I like this part: «Can I access the shell in an emergency? Emergency shell access is available to YOLO Support engineers, with your written consent, during an active support case. End users do not have shell access»

Did anyone count? How many vulns just in 2025 alone?

So, will the AV software then scan that +:\ drive or not? 🤔

I wonder what must happen that we as a society start to make companies responsible for such fails.

I like this comment on that page, haven’t heard about it before: «Was done…in Stockholm a few years back. Someone copied the plates of the CEO of the company operating a toll road in the city and posted it online. Folks pasted it over their own plates and used the toll road all day. The ALPR dutifully generated an humongous bill…»

See slides #8 and #10 on this presentation: https://download.openwall.net/pub/projects/lkrg/presentations/OSTconf2020-LKRG-In-A-Nutshell.pdf -> Kernel Panic (milder response would be ineffective) and killing the task.

And which has constantly lied to you and ignored what you told it to not do. Must be that quality we were told about…

«PQC…isn’t mathematics or engineering, it’s augury: ‘A great machine shall arise, and it will cast aside all existing cryptography, there shall be Famine, Plague, War, and a long arable field.’»

🤭

Yes. And you will have a good chance that the EDR wont flag the extractor since its not suspicious code per se.

«When they loaded this URL, the server responded with a Java heap dump, which is a roughly 150-MB file containing a snapshot of the server’s memory at the moment the URL was loaded.»

Comedy gold, the whole article…

News or not. I like the fact that the pot is calling the kettle black…

Direct link: https://www.nytimes.com/2025/04/24/magazine/crybercrime-crypto-minecraft.html

A tad late (the original story), but now there is an opinion piece on this topic now: https://www.theregister.com/2025/03/24/microsoft_opinion/

I like the part with “This a post-literate era, and we should expect the next demand for bughunters to express proof-of-concept as a TikTok dance short.”

OH: «by sending a malicious DNS packet to the target device», 👌🤭

I lost count. How many vulns this year already?

🤭

Or you could follow to the (original) blog: https://blog.jgc.org/2024/09/cracking-old-zip-file-to-help-open.html

You mean like FIST but with a huge revolver? 😍