infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

Fun little #iPhone #privacy leaks by my former teammate Máté:

1) Locked iPhone Arbitrary Phone Call
https://szilak.com/2025-09-18-locked-iphone-arbitrary-number-call.html

2) Locked iPhone Saved Contact Confirmation
https://szilak.com/2025-09-18-locked-iphone-contact-brute-force.html
this post | permalink
[RSS] Project Rain:L1TF

https://bughunters.google.com/blog/4684191115575296/project-rain-l1tf

"a detailed overview of the L1TF vulnerability, a CPU vulnerability on some Intel CPUs (Skylake and older)"
this post | permalink
[RSS] Worst Clock Ever Teaches You QR Codes

https://hackaday.com/2025/09/18/worst-clock-ever-teaches-you-qr-codes/
this post | permalink
[RSS] exploits.club Weekly Newsletter 86 - KSMBD 0Clicks, Apple Ends Memory Corruption, Mini-Kernels in Zig, And More

https://blog.exploits.club/exploits-club-weekly-newsletter-86-ksmbd-0clicks-apple-ends-memory-corruption-mini-kernels-in-zig-and-more/
this post | permalink
[RSS] Beyond Sandbox Domains: Rendering Untrusted Web Content with SafeContentFrame

https://bughunters.google.com/blog/6715529872080896/beyond-sandbox-domains-rendering-untrusted-web-content-with-safecontentframe
this post | permalink
[RSS] R.E.L.I.V.E. -- open-source re-implementation of Oddworld: Abe's Exoddus and Oddworld: Abe's Oddysee

https://aliveteam.github.io/
this post | permalink
Checking on the website of our local #library and found that there is a dedicated status for orders where "all instances of the document *disappeared* and the librarian sees no good chance that they will be found in the foreseeable future".

I mean, you had one job!

Edit: can't wait for my bank to introduce the "sorry bro, we blew that money on coke" status :D
this post | permalink
@snow I saw this just yesterday: https://en.wikipedia.org/wiki/Friendship_paradox
this post | permalink
One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens

https://dirkjanm.io/obtaining-global-admin-in-every-entra-id-tenant-with-actor-tokens/

"I found the most impactful Entra ID vulnerability that I will probably ever find. This vulnerability could have allowed me to compromise every Entra ID tenant in the world"
this post | permalink
[RSS] 2025 Hackaday Component Abuse Challenge: Let the Games Begin!

https://hackaday.com/2025/09/16/2025-hackaday-component-abuse-challenge-let-the-games-begin/
this post | permalink
Next Page