How I found Multiple Bugs on CHESS.COM & they refused
I found JS crash, disallowing anyone to view your profile and HTML Injection. But they ignored everything.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-i-found-multiple-bug … ⌘ Read more
CORS Vulnerability with Trusted Insecure Protocols BurpSuite Walkthrough
CORS misconfig + HTTP subdomain XSS analysis showing API key exfiltration, exploit breakdown and remediation.
[Continue reading on InfoSec W … ⌘ Read more
Greta Thunberg and other Global Sumud Flotilla activists used an image of Israeli hostage Evyatar David to illustrate the suffering of Palestinian prisoners incarcerated in Israel. ⌘ Read more
Thunberg shares image of emaciated Israeli hostage in post protesting treatment of Palestinian prisoners ⌘ Read more
**Hidden API Endpoints: The Hacker’s Secret Weapon **
I’m a cybersecurity enthusiast and the writer behind The Hacker’s Log — where I break down how real hackers think, find, and exploit…
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/ … ⌘ Read more
How a Single Signup Flaw Exposed 162,481 User Records
My $8,500 Bug Bounty Story and the Critical Lesson in Authentication
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-a-single-signup-flaw-exposed-162-481-user-re … ⌘ Read more
Unlimited access to Docker Hardened Images: Because security should be affordable, always
Every organization we speak with shares the same goal: to deliver software that is secure and free of CVEs. Near-zero CVEs is the ideal state. But achieving that ideal is harder than it sounds, because paradoxes exist at every step. Developers patch quickly, yet new CVEs appear faster than fixes can ship. Organizations standardize on… ⌘ Read more
Chemists create red fluorescent dyes that may enable clearer biomedical imaging
MIT chemists have designed a new type of fluorescent molecule that they hope could be used for applications such as generating clearer images of tumors. ⌘ Read more
Breaking Into HackTheBox: My Journey from Script Kiddie to Root
How I went from copying Pastebin scripts to actually understanding what I was doing — and how you can too.
[Continue reading on InfoSec Write-ups »](https://i … ⌘ Read more
OSINT: Google Dorking Hacks: The X-Ray Vision for Google Search
You type in some keywords, scroll past 10 pages of useless results, and wonder why the internet’s hiding the good stuff. Sound familiar?
[Continue reading on Inf … ⌘ Read more
Mastering Google Dorking: Discovering Website Vulnerabilities
Deep Recon Made Simple: Powering Bug Hunting with Dorking Strategies
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/mastering-google-dorking-d … ⌘ Read more
** Secrets Hackers Don’t Tell: Recon Techniques That Actually Pay**
You see it in the movies: a hacker slams the keyboard, green text scrolls by, and BAM! They’re in. The entire breach takes 90 seconds.
[Continue reading on InfoSe … ⌘ Read more
My Recon Automation Found an Email Confirmation Bypass
How a simple parameter led to a complete authentication bypass
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/my-recon-automation-found-an-email-confirmation-byp … ⌘ Read more
Imgur pulls out of UK as data watchdog threatens fine
Article URL: https://www.express.co.uk/news/uk/2115228/image-site-imgur-pulls-out
Comments URL: https://news.ycombinator.com/item?id=45424888
Points: 589
# Comments: 694 ⌘ Read more
Expanding Docker Hardened Images: Secure Helm Charts for Deployments
Development teams are under growing pressure to secure their software supply chains. Teams need trusted images, streamlined deployments, and compliance-ready tooling from partners they can rely on long term. Our customers have made it clear that they’re not just looking for one-off vendors. They’re looking for true security partners across development and deployment. That’s why… ⌘ Read more
DietPi September 2025 Update Brings Faster Backups and Roon Server Early Access
The September 20th release of DietPi v9.17 introduces smaller and more efficient system images, faster backups with reduced disk usage, and a new toggle for Roon Server’s early access builds. The update also addresses SPI bootloader flashing issues on Rockchip devices, improves Raspberry Pi sound card handling, and includes multiple bug fixes across tools and […] ⌘ Read more
Pretty happy with my zs-blog-template starter kit for creating and maintaining your own blog using zs 👌 Demo of what the starter kit looks like here – Basic features include:
- Clean layout & typography
- Chroma code highlighting (aligned to your site palette)
- Accessible copy-code button
- “On this page” collapsible TOC
- RSS, sitemap, robots
- Archives, tags, tag cloud
- Draft support (hidden from lists/feeds)
- Open Graph (OG) & Twitter card meta (default image + per-post overrides)
- Ready-to-use 404 page
As well as custom routes (redirects, rewrites, etc) to support canonical URLs or redirecting old URLs as well as new zs external command capability itself that now lets you do things like:
$ zs newpost
to help kick-start the creation of a new post with all the right “stuff”™ ready to go and then pop open your $EEDITOR 🤞
CNCF’s Helm Project Remains Fully Open Source and Unaffected by Recent Vendor Deprecations
Recently, users may have seen the news about Broadcom (Bitnami) regarding upcoming deprecations of their publicly available container images and Helm Charts. These changes, which will take effect by September 29, 2025, mark a shift to… ⌘ Read more
ProcessOne: Why Europe’s ‘Chat Control’ Proposal Will Cripple European Communication Industry While Failing to Protect Children
On October 14th, the European Concil will vote on a regulation that … ⌘ Read more
Kaidan: Kaidan 0.13.0: Multi-Account Support and Secure Password Storage
Kaidan 0.13.0 is out now!
