i don’t think any of you know what a fan listing is but basically it was a fandom thing in the 2000s where people would make websites that other people could sign up for to show they’re a fan of something. more info here.
anyway i made a fan listing kinda thing in PHP to learn the language. it was fun af
Google is working on a big UI overhaul for Android
When Google released the fourth beta of Android 16 this month, many users were disappointed by the lack of major UI changes. As Beta 4 is the final beta, it’s likely the stable Android 16 release won’t look much different than last year’s release. However, that might not hold true for subsequent updates. Google recently confirmed it will unveil a new version of its Material Design theme at its upcoming developer conference, and we … ⌘ Read more
How to Build a Cyber Threat Intelligence Collection Plan
Learn how to build a cyber threat intelligence collection plan to track your intelligence requirements and make them actionable!
[Continue reading on InfoSec Write-ups »](https: … ⌘ Read more
$500 Bug Bounty:Open Redirection via OAuth on Shopify
Exploiting OAuth Errors: A Real-World Open Redirect Bug on Shopify
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/500-bug-bounty-open-redirection-via-oauth-on-shopif … ⌘ Read more
**What Recruiters Look for in a Cybersecurity Resume in 2025 **
Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/what-recruiters-look-for-in-a-cybersecurity-resume-in-2025-dcc81fa3154e?source=rss- … ⌘ Read more
** CISA Sounds the Alarm: Broadcom and Commvault Flaws Under Active Exploitation! ️**
Buckle up, cybersecurity enthusiasts! The U.S. Cybersecurity and Infrastructure Security Agency (CISA) j … ⌘ Read more
** Not Just a Ping: How SSRF Opened the Gateway to Internal Secrets **
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/not-just-a-ping-how-ssrf-opened-the-gateway-to-internal-secrets-d18eeccd … ⌘ Read more
i hosted a forgejo instance out of boredom. it’s pretty epic https://bytes.4-walls.net/kat
Docker Desktop 4.41: Docker Model Runner supports Windows, Compose, and Testcontainers integrations, Docker Desktop on the Microsoft Store
Docker Desktop 4.41 brings new tools for AI devs and teams managing environments at scale — build faster and collaborate smarter. ⌘ Read more
gah i’ve been so busy working on love4eva! TL;DR i switched image backends from the test/dev only module i was using to the S3 one, but with a catch - i’m not using S3 or cloud shit!!! i instead got it to work with minio, so it’s a middle ground between self hosting the image uploads & being compatible with the highly efficient S3 module. i’m super happy with it :)
i posted a patreon update that details the changes more: https://www.patreon.com/posts/i-am-now-working-127687614
that post says i didn’t update my guide yet but i actually did like right after i made that post lol so you can CTRL+F for minio stuff there!
We havet an AI assistant at work, new version came out today “nearby restaurant recommendations” mentioned. Gotta try that!
Ask it where I can get a burger, knowing there’s 3 spots that had it on the menu, AI says there’s none. Ask it to list all the restaurants nearby it can check… it knows 3, of the 10 or so around, but 1/3, even has a burger, on the menu.
Ask it to list the whole menu at restaurant 1: it hallucinates random meals, none of which they had (I ate there).
Restaurant 2 (the one most people go to, so they must have at least tested it with this one): it lists the soup of the day and ¾ meals available. Incomplete, but better than false.
Restaurant 3: it says “food” and gives a general description of food. You have to be fucking kidding me!
“BuT cAnInE, tHe A(G)i ReVoLuTiOn Is NoW”
Running - 4 miles: 3.99 miles, 00:09:26 average pace, 00:37:41 duration
Cloudflare Tunnel Misconfigurations: A Silent Threat in DevOps Pipelines ⌘ Read more
How i Access The Deleted Files of Someone in Google Drive | Bug Bounty ⌘ Read more
Automating Information Gathering for Ethical Hackers — AutoRecon Tutorial
Here’s how Autorecon automates the recon phase and gives you faster, cleaner results in your penetration tests.
[Continue reading o … ⌘ Read more
How I Set Up a Free Server That I’ll Never Have to Pay For
About one year ago, after my Amazon Web Services and Google Cloud trials expired, I started looking for other free cloud services.
