golang 每日一庫之工作流引擎 Temporal
Temporal 是一個開源的分佈式工作流編排系統,旨在簡化構建和運行可靠、可擴展的長時間運行的後端應用程序。它最初是由 Uber 的 Cadence 系統演變而來,現在由 Temporal Technologies 公司主導開發。目前已被 Coinbase、Netflix、Box、Snap 等大規模應用。核心功能—-1. 分佈式工作流編排Temporal 支持在多臺機器上協調執行復雜的業務邏 ⌘ Read more
golang 每日一庫之工作流引擎 Temporal
Temporal 是一個開源的分佈式工作流編排系統,旨在簡化構建和運行可靠、可擴展的長時間運行的後端應用程序。它最初是由 Uber 的 Cadence 系統演變而來,現在由 Temporal Technologies 公司主導開發。目前已被 Coinbase、Netflix、Box、Snap 等大規模應用。核心功能—-1. 分佈式工作流編排Temporal 支持在多臺機器上協調執行復雜的業務邏 ⌘ Read more
Podcast Besser Wissen: Von der SMS über Chats zu Social Media
Wir sprechen im Podcast über die wachsende Bedeutung der Kurznachrichtendienste. ( Besser Wissen, Podcast)
Lücken im GPU-Treiber: Endgeräte mit Qualcomm-Chips werden attackiert
Mehrere gefährliche Sicherheitslücken in den Treibern für Qualcomms Adreno-GPUs werden aktiv ausgenutzt. Angreifer können damit Schadcode ausführen. ( Sicherheitslücke, Treiber)
Streaming: Mehr Werbung bei Youtube Premium Lite
Künftig sehen Nutzer des preiswerteren Youtube-Abos Premium Lite mehr Werbung - trotz des gleich hohen Abopreises. ( Youtube, Google)
Windows 11: Microsoft fordert einheitliche USB-Ports bei Windows-Laptops
Kunden sollen sicher sein können, dass sie bei allen USB-C-Buchsen ihres Windows-PCs alle Features verlässlich nutzen können. ( PC & Notebooks, Notebook)
Umfrage: Welcher IT-Arbeitgeber hält, was er verspricht?
Viele Sternchen auf Jobportalen und Benefitversprechen sind das eine - doch wie erleben ITler ihren Arbeitgeber wirklich? Macht mit bei unserer großen jährlichen Umfrage! ( Top-IT-Arbeitgeber, Studien)
Anzeige: Wie das WLAN-Testteam bei AVM für Spitzenqualität sorgt
Durch ein selbst entwickeltes Testsystem, ausgeprägten Teamgeist und eine große Portion technischer Neugier stellt das WLAN-Testteam von AVM sicher, dass FRITZ!-Produkte zuverlässig, leistungsfähig und benutzerfreundlich arbeiten. ( AVM, Fritzbox) 
Elektrische Harley Davidson: Maximaler Fahrspaß, minimale Reichweite
Das elektrische Motorrad Livewire S2 Alpinista zu fahren, macht mächtig Spaß. Allerdings ist die Freude schon nach kurzer Strecke schnell. Ein Bericht von Peter Ilg ( Elektromotorrad, Elektromobilität)
404 to $4,000: Exposed .git, .env, and Hidden Dev Files via Predictable Paths”
How Bug Bounty Hunters Can Turn Common 404s Into Critical Information Disclosure Bounties
[Continue reading on InfoSec Write-u … ⌘ Read more
How One Path Traversal in Grafana Unleashed XSS, Open Redirect and SSRF (CVE-2025–4123)
Abusing Client Path Traversal to Chain XSS, SSRF and Open Redirect in Grafana
[Continue rea … ⌘ Read more
**2. Setting Up the Ultimate Hacker’s Lab (Free Tools Only) **
“You don’t need a fortune to break into bug bounty. You just need the right mindset — and the right setup.”
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/2-se … ⌘ Read more
Webhook Vulnerabilities: Hidden Vulnerabilities in Automation Pipelines
How misconfigured webhooks in CI/CD, Slack, and third-party integrations can expose secrets, trigger SSRF, and lead to critical…
[Conti … ⌘ Read more
Exploiting the Gaps in Password Reset Verification
Free Article Link: Click for free!