And it comes with a bunch of shiny new features.
Most of the work has been … ⌘ Read more
Severe but funny burn-ins on my TFT again:
https://movq.de/v/9df0437d27/MVI_8891.MOV.mp4
Now everything looks like it has that silly slogan as a background image:
↳
In-reply-to
»
added opengraph to my blog :D https://bubblegum.girlonthemoon.xyz/articles/underground-soundcloud-remixes
⤋ Read More
The image needs to be an absolute URL, and some tags are missing. Almost there!
↳
In-reply-to
»
Well, that was fascinating: https://www.youtube.com/watch?v=LxNq8zOEbM8
⤋ Read More
@movq@www.uninformativ.de Interesting, yes. I didn’t know that.
No AI being used is really great. However, the same clips shown over and over again and some images being mirrored was quite annoying to me. Also, there were some quite terrible computer animations and sometimes the narration and picture didn’t match at all. Talking about the medieval period and then showing an image from the 18th hundred or so. What the heck?
These production issues made me sceptical pretty much early on. So I quickly crosschecked Wikipedia. But it seems spot on from what I’ve read. Very good. Also, the narrator’s voice was really nice to listen to.
Eels are fascinating creatures. :-)
@eric@itsericwoodward.com Hmm, the images are all 404ing. Also, I reckon that lots of code blocks are broken, too.
The XMPP Standards Foundation: The XMPP Newsletter August 2025
XMPP Newsletter Banner
Welcome to the XMPP Newsletter, great to have you here again!
This issue covers the month of August 2025.
Like this newsletter, many projects and their efforts in the XMPP community are a result of people’s voluntary work. If you are happy with the services and software you may be using, please consider saying thanks or help these proj … ⌘ Read more
ProcessOne: Spotify’s Direct Messaging Gambit
Last week, Spotify quietly launched direct messaging across its platform in selected areas, allowing users to share tracks and playlists through private conversations within the app. The feature was rolled out with mini … ⌘ Read more
↳
In-reply-to
»
This is something that @kat might enjoy:
⤋ Read More
@movq@www.uninformativ.de Hahaha, great idea! :-D I never saw the Epson Image Scan logo before.
This is something that @kat@yarn.girlonthemoon.xyz might enjoy:
Recreating the “EPSON Image Scan!” logo with one of my Tux plushies. 😅
↳
In-reply-to
»
@prologic Hmm, good question. I haven’t checked the market, I got mine from someone I know. But to be honest, I’d suspect that buying a used one is actually your best shot, because there is virtually no market for these devices anymore, meaning new ones are very, very expensive. 🫤
⤋ Read More
@prologic@twtxt.net It’s quite similar to how escape sequences work in a terminal. ASCII text is printed as ASCII text and then an escape sequence can make it bold or underline and so on. Other escape sequences allow you to say “the following $n bytes are part of a bitmap image”, and then this gets printed at whatever the current position is (somewhat similar to SIXEL in a terminal).
It’s just that the units are a bit weird, because this is all done in bloody inch. 😅
↳
In-reply-to
»
Sooooooooo, things happened, and I now have a dot matrix printer again. 😍😂
⤋ Read More
This is why I love tech from that era.
Write bytes to a parallel port and stuff happens. If it’s just ASCII bytes, then it will print ASCII text. Even the simplest programs can use a printer this way.
With a little bit of ESC/P, you can print images and other fancy stuff. That’s what I did this morning – never worked with ESC/P before, now I can print images. It’s not that hard.
Hayes-compatible modems are similar: Write some AT commands to the serial port and the modem does things. This isn’t even arcane knowledge, it’s explained in the printed manual.