[Continue reading on InfoSec Write-ups »]( … ⌘ Read more
Finding Child Abuse Sites on the Darkweb ⌘ Read more
**WooCommerce Users Beware: Fake Patch Phishing Campaign Unleashes Site Backdoors **
Imagine this: you’re running your WooCommerce store, sipping coffee ☕, and an urgent email lands in your inbox. It scr … ⌘ Read more
** JWT, Meet Me Outside: How I Decoded, Re-Signed, and Owned the App **
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/jwt-meet-me-outside-how-i-decoded-re-signed-and-owned-the-app-95791eabcf5d? … ⌘ Read more
**Hackers Exploit Craft CMS Flaws: A Deep Dive into CVE-2025–32432 **
Imagine running a sleek website powered by Craft CMS, only to discover that hackers have slipped through the digital backdoor, wreaking…
[Continue reading on Info … ⌘ Read more
$300 Google Cloud Free Trial: Create Your First VM
Non-members can read this article for free using this link.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/300-google-cloud-free-trial-create-your-first-vm-5a12b6821b0f?source=r … ⌘ Read more
**Master Spring Boot APIs Like a Pro: Skills That Distinguish Good Developers from Great Ones **
In the fast-moving world of backend development, it’s no longer enough to … ⌘ Read more
Mastering Java Records: The Ultimate Guide to Cleaner, Faster, and Immutable Code
Introduction
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/mastering-java-records-the … ⌘ Read more
** Microsoft Fortifies MSA Signing Infrastructure with Azure Confidential VMs After Storm-0558…**
In the ever-evolving cyber threat landscape, 2023 saw one of the most talked-ab … ⌘ Read more
** CloudImposer: How a Malicious PyPI Package Could’ve Hijacked Google Cloud Composer**
In early 2025, a critical vulnerability in Google Cloud Platform’s (GCP) Cloud Composer service came to light, … ⌘ Read more
**DslogdRAT Malware: A Sneaky Cyberattack Exploiting Ivanti ICS Zero-Day **
Buckle up, cybersecurity enthusiasts! 🚀 A new villain has entered the digital stage: DslogdRAT, a stealthy malware that’s been causing…
[Continue r … ⌘ Read more
Free Resources to Learn PenTesting in 2025 ⌘ Read more
Trinity Desktop Environment R14.1.4 released
The Trinity Desktop Environment, the modern-day continuation of the KDE 3.x series, has released version R14.1.4. This maintenance release brings new vector wallpapers and colour schemes, support for Unicode surrogate characters and planes above zero (for emoji, among other things), tabs in kpdf, transparency and other new visual effects for Dekorator, and much more. TDE R14.1.4 is already available for a variety of Linux distributions, and c … ⌘ Read more
Deals: M4 MacBook Air from $849, M3 iPad Air from $499, AirPods 4 for $99, Apple Watch 10 for $299, & More
Amazon is offering some really fantastic deals on Apple products right now, bringing the M4 MacBook Air to the lowest price available yet at $150 off retail, cutting $100 off the price of the M3 iPad Air models, taking $100 off the price of Apple Watch Series 10, and some whopper discounts on AirPods 4, … [Read More](https://osx … ⌘ Read more
↳
In-reply-to
»
Finally I propose that we increase the Twt Hash length from
⤋ Read More
7 to 12 and use the first 12 characters of the base32 encoded blake2b hash. This will solve two problems, the fact that all hashes today either end in q or a (oops) 😅 And increasing the Twt Hash size will ensure that we never run into the chance of collision for ions to come. Chances of a 50% collision with 64 bits / 12 characters is roughly ~12.44B Twts. That ought to be enough! -- I also propose that we modify all our clients and make this change from the 1st July 2025, which will be Yarn.social's 5th birthday and 5 years since I started this whole project and endeavour! 😱 #Twtxt #Update
We have 4 clients but this should be 6 I believe with tt2 from @lyse@lyse.isobeef.org and Twtxtory from @javivf@adn.org.es?