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/exploiting-the-gaps-in-password-reset-verification-9bb86ec95d29?source=rss—-7b722bfd1b8d– … ⌘ Read more
nginx 代理 WebSocket
配置–HTTP/1.1 協議中 Upgrade 機制可以將 http 升級到 WebSocket,實現客戶端與服務端的雙向通訊。客戶端需要升級協議時在請求頭包含 Upgrade、Connection 字段。如果服務端同意升級連接,就會返回 101 狀態碼和一個 Upgrade 標頭字段,Upgrade 字段內容爲要切換到的協議。如果服務器不能升級連接,返回一個常規響應,如 200 ok。ngin ⌘ Read more
Norway to help Ukraine cover 1 billion euro gas shortfall, Zelensky says ⌘ Read more
Breaking: Minimum and award wages to rise 3.5 per cent from July
Millions of Australian workers will get a 3.5 per cent pay rise from July 1, following the Fair Work Commission’s annual review of the minimum wage and award agreements. Inflation is currently at 2.4 per cent annually. ⌘ Read more
🧮 USERS:1 FEEDS:2 TWTS:1360 ARCHIVED:87444 CACHE:2695 FOLLOWERS:22 FOLLOWING:14
As of version 9.1 vim is supposed to support XDG specification. The below config works correctly on 9.1.1230 but not on 9.1.83. Anybody know why? ⌘ Read more
WhisperD: linux voice-to-text using OpenAI whisper-1 transcription
I wrote this as an exercise to learn how to use ioctl & input devices, but I like how it turned out! It does have a hard dependency on pipewire though.
OSWE Web Hacking Tips (IPPSEC): My Study Journey href=”https://txt.sour.is/search?q=%231”>#1** ⌘ Read more
Learning YARA: A Beginner SOC Analyst’s Notes
Learn how to build a YARA-powered malware detection and automation system using n8n, GPT, and hybrid analysis tools. This hands-on guide…
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/learnin … ⌘ Read more
$540 Bounty: How a Misconfigured Warning Endpoint in Apache Airflow Exposed DAG Secrets
CVE-2023–42780: An Improper Access Control Bug That Let Low-Privileged Users View DAG Impo … ⌘ Read more
**From Forgot Password to Forgot Validation: A Broken Flow That Let Me Take Over Accounts **
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/from … ⌘ Read more
** From alert(1) to Real-world Impact: Hunting XSS Where Others Don’t Look** ⌘ Read more
Bug Bounty from Scratch | Everything You Need to Know About Bug Bounty
📌Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/bug-bounty-from-scratch-everything-you-need-to-know … ⌘ Read more
🧮 USERS:1 FEEDS:2 TWTS:1359 ARCHIVED:87441 CACHE:2693 FOLLOWERS:22 FOLLOWING:14
What technology to use for a small NGO website?
Hi Lobsters :) hope you’re having a cozy weekend
I’m volunteering to set up and maintain the website of an association/small NGO, and I need to choose the technology we will use. I would appreciate advice from the hive mind on what technologies/setup to use :)
The key constraints are:
- It should be feasible to teach a motivated non-coder how to adjust website content. Most of the content will be text & images describing the organisation and its va … ⌘ Read more
↳
In-reply-to
»
OSCAR PIASTRI
⤋ Read More
@nghialele@nghia.im Man, I wish I could watch Formula 1 on a regular basis again, but it has become expensive as fuck here. 🫤
↳
In-reply-to
»
I had a lot of fun with my modems these past few days:
⤋ Read More
This is my highlight, really, haven’t seen this in action in a loooooooong time:
Google Dorking: A Hacker’s Best Friend
Hey, hacker friends! Ever wonder why people say Google is a hacker’s best friend? Well, I’m about to show you why.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/google-dorking-a-hackers-best-friend-716dfb3e9739? … ⌘ Read more
The Hidden Admin Backdoor in Reddit Ads
