Top 10 Ways Hackers Exploit Web Applications (and How to Prevent Them)
Hackers don’t wait for big websites. They look for easy mistakes. Let’s fix them before they find yours.
[Continue reading on InfoSec Write- … ⌘ Read more
The curse of knowing how, or; fixing everything
Article URL: https://notashelf.dev/posts/curse-of-knowing
Comments URL: https://news.ycombinator.com/item?id=43902212
Points: 522
# Comments: 241 ⌘ Read more
The Data Surrender Trap: How Enterprises Are Losing Control in the AI Gold Rush—and the Simple Fix
Comments ⌘ Read more
Introducing Docker MCP Catalog and Toolkit: The Simple and Secure Way to Power AI Agents with MCP Tools
Model Context Protocols (MCPs) are quickly becoming the standard for connecting AI agents to external tools, but the developer experience hasn’t caught up. Discovery is fragmented, setup is clunky, and security is too often bolted on last. Fixing this experience isn’t a solo mission—it will take an industry-wide effort. A secure, scalable, and trusted MCP… ⌘ Read more
↳
In-reply-to
»
@kat Have you rebuild from
⤋ Read More
main recently? 🤔
@kat@yarn.girlonthemoon.xyz Make sure you’re up-todate with main 🤣 I’m fixing little things here and there. Also please report bugs 🐞
↳
In-reply-to
»
@kat Have you rebuild from
⤋ Read More
main recently? 🤔
@prologic@twtxt.net the other day! the feeds stuff seems to be fixed :)
↳
In-reply-to
»
Going to try and few up a few more UX bugs today with
⤋ Read More
yarnd.
Hopefully I haven’t missed or messed anything upu 😅
* 101f3eb0 - (HEAD -> main) Fix a bunch of UX to do with following/unfollowing, bookmarking and unbookmarking (3 seconds ago) <James Mills>
Testing UI/UX is hard™ 😉
@andros@twtxt.andros.dev @eapl.me@eapl.me Still lots of bugs in my client. 🥴 I’ll try to fix it next week.
And yes, using the same timestamp twice will very likely break threads.
“Low on Space in Kali Linux? Here’s How I Fixed It and Freed Up GBs”
“I was in the middle of a pentesting session when Kali refused to cooperate.”
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/lo … ⌘ Read more
@kat@yarn.girlonthemoon.xyz / @xuu@txt.sour.is Recommend you git checkout main && git pull, rebuild and redeploy: make build, and however you deploy. 🙏 Lots of fixes (no more stalling) and optimizations to the feed fetcher, smoother cpu usage, better internal metrics.
↳
In-reply-to
»
Hey @kat If you see this, I'm aware of a bug. I'm trying to figure it out and fix it. bare with me 🤗 It is what's causing things to "stall" and to have to "restart". Sorry 😞
⤋ Read More
@kat@yarn.girlonthemoon.xyz I’ve almost fixed this btw 🤗 Just testing it thoroughly and polihsing the code. In case you’re curious, I do this style of development called “Observability Driven Development” (ODD) whereby I make observations of the system via metrics and internal observations and adjust the system’s overall behavior to the desired outcome 😅
Too late to fix your typo kind of feeling … suck. 😒
Hey @kat@yarn.girlonthemoon.xyz If you see this, I’m aware of a bug. I’m trying to figure it out and fix it. bare with me 🤗 It is what’s causing things to “stall” and to have to “restart”. Sorry 😞
↳
In-reply-to
»
it seems i do have to restart my instance to re-queue feeds or something so i definitely fucked up migration to v16 lol
⤋ Read More
@prologic@twtxt.net i gave up on trying to get my local branch clean and just git clone’d main into a new directory and built from there LMAOOO it was such a mess i’m not good at git
i saw your commits fixing queue issues, fingers crossed it works on my end!
