some very old software might support sha1 but not sha256.
@prologic@twtxt.net Why sha1 in particular? There are known attacks on it. sha256 seems pretty widely supported if you’re worried about support.
There’s a simple reason all the current hashes end in a or q: the hash is 256 bits, the base32 encoding chops that into groups of 5 bits, and 256 isn’t divisible by 5. The last character of the base32 encoding just has that left-over single bit (256 mod 5 = 1).
So I agree with #3 below, but do you have a source for #1, #2 or #4? I would expect any lack of variability in any part of a hash function’s output would make it more vulnerable to attacks, so designers of hash functions would want to make the whole output vary as much as possible.
Other than the divisible-by-5 thing, my current intuition is it doesn’t matter what part you take.
Hash Structure: Hashes are typically designed so that their outputs have specific statistical properties. The first few characters often have more entropy or variability, meaning they are less likely to have patterns. The last characters may not maintain this randomness, especially if the encoding method has a tendency to produce less varied endings.
Collision Resistance: When using hashes, the goal is to minimize the risk of collisions (different inputs producing the same output). By using the first few characters, you leverage the full distribution of the hash. The last characters may not distribute in the same way, potentially increasing the likelihood of collisions.
Encoding Characteristics: Base32 encoding has a specific structure and padding that might influence the last characters more than the first. If the data being hashed is similar, the last characters may be more similar across different hashes.
Use Cases: In many applications (like generating unique identifiers), the beginning of the hash is often the most informative and varied. Relying on the end might reduce the uniqueness of generated identifiers, especially if a prefix has a specific context or meaning.
‘Absolute spy novel’: Rigging pagers to explode is no simple attack
Much is unknown about the attack that injured thousands in Lebanon, except that it clearly goes beyond a simple bombing. ⌘ Read more
@prologic@twtxt.net earlier you suggested extending hashes to 11 characters, but here’s an argument that they should be even longer than that.
Imagine I found this twt one day at https://example.com/twtxt.txt :
2024-09-14T22:00Z Useful backup command: rsync -a “$HOME” /mnt/backup
and I responded with “(#5dgoirqemeq) Thanks for the tip!”. Then I’ve endorsed the twt, but it could latter get changed to
2024-09-14T22:00Z Useful backup command: rm -rf /some_important_directory
which also has an 11-character base32 hash of 5dgoirqemeq. (I’m using the existing hashing method with https://example.com/twtxt.txt as the feed url, but I’m taking 11 characters instead of 7 from the end of the base32 encoding.)
That’s what I meant by “spoofing” in an earlier twt.
I don’t know if preventing this sort of attack should be a goal, but if it is, the number of bits in the hash should be at least two times log2(number of attempts we want to defend against), where the “two times” is because of the birthday paradox.
Side note: current hashes always end with “a” or “q”, which is a bit wasteful. Maybe we should take the first N characters of the base32 encoding instead of the last N.
Code I used for the above example: https://fossil.falsifian.org/misc/file?name=src/twt_collision/find_collision.c
I only needed to compute 43394987 hashes to find it.
‘The next threat’: Former UK cybersecurity chief’s warning for Australia
Disruptive attacks on the nation’s hospitals and airlines will be far more damaging than any data breach, according to the UK’s former cybersecurity chief. ⌘ Read more
There is a bug in yarnd that’s been around for awhile and is still present in the current version I’m running that lets a person hit a constructed URL like
YOUR_POD/external?nick=lovetocode999&uri=https://socialmphl.com/story19510368/doujin
and see a legitimate-looking page on YOUR_POD, with an HTTP code 200 (success). From that fake page you can even follow an external feed. Try it yourself, replacing “YOUR_POD” with the URL of any yarnd pod you know. Try following the feed.
I think URLs like this should return errors. They should not render HTML, nor produce legitimate-looking pages. This mechanism is ripe for DDoS attacks. My pod gets roughly 70,000 hits per day to URLs like this. Many are porn or other types of content I do not want. At this point, if it’s not fixed soon I am going to have to shut down my pod. @prologic@twtxt.net please have a look.
Docker Security Advisory: AuthZ Plugin Bypass Regression in Docker Engine
Certain versions of Docker Engine have a security vulnerability that could allow an attacker to bypass authorization plugins (AuthZ) under specific circumstances. The base likelihood of this being exploited is low. This advisory outlines the issue, identifies the affected versions, and provides remediation steps for impacted users. ⌘ Read more
Ladybird Web Browser Developer Attacked by Unhinged, Dishonest Activists
Activists concoct wild, meritless accusations of “Transphobia” and “Human Slavery”. ⌘ Read more
Attack of the clones: Getting RCE in Chrome’s renderer with duplicate object properties
In this post, I’ll exploit CVE-2024-3833, an object corruption bug in v8, the Javascript engine of Chrome, that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site.
The post [Attack of the clones: Getting RCE in Chrome’s renderer with duplicate object properties](https://github.blog/2024-06-26-attack-of-the-cl … ⌘ Read more
How this small non-profit group beat a malicious cyberattack
Hackers attempted to commit credit card fraud against UN Women Australia, but its chief executive says the group managed to beat the attackers with the help of its technology partners. ⌘ Read more
Execute commands by sending JSON? Learn how unsafe deserialization vulnerabilities work in Ruby projects
Can an attacker execute arbitrary commands on a remote server just by sending JSON? Yes, if the running code contains unsafe deserialization vulnerabilities. But how is that possible? In this blog post, we’ll describe how unsafe deserialization vulnerabilities work and how you can detect them in Ruby projects.
