Building a red team log and data collection system with Fable when it starts making “fake” red team command logs.

I love this.

All this time people have been saying LLMs burn trees or whatever. No. Here’s one that burns burritos.

We’ve shipped a security-guidance plugin for Claude Code that helps identify and fix vulnerabilities as you’re writing code. Available for all Claude Code users. Install from the plugin marketplace (/plugins).

Ok, haven’t tested this yet, but THANK YOU

We're finally ready to talk about Flipper One — a project we've been grinding on for years and have rebuilt from scratch several times. Read blog post >> blog.flipper.net/flipper-one…

MiniPlasma LPE exploit works perftectly. Elastic Defend behavior protection catches the exploit primitives involved in the chain, providing detection coverage even against fresh public exploit. github.com/Nightmare-Eclipse…

Technically they released a new exploit for an old vuln that wasn’t properly addressed. Not another vulnerability?

Wheels down in Chicago. I’m baaaaack! Oh hey and @bsides312 is this weekend. Come suffer in the CTF!

2026 is going to break some people.

Ubuntu note: AppArmor restricts unprivileged user namespaces by default. You must first run: sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0 Well done, @ubuntu

POV: you are downloading packages in 2026

The site needs more authors, anyone has interesting techniques to share —> PR plzzzzzz 🙏

(1) The robot contribs don't auto-close if GH is down (cause it relies on GHA). We have retries but its pretty annoying. (2) A PR isn't one and done. We need to comment, we need to run tests (~80 per run), and we do this multiple times per commit (due to review back and forth). So one PR has a lot of GH reliance right now. (3) PRs tend to batch up, e.g. we don't do PR review constantly because all of us have other things to do, so we usually will try to review/merge multiple at one time. 3 PRs per day = 20 per week, which is a ton for volunteer time! (4) We try to coordinate merge parties across maintainers in China US EU and if GH is down during our small time slice we just can't do any meaningful merging for 24 hours. We could alter our process here but that's just gaslighting. (5) We get an order of magnitude more issue and discussion comments, which are affected by all of the above except CI. These are particularly affected by GHA/API outages. (6) Dev work by maintainers happens in non-PR branches that run CI, and if CI is down we can't test our code (since Ghostty relies on a lot of testing we can't run locally, e.g. for platforms we don't have). It effectively pauses work on that branch. (7) I've had multiple days in that 30-day window where Git operations themselves failed for different reasons. So I couldn't push a branch or whatever. It just all adds up to be WAY too work impacting. The Ghostty maintainer channel is a stream of "oh GH is down again."

Ghostty is leaving GitHub. I'm GitHub user 1299, joined Feb 2008. I've visited GitHub almost every single day for over 18 years. It's never been a question for me where I'd put my projects: always GitHub. I'm super sad to say this, but its time to go. mitchellh.com/writing/ghostt…

Targeted Keberoasting with NetExec🔥 If you have Write privileges over a user, you can temporarily add an SPN to your target user, request the service ticket, and then remove the SPN. Voilà: a crackable hash without interfering with potentially critical users. Made by @azoxlpf🚀

We are very happy that today Apple issued a patch and a security advisory. This comes following @404mediaco reporting that the FBI accessed Signal message notification content via iOS despite the app being deleted. Apple’s advisory confirmed that the bugs that allowed this to happen have been fixed in the latest iOS release. You can read more here: support.apple.com/en-us/1270… Note that no action is needed for this fix to protect Signal users on iOS. Once you install the patch, all inadvertently-preserved notifications will be deleted and no forthcoming notifications will be preserved for deleted applications. We’re grateful to Apple for the quick action here, and for understanding and acting on the stakes of this kind of issue. It takes an ecosystem to preserve the fundamental human right to private communication.

holy fuck, a hair dryer at a Paris airport broke Polymarket weather markets & made someone $34,000 richer - polymarket was settling Paris temperature bets on a single Météo France sensor sitting near the Charles de Gaulle runway perimeter - basically unguarded - the guy bought the long-shot outcome (like "22°C" when everyone expected 18°C) for pennies, since nobody thought it'd hit - then he walked up to the probe and briefly heated the air around it with a portable heat source, spiking the reading just long enough to register as the daily max - temperature snapped back to normal in minutes, the market resolved in his favor, and he cashed out - twice, on April 6 and April 15, before Météo France caught on and filed charges hyperstitions.