infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

[RSS] Now You See mi: Now You're Pwned

https://labs.taszk.io/articles/post/nowyouseemi/
this post | permalink
[RSS] From virtio-snd 0-Day to Hypervisor Escape: Exploiting QEMU with an Uncontrolled Heap Overflow

https://osec.io/blog/2026-03-17-virtio-snd-qemu-hypervisor-escape
this post | permalink
@chmod644 Attention Traps?
this post | permalink
@chmod644 We should definitely come up with a catchy name!
this post | permalink
Cisco Talos issued a ton of TP-Link advisories, check @talosvulns for more details!

RE: https://infosec.place/objects/3c67cba4-e40f-42c2-8c4b-284816d64d00
this post | permalink
[RSS] Qihoo 360's AI Product Leaked the Platform's SSL Key, Issued by Its Own CA Banned for Fraud

https://blog.barrack.ai/qihoo-360-ssl-key-leak-wotrus-ca-fraud/

https://crt.sh/?id=24937759962
https://crt.sh/?id=24937755996

Ouch...
this post | permalink
The leaked exploit toolkit for various iOS versions (Coruna)

https://github.com/khanhduytran0/coruna
this post | permalink
@Viss

I may be wrong but assuming users don't know what files are helped me resolve a number of family techsupport situations.

@krypt3ia @decryption @jpm @da_667 @sassdawe
this post | permalink
@schrotthaufen

SmartScreen windows got increasingly hard to unblock over time "and for a while, it was good". Then I went to a client where the sysadmin unblocked the freshly downloaded executable from the properties window so fast I had to ask him to show me once more what he just did because I couldn't follow.

Life finds a way.

@decryption @jpm @da_667 @sassdawe @Viss
this post | permalink
#Xiaomi advisories by Taszk

https://labs.taszk.io/blog/post/114_mi_heap_bof/
https://labs.taszk.io/blog/post/113_mi_rng_predict/
https://labs.taszk.io/blog/post/112_mi_hshake_bypass/

It seems there is some exceptionally dump vendor policy is in the works so #NoCVE
this post | permalink
Next Page