Robert D.

The fastest way to get hacked... is to run npm install. What a time to be alive

Nice try. Read the „key“. 😂

@reiseholic Dein Post ist echt lächerlich.

Ein Gegenargument bei E-Autos ist oftmals der Neupreis. Hoffentlich ist allen klar, dass dies nur zustande kommt, weil die dt. Autoindustrie nicht hinterher gekommen ist und der Preis nur deswegen so hoch ist. Chinesische E-Autos gehen bei 8000 Euro los. #klimaschutz

‼️🚨 Pwn2Own Berlin 2026 just hit a wall. For the first time in 19-years, ZDI rejected dozens of working zero-day RCE submissions because organizers ran out of contest slots. Rejected hackers are now going public with PoC demos and direct vendor disclosures, breaking Pwn2Own's usual secrecy. ▪️ AI surfaces a massive wave of 0-day RCEs. ▪️ Submissions overwhelm ZDI past max capacity. ▪️ Slots run out. Researchers with working chains get rejected. ▪️ "Revenge disclosures" begin. ← we are here. Confirmed casualties so far: ▪️ @xchglabs : 86 vulnerabilities prepared (PyTorch, NVIDIA, Linux KVM, Oracle, Docker, Ollama, Chroma, LiteLLM, llama.cpp). All rejected. Now reporting directly to vendors with writeups dropping as patches land. ▪️ @ggwhyp : full-chain Firefox RCE on Windows. Rejected. Publicly demoed (HTML page → cmd.exe → calc.exe). Responsibly disclosed to Mozilla. ▪️ @yunsu_dev : working RCE chain, rejected. Submitting elsewhere. ▪️ @ryotkak : tried to register for 3+ weeks. ZDI confirmed "at maximum capacity, can't add extra contest days." Considered canceling flight and hotel. ▪️ @anzuukino2802 : Claude Code RCE PoC. Rejected. ▪️ @desckimh : 0-day RCEs in Ollama and LM Studio. Rejected. Reported impact: a community-estimated 150+ researchers tried to register. Accepted contestants are now being warned about collisions. Rejected vulnerabilities going to bug bounty programs may trigger pre-event patches that invalidate the work of those who got in. ZDI has not publicly addressed the capacity issue. The event still runs May 14-16 in Berlin.

He destroyed three startups in under two minutes.

GitHub is for nerds. Share your code as a text file on some shitty HTML site. It's what God would want

Yeah, yeah, yeah - your GDP is enormous, but so is the $40 trillion debt keeping the whole circus alive. Your houses are made of cardboard, your bridges collapse, your roads look like they belong somewhere in rural Africa, and your downtowns are dead shopping malls guarded by fentanyl ghosts and the occasional mass shooter. Your life expectancy has been stuck in 1974 for decades. Your kids learn active shooter drills before they can even spell. Your workers grind through 90-hour weeks across three jobs before dropping dead early anyway. Your mothers give birth and are back in the office the next morning with the umbilical cord still attached. Your students start adult life buried under mountains of debt. Your idea of a grand vacation is four days in Orlando. I don't even need to return to the original question.

From @WSJopinion: What happens when Europeans find out how poor they are? The Continent trails far behind U.S. economic output. Politics is bound to catch up sooner or later, writes Joseph Sternberg. on.wsj.com/4n5v2Wq

@Ella_von_T Die sind gerade drüben bei Bluesky unter den geblockten Followern von nius. 😂

Sämtliche AfD-Funktionäre haben vor einigen Stunden aufgehört zu posten. Was ist da los?

My refrigerator sent me a push notification that I'm eating too much dairy. I didn't ask for this feature. I just wanted a machine that dispensed crushed ice and kept my milk cold. Instead I bought a $3K appliance that acts like a judgmental nutritionist. Yesterday I tried to open the crisper drawer to get a block of cheddar. The fridge locked the drawer and suggested a handful of almonds via the LCD screen. I'm a grown man paying a mortgage. I had to unplug the entire unit just to make a grilled cheese sandwich. Now all my condiments are warm but I've reestablished dominance over my kitchen. Tomorrow I'm going to eat a stick of butter right in front of the internal camera. I won't be bullied by a Samsung.

@NFTCPS Bullshit. 😂

吓到我了！ GitHub上有个工具叫GhostTrack，输入一个手机号，能直接扫出这人在哪些平台注册过账号，还能查IP定位、运营商信息。 克隆代码跑脚本，5分钟搞定，门槛低得离谱。你以为自己在网上隐身呢？ 早被扒得透透的了。信息安全这事，真得重视起来。 🔗 github.com/HunxByts/Ghost…

We have a strict zero-trust policy for local admin rights. A graphic designer requested elevation to install a custom font called "Bebas Neue". I replied with the standard Vendor Risk Assessment questionnaire. It's a 40-page Excel document. He asked if this was a joke. He just needs a font for a PDF. I told him all third-party code requires a security audit, a data privacy impact assessment, and VP approval. He said the font is open-source and free. I explained that "free" means we need legal to review the licensing agreement. He asked how long that takes. I said anywhere from four to six months. He sat in silence for a minute. He replied, "I'll just use Arial." I closed the ticket as "Alternative Solution Accepted." I love Arial.

@nebuhaber Bullshit - Fake & Co. Video.

Bir hacker, 20 adet SIM kartı aynı anda tek telefona bağlayıp hepsiyle WhatsApp açtığı görüntüleri paylaştı:

If there is no Internet, Cellular, Satellite, and Blackout Situation we need back to basic. So this is FSK BBS Sever work in Analog Channel. Old But Gold. #HamRadio #AmateurRadio #ORARI #SDR #FSK #Signal #Radio #Analog #Programming #C++ #Digital #Emergency #Emcomm

@AishwaryaDevv 😂

My intern is trying to find "Jason's desk" because the Senior Dev said we need to "send the data to JSON" 😭😭

Vielleicht erstmal sauber unterscheiden: Das war nicht „die Männer“, sondern genau ein einzelner Typ mit komplettem Realitätsverlust. 😂

Only the Daily Mail could make a bar chart depicting 84% in support of rejoining the European Union look like 48%.

@grauhut Jaa, es ist lustig zu lesen, dass es so um die 25 Jahre gedauert hat, einfach vorzuschlagen, die Zahlen länger zu machen. 😂

Ihr wusstet es, ich wusste es, wir alle wussten es. ietf.org/archive/id/dra… IPv8 ist vor der Einführung von IPv6 am Start.

@0xN1nja 👍

since everyone was asking what do i run on my homelab, i have documented everything here - 0xn1nja.dev/homelab feel free to give thoughts

‼️🇪🇺 The EU's new Age Verification app was hacked with little to no effort. When you set it up, the app asks you to create a PIN. But that PIN isn't actually tied to the identity data it's supposed to protect. An attacker can delete a couple of entries from a file on the phone, restart the app, pick a new PIN, and the app happily hands over the original user's verified identity credentials as if nothing happened. It gets worse. The app's "too many attempts" lockout is just a counter in a text file. Reset it to 0 and keep guessing. The biometric check (face/fingerprint) is a simple on/off switch in the same file. Flip it to off and the app skips it entirely.