Shazzer will now highlight the differences in behaviour between browsers. If one does something different it will be highlighted in red.

shazzer.co.uk/vectors/661643…

A free scanner to detect signs of the XZ backdoor implantation has been released!
👇
x.com/binarly_io/sta…

sikurezza.org

We released our new semgrep rules today. Given the recent news about executive orders from the Whitehouse, we thought it would be important to flag all of the code that doesn't meet federal standards.

Memory Safety is serious stuff today:
github.com/IncludeSecurit…

THE MATRIX was released 25 years ago today. Acclaimed as both one of the great science fiction movies and a groundbreaking action film, the behind-the-scenes story will have you questioning reality…

1/44

We would like to welcome our new team member: Jia Tan!

Jia will work on a set of challenges for our 'Supply Chain' badge!!

We made a post congratulating and praising Andres Freund (Tech) for his discovery of the xz backdoor

Dorks immediately started freaking out

>i WouLd hAvE cAuGhT ThiS
>i dO bEnChMarkS liKe tHiS tOO

How about you be happy for someone? Not everything is an attack on your ego 😤😤

🤯 The level of sophistication of the XZ attack is very impressive! I tried to make sense of the analysis in a single page (which was quite complicated)!

I hope it helps to make sense of the information out there. Please treat the information 'as is' while the analysis…

🚨 Urgent: I need the help of the #InfoSec and #crypto (graphy) community. A policy I designed and helped implement has led to a serious situation. Some affected users are becoming increasingly 😱agitated, and I've even received threats demanding a solution.🧵👇 (FLT rewards) 1/

How I broadcast LoRa packets WITHOUT a radio

youtube.com/watch?v=eIdHBD…

One thing LLMs have taught people is that any input is part of the program itself. And small variations in input can make vast changes in the output of a program.

Web developers in the near future

Remember don’t (Quick) Format your disks, destroy them physically!

New blog post is out! Extracting the SecOC keys used for securing the CAN Bus on the 2021+ RAV4 Prime. icanhack.nl/blog/secoc-key…

Research started all the way in 2022, but took many evenings of reverse engineering to get code execution.

PoC: github.com/I-CAN-hack/sec…

My 40 years of Prince of Persia™ adventures started in 1985 with an Apple II, a videotape camera, and my brother David in pajama pants in our high school parking lot.
From my graphic novel 'REPLAY: Memoir of an Uprooted Family' - now in English jordanmechner.com/en/books/repla…

Magika - fast file identification via deep learning. Open-source and used internally at Google.
Assessed by yours truly.
opensource.googleblog.com/2024/02/magika…

now is the time to sell 3d printed custom case for flipper on etsy for highly inflated price.

An HK-based employee of a multinational firm wired out $25M after attending a video call where all employees were deepfaked, including the CFO.

He first got an email which was suspicious but then was reassured on the video call with his “coworkers.”