hey kids, it is time to #patch your #kernel https://image.inblog.dev/?url=https%3A%2F%2Fsource.inblog.dev%2Fpost_image%2F2026-04-29T15%3A10%3A21.210Z-96f54651-d042-4122-b768-44c9586130b7&w=1920&q=85 #CopyFail / Same script, four distributions, four root shells — in one take. The same exploit binary works unmodified on every Linux distribution. /

Xint

Copy Fail — 732 Bytes to Root

CVE-2026-31431. 100% Reliable Linux LPE — no race, no per-distro offsets, page-cache write that bypasses on-disk file-integrity tools and crosses...

#infosec #Linux #root #vulnerability

#github spiciness level increases, first the code merging issues and now a 8.7 #CVE read the @npub1gmtv...qxkh postmortem nothing is safe View quoted note →

Before you get excited about a drivechain airdrop and 'free money' > watch this debate between Paul Sztorc and Alex Gladstein on What Bitcoin Did published 2nd of April 2026 In recent tweet Paul said 'they' paid 170k for the ecash .com domain last summer... since then he hasnt even tried LN in current state or any of the chaumian ecash projects built on Bitcoin. ... Timing doesn't add up some dark patterns fr Having a .com domain don't mean jack > turbo charged affinity scammer IMHO - wait for snapshot in August, then rotate your wallets and use old seed to claim his shitcoin and dump the shit just like btrash #etrash #drivechain #airdrop #eCash #sztorc

View quoted note →

" #BrowserGate is not one thing. It is several things operating simultaneously: It is a mass privacy violation affecting every Chrome user who visits #LinkedIn. It is an illegal profiling system that collects data on religion, politics, health, and employment status, tied to verified real-world identities. It is a corporate intelligence operation that maps the technology stacks, security postures, and internal cultures of tens of millions of companies. It is a trade secret extraction machine that compiles customer lists for 6,222 software vendors without their knowledge or consent. It is a tool for surveilling government employees, including the very regulators and legislators responsible for overseeing LinkedIn’s compliance with the law. And it is a monopoly maintenance mechanism, designed to identify and suppress the users of competing tools on a platform where users have no meaningful alternative. One company, owned by the largest software corporation on earth, with 1.2 billion users’ verified professional identities, decided to silently scan every visitor’s browser for installed software and transmit the results, encrypted, to its servers. No consent. No disclosure. No oversight. The question is not whether this violates the law. We have documented that. The question is whether the institutions responsible for enforcing the law will act before LinkedIn finishes building the most comprehensive corporate and government intelligence database ever assembled by a private company."

BrowserGate

This Is Not Just a Privacy Violation

When people hear that LinkedIn scans browser extensions without consent, the first reaction is usually about personal privacy. That reaction is cor...

#Trivy and #LiteLLM #hack It is a **bad day** to be using `pip` "They told us they are currently extorting several multi-billion-dollar companies from which they've exfiltrated data. They've obtained 300 GB of compressed credentials and are working their way through them as we speak. The LiteLLM compromise alone led to half a million stolen credentials, according to the threat actor. Their message to the world: "TeamPCP is here to stay. Long live the supply chain." https://xcancel.com/IntCyberDigest/status/2036526495254876418#m https://xcancel.com/vxunderground/status/2036822471437848883#m https://xcancel.com/IntCyberDigest/status/2036933401240838564#m

#ForceMemo A #glassworm #malware that targets python packages, self replicates, and uses a solana wallet memo field to point to a C2 server... wow this is an #ongoing attack, watch your `pip install` commands directly from Github " ### How to Check If You're Affected If you install Python packages directly from GitHub (e.g., pip install git+https://github...) or clone and run Python repos: - Search for the marker variable in any Python files you've cloned: grep -r "lzcdrtfxyqiplpd" . - Check for ~/init .json on your system — this is the malware's persistence file - Check for downloaded Node .js in your home directory: ls ~/node-v22* - Check for i .js in any recently-cloned project directories - Review git commit history of repos you've cloned — look for commits where the committer date is significantly newer than the author date"

ForceMemo: Hundreds of GitHub Python Repos Compromised via Account Takeover and Force-Push - StepSecurity

The StepSecurity threat intelligence team was the first to discover and report on an ongoing campaign — which we are tracking as ForceMemo — in...

#InfoSec #security #python #pip #github #cybersecurity #StepSecurity #maintainer

running #antiX the proudly anti-fascist kinux distro version 26 just dropped and it saved a Intel Celeron with 2GB of RAM from the trashbin its blazing fast on old #hardware

use your hands their the best took you will ever own #maker #quotes

#asknostr #ecommerce #art #shopstr Seeking to help friend onboard to nostr and start selling homemade #hotsauce for sats Help a cat out, be there a guide or tutorial out there? nostr marketplace? wherr to start?

