XZ has been backdoored, whoah. Good thing people noticed it very quickly and we already have a patch. Since there is no official version with the fix, just downgrade.

https://archlinux.org/news/the-xz-package-has-been-backdoored/

https://www.phoronix.com/news/XZ-CVE-2024-3094

Fren Submission

ok that was funny
https://owasp.org/blog/2024/03/29/OWASP-data-breach-notification.html

ok, apparently i can get free robux from brazilian gov websites

That moment when Telegram for windows allowed RCE (remote code execution) because of a typo in the code.
Source here.

On April 18, 2014, Monero's Genesis block was mined.

Today is the 10th birthday of Monero Chan.

List of interesting repos, libraries, tools, blog posts, writeups and papers related to cybersecurity.

https://github.com/0xor0ne/awesome-list

Today Avast unveiled 'GuptiMiner'.

tl;dr eScan AV, out of India, used HTTP for AV updates, not HTTPS, North Korea man-in-the-middle'd updates to large networks to deliver malware

We give this APT campaign an A+ because it's absurdly well executed

https://decoded.avast.io/janrubin/guptiminer-hijacking-antivirus-updates-for-distributing-backdoors-and-casual-mining/

these malware and apt art are fire 🔥

🔥🔥🔥
(here: https://github.com/microsoft/MS-DOS/blob/2d04cacc5322951f187bb17e017c12920ac8ebe2/v4.0/src/CMD/COMMAND/TMISC1.ASM#L309)

me arguing with popOS devs for not releasing version 24.04 on time

Shall we play a game?

Me whenever I hear "Dude, AI is going to steal your job"

bros im starting to practice to play music by ear. These are the first notes i got 100% right
(yeah i know the tempo is messed up, 3/4 compass is very difficult for me)

Methods used over the years by malware to conceal malicious activity.
source