@aral wow, this subscription abuse and the idea of a person not owning the item that was bought has to stop. In this case it is not a service that is continuously being provided, so a subscription model makes no sense.

"Improper input validation of octal strings in Python 3.8.0 thru v3.10 stdlib ipaddress allows unauthenticated remote attackers to perform indeterminate SSRF, RFI, and LFI attacks on many programs that rely on Python stdlib ipaddress."

sick.codes/sick-2021-014/

So it seems that "not upgrading docker right away" is paid feature on Windows and Mac 🤔

wow

twitter.com/moyix/status/13885

Here's the video of today's call with the European Commission, including my talk on "Networked Communities as Essential Infrastructure"! conf.tube/videos/watch/9bb5541

"Exploiting vulnerabilities in Cellebrite UFED and Physical Analyzer from an app's perspective"

signal.org/blog/cellebrite-vul

"we learned that someone had gained unauthorized access to our Bash Uploader script and modified it without our permission."

about.codecov.io/security-upda

Show older
Social feed

This is a personal and private instance.