Legacy credentials / production secrets in a snapshot / potential data decryption key exposure they say funds are safu, but its never nice to get pwned by a skilled and funded APT "The investigation the firm launched to determine the cause revealed that the attack originated on a compromised employee's laptop. The attackers stole legacy credentials and used them to access a snapshot with production secrets, later escalating access to the larger Bitrefill infrastructure, including parts of the database and some cryptocurrency wallets. About 18,500 purchase records containing customer email addresses, IP addresses, and cryptocurrency payment addresses were exposed in the breach. For 1,000 purchases, customer names were also exposed. Although this information is stored in encrypted form, Bitrefill notes that the attackers may have obtained the decryption keys." #Bitrefill #hack #keyrotation #InfoSec View quoted note →

All your STM32F2 belong to @npub149pe...998l

Grand Idea Studio: Trezor One / STM32 Fault Injection

#STM32F2 #Trezor #TrezorOne #FaultInjection #hardwarewallet #coldstorage #seedrecovery View quoted note →

#chatcontrol #EU #mass #surveillence

Patrick Breyer

Historic Chat Control Vote in the EU Parliament: MEPs Vote to End Untargeted Mass Scanning of Private Chats

In a sensational turn of events in the fight against Chat Control, a majority in the European Parliament voted today to end the untargeted mass sca...

" #Onionspray is a tool to setup Onion Services for existing public websites, working as a HTTPS rewriting proxy. Onionspray is a fork of Alec Muffett's EOTK, with many enhancements but retaining compatibility, and relying on C Tor until an alternative in Arti is available. Onionspray works as a proxy between an Onion Service connection and the website, bringing many benefits to operators: - Onionspray is a self-contained software with everything needed to configure an onionsite. - There's no need to adapt existing setups: Onionspray can be installed in a separate environment, and no changes are usually needed in the website. The result is essentially a "Onion Services in the middle" proxy; you should set them up only for your own sites, or for sites which do not require login credentials of any kind."

Onionspray

#tor #censorship #resistance #onion #HTML

#readme #chatcontrol #EU #Europe View quoted note →

33 years and counting Thank you Eric and all the cypherpunks and cats that have kept his vision alive A manifesto is just words and intentions, it is up to the humans to manifest them into reality The cypherpunk future is now

A Cypherpunk's Manifesto | Satoshi Nakamoto Institute

By Eric Hughes, March 9, 1993

Art has power, this was written in 1940. "I’m sorry, but I don’t want to be an emperor. That’s not my business. I don’t want to rule or conquer anyone. I should like to help everyone - if possible - Jew, Gentile - black man - white. We all want to help one another. Human beings are like that. We want to live by each other’s happiness - not by each other’s misery. We don’t want to hate and despise one another. In this world there is room for everyone. And the good earth is rich and can provide for everyone. The way of life can be free and beautiful, but we have lost the way. Greed has poisoned men’s souls, has barricaded the world with hate, has goose-stepped us into misery and bloodshed. We have developed speed, but we have shut ourselves in. Machinery that gives abundance has left us in want. Our knowledge has made us cynical. Our cleverness, hard and unkind. We think too much and feel too little. More than machinery we need humanity. More than cleverness we need kindness and gentleness. Without these qualities, life will be violent and all will be lost… The aeroplane and the radio have brought us closer together. The very nature of these inventions cries out for the goodness in men - cries out for universal brotherhood - for the unity of us all. Even now my voice is reaching millions throughout the world - millions of despairing men, women, and little children - victims of a system that makes men torture and imprison innocent people. To those who can hear me, I say - do not despair. The misery that is now upon us is but the passing of greed - the bitterness of men who fear the way of human progress. The hate of men will pass, and dictators die, and the power they took from the people will return to the people. And so long as men die, liberty will never perish… Soldiers! don’t give yourselves to brutes - men who despise you - enslave you - who regiment your lives - tell you what to do - what to think and what to feel! Who drill you - diet you - treat you like cattle, use you as cannon fodder. Don’t give yourselves to these unnatural men - machine men with machine minds and machine hearts! You are not machines! You are not cattle! You are men! You have the love of humanity in your hearts! You don’t hate! Only the unloved hate - the unloved and the unnatural! Soldiers! Don’t fight for slavery! Fight for liberty! In the 17th Chapter of St Luke it is written: “the Kingdom of God is within man” - not one man nor a group of men, but in all men! In you! You, the people have the power - the power to create machines. The power to create happiness! You, the people, have the power to make this life free and beautiful, to make this life a wonderful adventure. Then - in the name of democracy - let us use that power - let us all unite. Let us fight for a new world - a decent world that will give men a chance to work - that will give youth a future and old age a security. By the promise of these things, brutes have risen to power. But they lie! They do not fulfil that promise. They never will! Dictators free themselves but they enslave the people! Now let us fight to fulfil that promise! Let us fight to free the world - to do away with national barriers - to do away with greed, with hate and intolerance. Let us fight for a world of reason, a world where science and progress will lead to all men’s happiness. Soldiers! in the name of democracy, let us all unite!"

Do not play their game It is not west vs east / muslim vs christians It is all a distraction from the pedophiles and fascists that believe they are better than you you are humanity, do not believe their lies the truth is within