infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

[RSS] Ni8mare - Unauthenticated Remote Code Execution in n8n (CVE-2026-21858)

https://www.cyera.com/research-labs/ni8mare-unauthenticated-remote-code-execution-in-n8n-cve-2026-21858
this post | permalink
[RSS] TrustZone Break-in Vulnerabilities in Ampere UEFI MM Drivers (Arbitrary Out-of-Bounds Write)

https://github.com/google/security-research/security/advisories/GHSA-jxxm-gxxf-64mg
this post | permalink
[RSS] TrustZone Break-in Vulnerabilities in Ampere UEFI MM Drivers (Buffer Overflow and Stack Information Leak)

https://github.com/google/security-research/security/advisories/GHSA-46qj-g894-vrxr
this post | permalink
[RSS] Breaking Down the Attack Surface of the Kenwood DNR1007XR - Part One

https://www.thezdi.com/blog/2026/1/6/breaking-down-the-attack-surface-of-the-kenwood-dnr1007xr-part-one
this post | permalink
@cR0w @maaneeack @troed Don't take my word for it, I really didn't have time to dig in, but that's kind of the problem with slop isn't it?
this post | permalink
@troed @maaneeack @cR0w The person who posted this also posted a bunch of other stuff in different projects. This is their "repro" for MongoDB:

```
./mdb_load -T /tmp/lmdb_asan < [crash_input_file]
```

...but I don't see what `crash_input_file` anywhere. I smell slop.

(Source: https://seclists.org/fulldisclosure/2026/Jan/5 )
this post | permalink
@AlSweigart
this post | permalink
...of course Phrack doesn't disappoint: https://github.com/xforcered/PhrackCTF/
this post | permalink
@freddy will take a look thanks!
this post | permalink
@joxean It doesn't have to be up-to-date, I'm going for samples, thanks!
this post | permalink
Next Page