An Invisibility Cloak for Attackers: How One Admin Created a Stealth Account That Even the Owner Couldn’t See or Remove
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/the-hidden-admin-backdoor-in-reddit-ads … ⌘ Read more
Bypassing Regex Validations to Achieve RCE: A Wild Bug Story
Free Article Lin
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/bypassing-regex-validations-to-achieve-rce-a-wild-bug-story-6476faccbc23?source=r … ⌘ Read more
The Year We Lost Control: How the AI Race Could End Humanity — or Save It
By now, you’ve probably heard whispers of a future shaped entirely by artificial intelligence. From Nobel laureates to the godfather of AI…
… ⌘ Read more
[47°09′56″S, 126°43′42″W] Reading: 1.53 Sv
🧮 USERS:1 FEEDS:2 TWTS:1358 ARCHIVED:87395 CACHE:2683 FOLLOWERS:22 FOLLOWING:14
UK government to spend £1.5bn on six new weapons factories ⌘ Read more
Earthquake of magnitude 6.1 hits Hokkaido in Japan, no tsunami warning ⌘ Read more
🧮 USERS:1 FEEDS:2 TWTS:1357 ARCHIVED:87391 CACHE:2690 FOLLOWERS:22 FOLLOWING:14
Security updates for Friday
Security updates have been issued by AlmaLinux (.NET 8.0, .NET 9.0, firefox, ghostscript, gstreamer1-plugins-bad-free, libsoup3, mingw-freetype, perl, ruby, sqlite, thunderbird, unbound, valkey, and xz), Debian (chromium, firefox-esr, libavif, linux-6.1, modsecurity-apache, mydumper, systemd, and thunderbird), Fedora (coreutils, dnsdist, docker-buildx, maturin, mingw-python-flask, mingw-python-flit-core, ruff, rust-hashlink, rust-rusqlite, and thunderbird), Red Hat (pcs), SUSE (augeas, … ⌘ Read more
Memory Analysis Introduction | TryHackMe Write-Up | FarrosFR
Non-members are welcome to access the full story here.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/memory-analysis-introduction-tryhackme-write-up-farrosfr-32e … ⌘ Read more
Passkeys: The Waterproof Defense Against Phishing Attacks
The Passkeys — a next-generation authentication technology poised to be a game-changer, offering what many describe as a truly waterproof…
[Continue reading on InfoSec Write-ups … ⌘ Read more
A Hidden Backdoor: Bypassing reCAPTCHA on the Sign-up Page
Free Article Link: Click for free!
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/a-hidden-backdoor-bypassing-recaptcha-on-the-sign-up-page-2b5b3c18257f … ⌘ Read more
** Cache Me If You Can: How I Poisoned the CDN and Hijacked User Sessions**
Free Link 🎈
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/cache-me-if-you-can-how-i-poisoned-the-cdn-and-hijacked … ⌘ Read more
Unauthenticated Remote Code Execution in vBulletin 6.0.1 via replaceAdTemplate Method ⌘ Read more
Walkthrough — Assessment Methodologies: Vulnerability Assessment CTF 1 ⌘ Read more
golang 每日一庫之 goflow
goflow 是一個基於 Go 語言的高性能、可擴展、分佈式的工作流框架。它允許開發者以編程方式將分佈式工作流定義爲任務的有向無環圖(DAG),並通過多個工作節點(Worker)均勻分配負載來執行任務。核心特性—-1. DAG 構建與任務編排goflow 允許用戶以 DAG 的形式定義工作流,每個節點代表一個任務,邊表示任務之間的依賴關係。這種結構使得任務的執行順序清晰,便於管理複雜的工作流程 ⌘ Read more
golang 每日一庫之 goflow
goflow 是一個基於 Go 語言的高性能、可擴展、分佈式的工作流框架。它允許開發者以編程方式將分佈式工作流定義爲任務的有向無環圖(DAG),並通過多個工作節點(Worker)均勻分配負載來執行任務。核心特性—-1. DAG 構建與任務編排goflow 允許用戶以 DAG 的形式定義工作流,每個節點代表一個任務,邊表示任務之間的依賴關係。這種結構使得任務的執行順序清晰,便於管理複雜的工作流程 ⌘ Read more
🧮 USERS:1 FEEDS:2 TWTS:1356 ARCHIVED:87389 CACHE:2690 FOLLOWERS:22 FOLLOWING:14
Apple Store in the Netherlands Temporarily Closing Starting Next Month
Apple has announced that its Den Haag store in the Netherlands will be temporarily closed for renovations starting this Sunday, June 1.
