infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

@raptor I know I should be impressed by the LLM, but without actual analysis I feel we just took another step toward making everyone dumber...
this post | permalink
oss-security - Re: CVE-2025-32433: Unauthenticated Remote Code Execution in Erlang/OTP SSH
https://www.openwall.com/lists/oss-security/2025/04/18/1

Exploit published ^
this post | permalink
@mothcompute microsoft qword - built with...
this post | permalink
@TarkabarkaHolgy #footfetish
this post | permalink
Love the absolute units! (And I suck at photography)
this post | permalink
@swapgs The weird part is that even the GHSA link is broken. I also skimmed through recent commits, and nothing immediately suspicious came forward, but I guess PHP don't like to advertise security fixes this way either...
this post | permalink
[RSS] New writeup: a vulnerability in PHP's extract() function allows attackers to trigger a double-free, which in turn allows arbitrary code execution (native code)

https://ssd-disclosure.com/ssd-advisory-extract-double-free5-x-use-after-free7-x-8-x/

Can't find official identifiers for this, the GitHub advisory link is broken...
this post | permalink
[RSS] Dubious security vulnerability: Once I have tricked the user into running a malicious shortcut, I can install malware

https://devblogs.microsoft.com/oldnewthing/20250414-00/?p=111072
this post | permalink
[RSS] The Windows Registry Adventure #6: Kernel-mode objects

https://googleprojectzero.blogspot.com/2025/04/the-windows-registry-adventure-6-kernel.html
this post | permalink
@ligniform Ahh thanks, I remembered it being under Community, but with careful inspection I found the two tiny arrows under the score circle...
this post | permalink
Next Page