Maybe I’m wearing rose-tinted glasses here, but I think with all this old stuff, you get useful results very quickly and the manuals are usually actually helpful. It’s so much easier to get started and to use this hardware to the full extent. Much less complexity than what we have today, not a ton of libraries and dependencies and SDKs and cloud services and what not.
ProcessOne: 🚀 ejabberd 25.08
Release Highlights:
This release includes the support for Hydra rooms in our Matrix gateway, which fixes high severity protocol vulnerabilities.
- Improvements in Matrix gateway
- Fixed ACME in Erlang/OTP 28.0.2
- **[New
mod_providersto serve XMPP Providers file](https://www.process-one.net/blog/rss/ … ⌘ Read more
↳
In-reply-to
»
After around 3 years, I managed to make my "smallest recognizable canine", even smaller. So here's the all new, smallest recognizable canine 2.0:
Media
⤋ Read More
@movq@www.uninformativ.de Thanks, glad you like it, but sadly I’m not sure, if there’s still a way, for this particular project, to continue.
Reducing 38 pixels (previous smallest) to 27, inside of a 7x7 square canvas, is a result I’m really happy with. Now it seems I can only shave off single pixels and get a lot worse looking results - to the point it doesn’t even look like my mascot, to me.
There doesn’t seem to be a hard cap for drawing tiny dogs. It’s possible to arrange 5 pixels, in a way someone recognizes them, as some kind of a dog. The record for cats, is currently a single orange pixel: https://youtu.be/gzeK8NKuzmg
The only way to beat that, is either a monitor, with just a single red diode lit, inside one of its pixels, or an image file that’s broken and empty, on purpose.
The XMPP Standards Foundation: The XMPP Newsletter July 2025
XMPP Newsletter Banner
Welcome to the XMPP Newsletter, great to have you here again!
This issue covers the month of July 2025.
Like this newsletter, many projects and their efforts in the XMPP community are a result of people’s voluntary work. If you are happy with the services and software you may be using, please consider saying thanks or helping these project … ⌘ Read more
Distrobox is pretty handy and kind of amazed I haven’t played with it before now. I wanted to quickly try out Proton’s Authenticator they just released, but they only had binaries for Ubuntu and Fedora (naturally), but I’m on Void Linux on this laptop.
Installed the latest basic Fedora image with Distrobox, used dnf to install the downloaded rpm file within it, and presto, running the app within Void like I’d just downloaded it though the normal repos.
YAYYY TY @prologic@twtxt.net NOW I HAVE IMAGE & YOUTUBE EMBEDS ON MY YARN POD 🎉🎉🎉
↳
In-reply-to
»
on my yarn pod nothing really embeds (not even images) so i'm looking at the embed rules part of the mod settings and i'm like... i don't know how to do any of this 😭😭😭
⤋ Read More
There is a missing feature I’ve been intending to add to though, which is that any link that looks like a URL that might be an image, for example, ends with .png or .jpg or whatever, we should just render that as an image and not expect users to wrap it in Markdown image links 
↳
In-reply-to
»
on my yarn pod nothing really embeds (not even images) so i'm looking at the embed rules part of the mod settings and i'm like... i don't know how to do any of this 😭😭😭
⤋ Read More
@kat@yarn.girlonthemoon.xyz Ahh what do you mean by images don’t embed? They definitely should! By default however all domains are blocked, so you might want to either allow some domains or just put in a .* entry to allow all/any domsins. Screenshot attached 
on my yarn pod nothing really embeds (not even images) so i’m looking at the embed rules part of the mod settings and i’m like… i don’t know how to do any of this 😭😭😭
↳
In-reply-to
»
My website has 0 depreciated tags now and all identical IDs, were merged into a single class. This also improves, how the text on top of the page, is aligned on mobile.
Media
⤋ Read More
@thecanine@twtxt.net image is so real lol literally me
↳
In-reply-to
»
trying to start a new habit of taking daily notes in obsidian... i really hope i can make it stick!
⤋ Read More
@kat@yarn.girlonthemoon.xyz I BELIEVE IN U!!! Making it fun helps! Maybe like put images in the docs so it’s cuter to look at! I did that, but with physical journaling. Except instead of pics it was receipts & leaves & dried flowers lol
↳
In-reply-to
»
Do I buy a new monitor or do I live with the burn-ins all the time? It’s getting annoying. When I edit images in GIMP, I have to double check if something is a pixel or a burn-in.
⤋ Read More
@lyse@lyse.isobeef.org To be fair, I did first notice this a while ago. But no monitor I ever had showed burn-ins like this (be it TFT or CRT), so I didn’t know that I should have sent it back. And then it got worse over time and now I see ghost images after 20-30 minutes. :(