The store is located in The Hague, the capital city of the South Holland province.
First opened in 2014, Apple De Haag is one of the company’s flagship stores, located … ⌘ Read more
‘Mar-a-Lago face’ now the most in-demand plastic surgery — doctor reveals who everyone is requesting to look like
Adriana Diaz, Reporter - New York Post
Stephan: This is a trend, and it is one of the sickest, weirdest in American history.
Credit: GettyPoliticians are leading more than the government — they … ⌘ Read more
GitHub Recon: The Underrated Technique to Discover High-Impact Leaks in Bug Bounty
Master the Art of Finding API Keys, Credentials and Sensitive Data in Public Repositories
[Continue re … ⌘ Read more
nginx 中配置端口轉發 TCP-UDP 流量
ngxstreamcoremodule 模塊從 1.9.0 版本開始出現,默認不包含此模塊,需要通過–with-stream配置。這個模塊可用於 TCP/UDP 流量轉發,和實現負載均衡,配置示例:workerprocesses 1;events { workerconnections 1024;}stream {代理SSH連接 server { listen 10022; ⌘ Read more
10 Quirky, but Necessary, Food Safety Rules of the Past
Long before “hand sanitizer” became a household staple or single-use packaging sparked environmental debates, a series of surprisingly odd—and occasionally ingenious—food-safety laws quietly reshaped what ended up on our plates (and in our hands). From Victorian London’s shared ice-cream glasses that contributed to typhoid outbreaks to postwar Japan’s precision-sealed juice jars, each bizarre reform emerged […]
The post [1 … ⌘ Read more
**Uncovering Amazon S3 Bucket Vulnerabilities: A Comprehensive Guide for Ethical Hackers **
How to Identify, Exploit, and Secure S3 Bucket Misconfigurations
[Continue reading on InfoSec Wr … ⌘ Read more
Logic Flaw: Deleting HackerOne Team Reports Without Access Rights
How a GraphQL Mutation Allowed Unauthorized Report Deletion Across Teams
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/logic-flaw … ⌘ Read more
This One Hacker Trick Got Me Access to an Admin Dashboard ️
Sometimes, it’s not about brute force. It’s about finesse. One header. One oversight. One open door.
— A Hacker’s Mindset 🧠
[Continue reading on InfoSec … ⌘ Read more
Cracking JWTs: A Bug Bounty Hunting Guide [Part 1] ⌘ Read more
Walkthrough — Assessment Methodologies: Information Gathering CTF 1 ⌘ Read more
**Unsafe Redirects = Unlimited Ride: How Open Redirect Led Me to Internal Dashboards **
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/unsafe-redirects-unlimi … ⌘ Read more
I Tried 10 Recon Tools for 7 Days — Here’s What Actually Found Bugs
Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/i-tried-10-recon-tools-for-7-days-heres-what-actually-found-bug … ⌘ Read more
🧮 USERS:1 FEEDS:2 TWTS:1355 ARCHIVED:87386 CACHE:2688 FOLLOWERS:22 FOLLOWING:14
Em reacção à enorme quantidade de votos nulos nestas eleições nos votos por correspondência (outra vez) porque os eleitores não entendem o processo de votação, aparece um delegado a dizer “é por isso que o voto eletrónico é urgente!”
Ora, eu fico que é precisamente prova do contrário:
- então o estado ainda não conseguiu implementar o voto por correspondência de forma funcional, e achamos que vai conseguir implementar um sistema de votação que tem um grau de complexidade de uma ofdem altamente superior?
- os eleitores não percebem como funciona o sistema de voto por correspondência, e vão entender o desenho de um sistema de voto eletrónico?
The album is released next sunday, but why wait?
You can already listen to the full new #kokori album - a split with Floating Ashes - either by streaming or download (with a pay as you want - including nothing - option). So… Enjoy!