@kat@yarn.girlonthemoon.xyz @xuu@txt.sour.is Recommend you git checkout main && git pull && make build. Few bug fixes 😄
DragonFlyBSD 6.4.1 released
It has been well over two years since the last release of DragonFlyBSD, version 6.4.0, and today the project pushed out a small update, DragonFlyBSD 6.4.1. It fixes a few small, longstanding issues, but as the version number suggests, don’t expect any groundbreaking changes here. The legacy IDE/NATA driver had a memory leak fixed, the ca_root_nss package has been updated to support newer Let’s Encrypt certificates, the package update command will no longer delete an importa … ⌘ Read more
9front “CLAUSE 15 COMMON ELEMENTS OF MAUS AND STAR TYPE” released
Few things in life make me happier than a new 9front release. This new release, 9front “CLAUSE 15 COMMON ELEMENTS OF MAUS AND STAR TYPE”, comes with a variety of fixes and new features, such as temperature sensor support for Ryzen processors, a new Intel i225 2.5 GbE driver, a number of low-level kernel improvements, and so, so many more small fixes and changes. If you use 9front, you already know all o … ⌘ Read more
↳
In-reply-to
»
I have a great idea for fixing the US economy. Get rid of all the nuclear weapons 🤣
⤋ Read More
@prologic@twtxt.net first we need to fix broken links. 😅
I have a great idea for fixing the US economy. Get rid of all the nuclear weapons 🤣
How We Diagnosed and Fixed the 2023 Voyager 1 Anomaly from 15 Billion Miles Away
Comments ⌘ Read more
First draft of yarnd 0.16 release notes. 📝 – Probably needs some tweaking and fixing, but it’s sounding alright so far 👌 #yarnd
↳
In-reply-to
»
@xuu or @kat Do either of you have time this weekend to test upgrading your pod to the new
⤋ Read More
cacher branch? 🤔 It is recommended you take a full backup of you pod beforehand, just in case. Keen to get this branch merged and to cut a new release finally after >2 years 🤣
@kat@yarn.girlonthemoon.xyz Yes see UPGRADE.md – I believe @xuu@txt.sour.is is now running this live after a couple of hiccups and a bug fix. So yeah if you can, that would be cool, basically looking for early beta testers (I was the alpha tester 🤣)
↳
In-reply-to
»
I guess mentions with
⤋ Read More
.(s) / dot(s) like @eapl.me are valid? 🤔 Or nicks even? 🤔
@eapl.me@eapl.me he fixed the issue with the dots on nicks. It’s all good now.
What happened to my file? How to fix this? ⌘ Read more
I Lost $3,750 in 30 Seconds — The ATO Bug 99% of Hackers Miss (Here’s How to Avoid It)
The 1 Burp Suite Mistake That Cost Me $3,750 — Fix It in 30 Seconds
[Continue reading on InfoSec Writ … ⌘ Read more
The mysterious inetpub folder is actually a crucial part of a Windows security fix
Remember the odd inetpub folder that seemingly randomly appeared on people’s root drives after installing a Windows 11 update? Everybody assumed it was something left over from an update script, and that the folder was safe to remove. Well, it turns out that’s not the case, as the empty folder is actually a crucial part of a security fix for a serious vulnerability. I … ⌘ Read more
↳
In-reply-to
»
Testing mentions, immediately followed by commas. Let's see: @prologic, this one is local, it might not break. Now, this one @ isn't local. Nor this @ one. Will they break. Let's find out!
⤋ Read More
This is fixed now 🥳 Thanks @xuu@txt.sour.is!
↳
In-reply-to
»
Testing mentions, immediately followed by commas. Let's see: @prologic, this one is local, it might not break. Now, this one @ isn't local. Nor this @ one. Will they break. Let's find out!
⤋ Read More
@bender@twtxt.net I can fix and make that work in the parser too. But I’m no longer sure how to cater for the general case. It’s too much to support all punctuation whilst at the same time as other contradicting rules. For example you cannot both support . in nicknames and then expect to be able to to end a mention with a . 🤦♂️
↳
In-reply-to
»
Testing mentions, immediately followed by commas. Let's see: @prologic, this one is local, it might not break. Now, this one @ isn't local. Nor this @ one. Will they break. Let's find out!
⤋ Read More
I’ll see if I can fix this and write a test case for what’s going on here. I think this is made difficult now because folks like @eapl.me@eapl.me decide that it’s okay to have a . (period) in their # nick 🤣 tbh I think nick(s) should have rules of what they can and cannot be comprised of. i.e: no punctuation 🤦♂️
↳
In-reply-to
»
good morning everyone. before going to bed last night i accidentally password protected the entirety of my biggest site superlove because i botched a refactor of my caddyfile config. lmao
⤋ Read More
@kat@yarn.girlonthemoon.xyz it’s fixed now but lol i’m so good at this stuff aren’t i
↳
In-reply-to
»
yes it used be
⤋ Read More
http:// only and to keep hashes from breaking i added # url = http://... and now we are stock with it due to the curret specs.
