Licio Lentimo

Freelancing isn’t about luck — it’s a system. I wrote a practical ebook for African tech professionals who want to earn globally without underpricing, burnout, or guesswork. Clear niches. Better pricing. Real clients. $4.99 on Gumroad 👇 liciolentimo.gumroad.com/l/zfdxt

@Acehood just cancelled on Furaha Festival. Damn

🚨 BREAKING: cPanel and WHM, the control panels behind an estimated 70+ million websites, have a critical security flaw that lets anyone become root admin without a password. CVE-2026-41940 affects every supported version. It’s already being exploited in the wild. watchTowr Labs published the full attack today, after the hosting company KnownHost confirmed the bug was already being used to break into a significant chunk of the internet. If you've never heard of cPanel: it's the dashboard that hosting providers and millions of website owners use to manage their servers, domains, email accounts, databases, and SSL certificates. WHM is the admin version that controls the entire server. If someone gets root access to WHM, they get the keys to the kingdom and to every apartment inside it. How the attack works, in plain English: 🔴 Step 1: The attacker sends a deliberately wrong login. cPanel still creates a temporary "you tried to log in" record on disk and gives the attacker a cookie tied to it. 🔴 Step 2: The attacker tweaks the cookie to disable cPanel's password encryption. Normally cPanel encrypts the password field on disk. With one small change to the cookie, cPanel just stores it as plain text instead. 🔴 Step 3: The attacker sends a fake login attempt where the password field secretly contains hidden line breaks. cPanel does not strip these line breaks out, so they get written straight to the session file. Each line break creates a brand new fake record. The attacker uses this to inject lines that say "this user is root" and "this user already authenticated successfully." 🔴 Step 4: The attacker visits one more random page on the site to nudge cPanel into re-reading the file. cPanel then promotes the injected fake lines into its main session memory. 🔴 Step 5: On the next request, cPanel sees a flag that says "this user already passed the password check." cPanel trusts that flag, skips checking the actual password, and lets the attacker in as root. From start to finish, the attack takes a handful of HTTP requests. If you run cPanel or WHM, the patched versions are: 🔴 cPanel/WHM 110.0.x → 11.110.0.97 🔴 cPanel/WHM 118.0.x → 11.118.0.63 🔴 cPanel/WHM 126.0.x → 11.126.0.54 🔴 cPanel/WHM 132.0.x → 11.132.0.29 🔴 cPanel/WHM 134.0.x → 11.134.0.20 🔴 cPanel/WHM 136.0.x → 11.136.0.5 If your version is older than these, assume someone has already broken in and act accordingly. Patch right now, then rotate every password and key the server touched: root passwords, API tokens, SSL private keys, SSH keys, mail passwords, and database passwords.

Purchasing Safaricom bundles via USSD has to be one of the worst user experiences ever

@matt_elevenlabs 11B

We just raised $500M at an 11B valuation 🎉 To celebrate, we’re giving away 1,000 free credits so you can test our platform. For the next 6 hours, comment “11B” below and we’ll DM you the credits (must follow) 👇

Applications for the SANS Cyber Academy 2026 Cohort are officially OPEN! We are looking for the curious, the driven, and the protectors. Whether you’re coming from a different field or looking to specialize, our doors are open. Don't wait— all requirements must be completed and submitted on time. Apply here: lnkd.in/ehGNQC7Y

In this series I explore creating mini apps from scratch lentimo.medium.com/introduction-t… #miniapps

Thanks to everyone who voted and supported our brother and his Bolen Academy company and the below are the fruits... Congratulations bro @liciolentimo for this achievement again🙏🙏🙏

@KCBInKenya Kindly check DM

So, M-Tiba got hacked and according to the hackers, Kazu, the data leak contains 17,158,105 files and is 2.15TB in size. They have provided a sample of ~2GB that contains patients diagnosis data by the health providers, and PII leak for Kenyans who use that. Here's a thread. 1/

@shadrac_matata Check out BillionMail and try it out

Today, I tried self hosting mails in some idle home PC and I'm seeing very bad things. I almost begged ChatGPT like Mbiti.

@DStv_Kenya Kindly check DM

Haven’t seen this error message before on the M-PESA app

The more I heal, the less I chase ambition for ambition’s sake. I’ve stepped away from the hustle culture trap. No more performing for capitalism’s applause. Instead, I’m pouring my energy into meaningful work~work that aligns with my soul and creates real impact. 💭 I work to live, not live to work. The way we view work is shifting. The older generation often tied their worth to their grind. But today? We’re redefining success~~choosing freedom, purpose, and joy over endless hustle. You don’t have to prove your worth through performative capitalism. Your value isn’t in your output—it’s in who you are and the difference you make. What’s one way you’ve redefined “success” for yourself? Let’s talk about it.

#iOS26 Has ruined the search filter for messages. Doesn’t seem to get the query I’m searching for

@faith_kilonzi @DianahMongina @semabox @_vodca_ @KarwithaKoome Great work Faith and team 👏🏾👏🏾

We really prayed, toiled & hoped for this day! Global Tech Sailors Podcast getting the credit & recognition it deserves! 🫶📌 No bluff, just enlightening tech conversations 🎊 The recent partnership with @semabox and the numbers on this episode has validated a 2-year-long work! Yes, took us 2 years of grit & bold shots😥 Asanteni sana! 🥂🥂To the day Ones 🥹🫶 @gtechsailors to the world🚀🚀🚀🚀 youtu.be/grc9Bs_8yjw?si…

Apparently if you pay earlier for your Safaricom Home Fiber it changes your bill cycle @Safaricom_Care

Here’s the thinnest iPhone yet iPhone Air #iphoneair #AppleEvent

Introducing iPhone 17 #iphone17 #AppleEvent

From running this podcast as a hobby to figuring out the business side🫶🎉 So so grateful @gtechsailors Support us here 👇👇👇 youtu.be/1oAr6UJx6vU?si…