infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

I need a tool that can generate self-contained HTML pages from #Markdown with different styles.

markdown-styles looks really close, but I wonder if there are alternatives (preferably not requiring NodeJS):

https://github.com/mixu/markdown-styles
this post | permalink
@b0rk Not exactly, but a privileged binary can take it granted that `ls` always executes `/bin/ls`, but runs an attacker provided executable instead (very stupid, but real example). Now this usually happens without switching a "PATH provider", but my gut feeling is that having "one central place" for PATH processing would've prevented at least some of these issues.
this post | permalink
@b0rk I think exploits passing e.g. PATH=. instead of the expected system value (e.g. via misconfigured sudo) can be called a "problem" :)
this post | permalink
@virtualabs I have no clue but GH discussions are regularly answered by devs, usually worth to ask there too.
this post | permalink
[RSS] DBus and Polkit Introduction

https://u1f383.github.io/linux/2025/05/25/dbus-and-polkit-introduction.html

With analysis of CVE-2025-23222 and CVE-2021-3560
this post | permalink
[RSS] CVE-2025-32756: Low-Rise Jeans are Back and so are Buffer Overflows [Fortinet]

https://horizon3.ai/attack-research/attack-blogs/cve-2025-32756-low-rise-jeans-are-back-and-so-are-buffer-overflows/
this post | permalink
[RSS] Automating MS-RPC vulnerability research

https://www.incendium.rocks/posts/Automating-MS-RPC-Vulnerability-Research/
this post | permalink
[RSS] The Windows Registry Adventure #7: Attack surface analysis

https://googleprojectzero.blogspot.com/2025/05/the-windows-registry-adventure-7-attack-surface.html
this post | permalink
[RSS] Bypassing MTE with CVE-2025-0072

https://github.blog/security/vulnerability-research/bypassing-mte-with-cve-2025-0072/
this post | permalink
[RSS] Don't Call That "Protected" Method: Dissecting an N-Day vBulletin RCE

https://karmainsecurity.com/dont-call-that-protected-method-vbulletin-rce
this post | permalink
Next Page