And relember, if you want a physical edition on #CD, you can leave a comment down there and I’ll get you one for 10€, shipping included.
https://anti-demos-cracia.bandcamp.com/album/idiossincrasias-vol-1
MYIR Launches Sub-$100 i.MX 91 Board for Embedded and Industrial Use
MYIR has introduced the MYC-LMX91, a compact SoM powered by NXP’s energy-efficient i.MX 91 processor. Designed for smart devices, the module targets applications such as industrial gateways, EV chargers, smart home systems, medical platforms, and building automation. The MYC-LMX91 is built around the 1.4 GHz Arm Cortex-A55-based i.MX 91 (MIMX9131CVVXJAA) and comes equipped with 1GB […] ⌘ Read more
$500 Bounty: Shopify Referrer Leak: Hijacking Storefront Access with a Single Token
Referrer Header Leaks + Iframe Injection = Storefront Password Bypass
[Continue reading on InfoSec Writ … ⌘ Read more
$750 Bounty: for HTTP Reset Password Link in Mattermost
How an Unsecured Protocol in a Critical Workflow Opened the Door for Network-Based Account Takeovers
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/750-bounty-for … ⌘ Read more
Exploiting Web Cache Poisoning with X-Host Header Using Param Miner
[Write-up] Web Cache Poisoning Using an Unknown Header.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/exploiting-web-ca … ⌘ Read more
**Header Injection to Hero: How I Hijacked Emails and Made the Server Sing **
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/header-injection-to-hero-how-i-hijacked-emails-an … ⌘ Read more
How to seduce someone in a restaurant. Step 1: Flash titties. Step 2: Done ⌘ Read more
🧮 USERS:1 FEEDS:2 TWTS:1354 ARCHIVED:87377 CACHE:2683 FOLLOWERS:22 FOLLOWING:14
Carney says Canada is looking to join major European military buildup by July 1 ⌘ Read more
Beyond best practices: Using OWASP ASVS to bake security into your delivery pipeline for 2025
How to turn a community-driven checklist into a living part of your SDLC.
[Cont … ⌘ Read more
Find Secrets in Hidden Directories Using Fuzzing ️
Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/find-secrets-in-hidden-directories-using-fuzzing-%EF%B8%8F-1666d6f34fd8?source=rss—-7b722bfd1b8d- … ⌘ Read more
Lab: Exploiting server-side parameter pollution in a query string
Server Side parameter pollution
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/lab-exploiting-server-side-parameter-pollution-in-a … ⌘ Read more
Breaking Twitter’s VPN: $20,160 Bounty for a Pre-Auth RCE via Pulse Secure Chain
How Orange Tsai & Meh Chang Combined File Read, Session Hijack, and Admin Injection to Breach Twitter’s Internal … ⌘ Read more
**One Endpoint to Rule Them All: How I Chained 3 Bugs into Full Account Takeover **
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/one-endpoint-to-rule-them-all-h … ⌘ Read more
Demystifying Cookies : The Complete Guide for Bug Bounty Hunters — Part 1
Everything you need to know about cookies to expand your attack surface and find real bugs.
[Continue reading on InfoSec Write-ups »](h … ⌘ Read more
**Silent but Deadly: How Blind XSS in Email Notifications Gave Me Root Alerts **
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/silent-but-deadly-how-blind-xss-in-email … ⌘ Read more
DFIR: An Introduction | TryHackMe Write-Up | FarrosFR
Here is my article on the walkthrough of a free room: DFIR: An Introduction. Introductory room for the DFIR module. I wrote this in 2025…
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/ … ⌘ Read more
MITM HTTPS Payload with Python
A lightweight MITM tool for monitoring encrypted traffic and detecting threats powered by AI and built in Python
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/mitm-https-payload-with-python-499ebf8e933f?source=rss—-7b722bfd1b8d— … ⌘ Read more
**From CSP to OMG: How a Tiny Misconfigured Header Let Me Run JS Anywhere **
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/from-csp-to-omg-how-a-tiny-misconfigured-header-let- … ⌘ Read more
I Gave Myself 60 Minutes to Find a Bug — This Is What Happened
Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/i-gave-myself-60-minutes-to-find-a-bug-this-is-what-happened-e5fa76563a33?so … ⌘ Read more