@bender@twtxt.net Hehe, thanks for fixing this (was) broken thread 🧵 Haha 🤣
golf.vim v0.1.1 - fixed keystroke logging, removed ultra‑short runs, now captures all modes ⌘ Read more
↳
In-reply-to
»
@bender I noticed that although the Discover view (and your own Timeline) is much improved with a
⤋ Read More
MaxAgeDays configuration at the pod level, that now some profiles are rather empty. This is only because well, they're a bit "inactive" so to speak 🗣️ Not sure what to do about this at the moment... Open to ideas? 💡
@sorenpeter@darch.dk I really think you should fix the # url in your feed to be https:// 😅
LXQt 2.2.0 released
LXQt, the Qt-based alternative to KDE as Xfce is the GTK-based alternative to GNOME, has released version 2.2.0. LXQt is in the middle of its transition to Wayland, and as such, this release brings a number of fixes and improvements for Wayland, like improved multi-display support and updated compatibility with Wayland compositors. Beyond all the Wayland work, LXQt Power Management now supports power profiles, text rendering in QTerminal and QTermWidget has been improved, the file manager PC … ⌘ Read more
Obfuscation Isn’t a Fix, And It Cost Them $2,500 — A Real-World Case Study ⌘ Read more
@david@collantes.us Thanks I’ll fix.
iOS 18.4.1 Update Released with CarPlay Fix & Security Patches
Apple has released iOS 18.4.1 update for iPhone, along with iPadOS 18.4.1 for iPad. The software updates include a few bug fixes and important security patches, making them recommended to update. Additionally, iOS 18.4.1 includes a bug fix for a particular issue with CarPlay not connecting properly in some situations. If you have been experiencing … [Read More](https://osxdaily.com/2025/04/16/ios-18-4-1-up … ⌘ Read more
MacOS Sequoia 15.4.1 Update Released with Bug & Security Fixes
Apple has released MacOS Sequoia 15.4.1 as a software update for Mac users running the Sequoia operating system. The update focuses exclusively on security updates and bug fixes, and contains no new features. Separately, Apple also released iOS 18.4.1 for iPhone, iPadOS 18.4.1 for iPad, and updates to tvOS, watchOS, and visionOS, and those updates … [Read More](https://osxdaily.com/2025/04/16/macos-sequoia-15- … ⌘ Read more
ProcessOne: ejabberd 25.04
Just a few weeks after previous release, ejabberd 25.04 is published with an important security fix, several bug fixes and a new API command.
Release Highlights:
If you are upgrading from a previous version, there are no change … ⌘ Read more
The captchas have become sentient: we’re working on fixing the captcha issue
As some of you may have noticed, we’ve been having some issues with captchas. The powers that be – which isn’t me, I don’t know anything about web development – are looking into it, and once we’ve pinpointed the problem we’ll get it fixed. It’s annoying us too, so we want this resolved as quickly as possible. OSNews readers just trying to visit the site to read some tech stuff shou … ⌘ Read more
Fedora 42 released
Fedora 42 has been released, bringing with it a major policy change: the Fedora KDE version now has the same status as the GNOME version. This means that Fedora KDE will be getting the same promotion, website space, and potential blocker status as the GNOME version. For now, the naming is a bit weird – Fedora Workstation for GNOME, Fedora KDE Plasma Desktop for KDE – but they intend to fix this down the line. Feodra 42 also brings with it a brand new installation interface, which replaces the … ⌘ Read more
“I bought a Mac”
Yep. I regret to inform you all that, as of January 2025, I am a Mac user: I bought a Mac. I have betrayed the penguin. So, how did such an icon of early 2000s Apple fall into my grubby hands? Well, it all started with the Wii U. I’m not joking. ↫ Loganius That’s one heck of an excuse to get a PowerPC G4 – needing to do Linux kvm hacking to fix a bug. While getting the PowerMac G4 they bought all set up and working properly for development purposes, someone else fixed the bug in question in the mean … ⌘ Read more
@bender@twtxt.net I think mentions are fixed 🤣
↳
In-reply-to
»
@bender author explained why they do this https://girlboss.ceo/~strawberry/conduwuit.txt
⤋ Read More
This is nuts. Lemme eat dinner first (pizza on the way!) and I’ll fix this utter nonsense 🤣
↳
In-reply-to
»
(#o5snfea) I personally really like the news minimalist (fuck it mentions are kind of broken atm here in the UI :/) feed myself, really good quality, very high signal 👌
⤋ Read More
@bender@twtxt.net I will figure this out soon™ and fix, it’s annoying the fuck out of me 🤣
↳
In-reply-to
»
Peering is back 🤞
⤋ Read More
Cool. That’s fixed! 🥳 I believe we’re now syncing to 6 peers again now. Hopefully with similar behavior as before 🤞
↳
In-reply-to
»
@prologic page navigation on profiles (mobile, at least) overlaps the collapsed twtxt text area.
⤋ Read More
How’s that? Please refresh and see if that’s fixed? 🙏
↳
In-reply-to
»
I updated wordwrap.[ch] to more closely match the interface for string(2); it's now just that plus a margin. I also updated litclock and marquee to match. http://a.9srv.net/src/index.html
⤋ Read More
@lyse@lyse.isobeef.org Thanks! Fixed the typos. The links will stay broken for a bit because my online man collection is busted. It’s on the list. :-/
Ordering issue is fixed 🥳