welcome to the future #chatgpt5

🚀@github can now leverage @MSFTCopilot to auto-magically fix your code if there are any breaking changes introduced by a @dependabot update. only supports #typescript for now but this will be huge github.blog/changelog/2024-1… #appsec #cybersecurity #githubuniverse2024

very interesting conversation from @lexfridman and the @cursor_ai team about the tools we use to write code, how to best incorporate AI, and the future of programming more generally. youtube.com/watch?v=oFfVt3S5… #AI #githubcopilot #vscode

* Unauthenticated RCE vs all GNU/Linux systems (plus others) disclosed 3 weeks ago. * Full disclosure happening in less than 2 weeks (as agreed with devs). * Still no CVE assigned (there should be at least 3, possibly 4, ideally 6). * Still no working fix. * Canonical, RedHat and others have confirmed the severity, a 9.9, check screenshot. * Devs are still arguing about whether or not some of the issues have a security impact. I've spent the last 3 weeks of my sabbatical working full time on this research, reporting, coordination and so on with the sole purpose of helping and pretty much only got patronized because the devs just can't accept that their code is crap - responsible disclosure: no more.

This is a wake up reminder that you shouldn’t have an internet connected privileged binary running on your production systems. What was a bad update could have easily been a massive adversary backdoor. A third party vendor will always be the weakest link. Isolate critical systems

if you're sourcing scripts from cdn.polyfill.io, don't

here's #PrintListener.. in example #1434 of why audio hackers are doing the most interesting work, how about using the sound of your finger on a touchscreen to reconstruct your fingerprint and bypass biometrics? ndss-symposium.org/wp-conten… #hacking #biometrics #cybersecurity

"it's cool because it's nerdy" #datamosh #videoart #glitchart youtu.be/nS7QvOX8LVk