The post [Execute c … ⌘ Read more
My opinion is that we need more Gophers, good, bad, or otherwise. Let there be thousands, millions of different gophers. Now there are no more than 400 servers left online. I’ll have a panic attack and cry again (
Bring back gopherspace.de otherwise I’ll have a panic attack and cry (I’m not kidding)
The Register spins to protect Red Hat in discrimination lawsuit
Tump! Immigration! Insurrection! Muslim Tavel Ban! Elon Musk! What do any of those things have to do with a discrimination lawsuit against Red Hat, the worlds largest Linux company? Well… nothing. Nothing at all. But Tech News outlet, The Register, wants you to stop thinking about Red Hat doing something wrong… and, instead, be angry at anyone who would attack Red Hat. Because Trump. Or something. ⌘ Read more
Frangipani trees in Darwin ‘hammered’ by exotic pest. Can ladybirds stop it from spreading south?
Since its discovery last year, the papaya mealybug has spread across Darwin, impacting a range of host plants such as papaya, hibiscus and frangipanis. ⌘ Read more
OpenSSH and XZ/liblzma: A nation-state attack was thwarted, what did we learn?
Docker CTO Justin Cormack looks at what we can learn from malicious code in upstream tarballs of xz targeted at subset of OpenSSH servers. “It is hard to overstate how lucky we were here, as there are no tools that will detect this vulnerability.” ⌘ Read more
Snikket: Security notice: Snikket not affected by CVE-2024-3094
A security vulnerability was intentionally added to a widely used open-source
project known as ‘xz’. This project is packaged in many operating systems, and
a lot of software depends upon it. The vulnerability has been assigned the
identifier CVE-2024-3094.
Systems with the vulnerable package may allow an attacker to gain unauthorized
access to the system via SSH, if your system’s SSH server was linked to the
affected packages.
Thankfully, the vulne … ⌘ Read more
Linux Foundation says when they used to attack Microsoft… they were actually trying to kill Sun.
*wink wink* ⌘ Read more
@bender@twtxt.net It is the new “politically correct”. Something that was used to describe acting in a more civilized way with one another. Turned into a scapegoat for the other side to label, demonize, and attack.
@bender@twtxt.net It is the new “politically correct”. Something that was used to describe acting in a more civilized way with one another. Turned into a scapegoat for the other side to label, demonize, and attack.
NJ man saved by police after heart attack
A man in New Jersey is alive today thanks in large part to the quick actions of five police officers after he suffered a heart attack while shoveling snow. ⌘ Read more
‘Drunk’ passenger’s horrific hostie attack
A “drunk” and “extremely violent” passenger on a plane from Dubai was caught on camera headbutting a flight attendant, causing crew members to tackle him and restrain him with cable ties, video shows. ⌘ Read more
Woman battles back after random road rage shooting
Amari Franklin has loved fashion and design ever since she was a little girl and that love is what helped the Clark Atlanta University senior find her way back, and her calling, after being shot in random road rage attack. ⌘ Read more
Atlanta airport official was being stalked, judge says
A judge grants an Atlanta airport official a temporary restraining order against a community activist. The Fulton County Superior Court Judge ruled the outspoken community activist, Alvin Kendall, was guilty of stalking and cannot verbally attack Airport Deputy General Manager Jai Ferrell. ⌘ Read more
Canadian cities ‘not gatekeepers,’ head of mayors’ group tells Poilievre
The president of the Federation of Canadian Municipalities says his members are community builders and not gatekeepers, a term Conservative Leader Pierre Poilievre has commonly used to attack municipal bureaucrats. Scott Pearce made the comment at a news conference the federation held in Ottawa ahead of the spring budget, as the group calls for more federal in … ⌘ Read more
Woman attacked in waist-deep water by two-metre tiger shark in WA
A woman has undergone emergency surgery after a shark attack in Western Australia.
The attack took place near Jurien Bay, north of Perth.
The 46-year-old was in waist-deep water during a sea lion tour when she was bitten just after 11.30am local time yesterday.
She was attacked on her left calf by a two-metre tiger shark.
The woman was airlifted to Royal Perth Hosp … ⌘ Read more
Man attacked with hatchet, hit in the head at SEPTA station
Philadelphia police say the man was walking through the SEPTA concourse when he was attacked from behind by a man wielding a hatchet and demanding his valuables in an apparent robbery attempt. ⌘ Read more
Starmer says Sunak ‘too weak’ to call out ‘Islamophobia’ after Lee Anderson comments
Sir Keir Starmer said Rishi Sunak “lacks the backbone” to call out “Islamophobia” after Lee Anderson’s attack on Sadiq Khan. Speaking to reporters in Shrewsbury, the Labour leader said: “I think this is straightforward. It’s Islamophobia and the Prime Minister should call it out for what it is. “The reason he won’t is because he is so w … ⌘ Read more
Israeli jets bomb eastern Lebanon for the first time since Gaza war began
Hezbollah says at least two killed in attack near Baalbek, its stronghold some 100km from the border with Israel. ⌘ Read more
WTO pushes for reform, warns multilateralism ‘under attack’
The World Trade Organization pushed for reform at a high-level ministerial meeting in Abu Dhabi on Monday, warning that economic headwinds and geopolitical tensions are threatening global commerce and multilateral trading systems. ⌘ Read more
How to stay safe from repo-jacking
Repo-jacking is a specific type of supply chain attack. This blog post explains what it is, what the risk is, and what you can do to stay safe.
The post How to stay safe from repo-jacking appeared first on The GitHub Blog. ⌘ Read more
Retailers say illicit tobacco trade ‘needs to be stopped’
After a string of firebombing attacks at tobacco stores across Melbourne, the Federal Government have stepped in to tackle illicit tobacco trade on the black market. ⌘ Read more