infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

[RSS] Introducing HyperHook: A harnessing framework for Nyx

https://neodyme.io/en/blog/hyperhook/
this post | permalink
[RSS] Micropatches Released for Windows Task Scheduler Elevation of Privilege Vulnerability (CVE-2024-49039)

https://blog.0patch.com/2025/02/micropatches-released-for-windows-task.html
this post | permalink
[RSS] Secure by Design: Google's Blueprint for a High-Assurance Web Framework

https://bughunters.google.com/blog/6644316274294784/secure-by-design-google-s-blueprint-for-a-high-assurance-web-framework
this post | permalink
Well, go on!

https://www.youtube.com/watch?v=sBffNiUOeiA
this post | permalink
@_dm "Speedrunning engineering failures" is the new "Speedrunning the failures of the financial system"?
this post | permalink
@krypt3ia The state of the industry is well illustrated by the fact that people take THN seriously...
this post | permalink
@mumblegrepper
this post | permalink
I enjoy memes and sarcasm more than anyone, but I'd really appreciate a TL;DR for these supply-chain posts of watchTowr...

I mean, their last exploit writeup is estimated a 15mins read, the latest thing is 41 and there isn't even code to explain.
this post | permalink
Apache Cassandra vulnerabilities:

CVE-2024-27137: Unrestricted deserialization of JMX authentication credentials

https://seclists.org/oss-sec/2025/q1/92

CVE-2025-24860: Network region AUTHZ bypass

https://seclists.org/oss-sec/2025/q1/94

CVE-2025-23015: Privilege escalation with ALL KEYSPACES permission

https://seclists.org/oss-sec/2025/q1/93
this post | permalink
[RSS] Cloudflare jsd challenge reverse engineered (cf_clearance)

https://github.com/xkiian/cloudflare-jsd
this post | permalink
Next Page