☁️How to Setup a Custom Subdomain on xss.ht — A Complete Hacker’s Guide
Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/%EF%B8%8Fhow-to-setup-a-custom-subdom … ⌘ Read more
SEH Exploitation Overflow — Vulnserver GMON ⌘ Read more
How to Install a Honeypot to Catch Hackers ⌘ Read more
Vaulting over a .innerHTML sink in a Locked-Down CSP ⌘ Read more
$500 Bounty: For a Simple Open Redirect
How a Language Chooser Flaw Led to Open Redirect and Server Issues on HackerOne
From SOAP to Shell: Exploiting Legacy SOAP Services for Full Admin Account Takeover (And Nearly… ⌘ Read more
** Login? Who Needs That? Bypassing OAuth Like a Lazy Hacker on Sunday ☀️**
Free Link🎈
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/login-who-needs-that-bypassing-oauth-like-a- … ⌘ Read more
** How to Turn Cybersecurity Into a Full-Time Income (My Blueprint)**
💡Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-to-turn-cybersecurity-into-a-full-time-income-my-blueprint-f4d70 … ⌘ Read more
The Hacker’s Library: Uncovering the Best Books ⌘ Read more
** Rack::Static Vulnerability Exposes Ruby Servers to Data Breaches! **
Hold onto your keyboards, Ruby developers! 😱 A critical security flaw in the Rack::Static middleware has been uncovered, potentially…
[Continue reading on InfoS … ⌘ Read more
AnalogLamb Expands Maple Series with Low-Cost ESP32C6 Breakout Boards
AnalogLamb has introduced three new RISC-V development boards based on the ESP32-C6, designed for low-cost, full-function, and low-power IoT applications. These boards feature Espressif’s first Wi-Fi 6 SoC, integrating Wi-Fi 6 (2.4 GHz), Bluetooth 5 LE, and IEEE 802.15.4 protocols. Each board is built around the ESP32-C6-WROOM-1 module, which combines a high-performance 32-bit RISC-V core […] ⌘ Read more
↳
In-reply-to
»
Can you beat me at the circle game? 😂 https://neal.fun/perfect-circle/
⤋ Read More
Can you automate the drawing with a script? On X11, you can:
#!/bin/sh
# Position the pointer at the center of the dot, then run this script.
sleep 1
start=$(xdotool getmouselocation --shell)
eval $start
r=400
steps=100
down=0
for step in $(seq $((steps + 1)) )
do
# pi = 4 * atan(1)
new_x=$(printf '%s + %s * c(%s / %s * 2 * (4 * a(1)))\n' $X $r $step $steps | bc -l)
new_y=$(printf '%s + %s * s(%s / %s * 2 * (4 * a(1)))\n' $Y $r $step $steps | bc -l)
xte "mousemove ${new_x%%.*} ${new_y%%.*}"
if ! (( down ))
then
xte 'mousedown 1'
down=1
fi
done
xte 'mouseup 1'
xte "mousemove $X $Y"
Interestingly, you can abuse the scoring system (not manually, only with a script). Since the mouse jumps to the locations along the circle, you can just use very few steps and still get a great score because every step you make is very accurate – but the result looks funny:
🥴
⏱️ There were no visible errors, no hints… only the server’s hesitation told me the truth.
It didn’t scream. It whispered… and I heard it.
[Continue reading on I … ⌘ Read more
**Path Traversal Attack: How I Accessed Admin Secrets **
Path Traversal Attack: How I Accessed Admin Secrets 📂
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/path-traversal-attack-how-i-accessed-admin-secrets-fa5de1865031?source … ⌘ Read more
Top 5 Open Source Tools to Scan Your Code for Vulnerabilities
These tools help you find security flaws in your code before attackers do.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/top-5-open-source-tools-to-s … ⌘ Read more
Pinellas County - 4 miles: 4.01 miles, 00:08:20 average pace, 00:33:27 duration
moved this to today since tomorrow we have to wake up early and drive to TN. half a pizza and two pints sloshing around still felt okay. the pepperoni definitely gave me some additional heartburn though!
#running
NUCLEO-WBA65RI Brings Bluetooth LE, Thread, and Zephyr RTOS to STM32 Nucleo-64 Platform
The NUCLEO-WBA65RI is a wireless STM32 Nucleo-64 development board built around the STM32WBA65RIV7 microcontroller. It combines the MB2130 MCU RF board with the MB1801 mezzanine board to support Bluetooth LE and IEEE 802.15.4-based protocols such as Thread, Matter, and Zigbee. The STM32WBA65RIV7 microcontroller is a 32-bit Arm Cortex-M33 device featuring 2 MB of flash and … ⌘ Read more