infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

[RSS] Lateral Movement via Cross-Session Activation

https://ipurple.team/2026/05/04/cross-session-activation/
this post | permalink
[RSS] Punk, or why I don't stream anymore

https://geohot.github.io//blog/jekyll/update/2026/05/03/punk-or-why-i-dont-stream.html

"What killed the hacker culture I grew up in was spectacle."
this post | permalink
[RSS] A Shortcut to Coercion: Incomplete Patch of APT28's Zero-Day Leads to CVE-2026-32202

https://www.akamai.com/blog/security-research/2026/apr/incomplete-patch-apt28s-zero-day-cve-2026-32202
this post | permalink
[RSS] Three Bugs Walk Into a PDF: Prototype Pollution, Served Cold

https://starlabs.sg/blog/2026/04-three-bugs-walk-into-a-pdf-prototype-pollution-served-cold/

CVE-2026-34621, CVE-2026-34622, CVE-2026-34626
this post | permalink
[RSS] Carrot disclosure: Forgejo

https://dustri.org/b/carrot-disclosure-forgejo.html
this post | permalink
[RSS] A Route to Root in a 4G Industrial Router

https://tantosec.com/blog/2026/04/route-to-root-in-4g-industrial-router/
this post | permalink
[RSS] Discovering Vulnerabilities in Enterprise Audiovisual Hardware

https://spaceraccoon.dev/discovering-vulnerabilities-enterprise-audiovisual-hardware/
this post | permalink
[RSS] libghidra - SDK for automating Ghidra from Python, Rust, and C++

https://github.com/0xeb/libghidra

#Ghidra
this post | permalink
[RSS] TAPOcalypse Now: Exploiting TP-Link Smart Devices From Anywhere

https://labs.taszk.io/articles/post/tapocalypse/
this post | permalink
@wolf480pl @joshbressers @gregkh I don't think a negative externality has to affect *everyone*. We can argue about who are 1st, 2nd, and 3rd parties in this game, but in the end suboptimal vulnerability management (caused by arguably bullshit CVEs) definitely hurt the security of end users who don't have a say about which vendors their service provider choose (not that there are many orgs out there today who can run without Linux, so this demand is a bit unrealistic too).
this post | permalink
Next Page