Mathieu Tarral

🚀 OSWatcher 0.5 Structs and Symbols are here for Windows ! - ntoskrnl.exe - kernel32.dll - ntdll.dll Diff them at OS or patch level granularity 👏 Note: Other plugins access are available by invite. ➡️oswatcher.github.io/frontend/

How one git push --force compromised thousands of CI pipelines (Trivy attack): ⓵ Steal a maintainer's PAT ⓶ git tag -f v0.34.2 && git push -f origin v0.34.2 ⓷ Every workflow using v0.34.2 now runs your code ⓸ Dump /proc/*/mem of the Runner.Worker process ⓹ Grep for "isSecret":true and harvest every secret No branch protection fires. No review required. No status check runs. Tags are unprotected by default. GitHub has tag rulesets but almost nobody enables them.

They pulled off the impossible: made a real human video look 100% AI generated 🤣

My friends at @zymtrace are looking for Rust engineers 🦀 They're building the platform that makes GPUs go brr — fully remote, early stage, real impact DM me for an intro, or email team@zymtrace.com I can vouch that the team is top notch.

Windows Insider builds now have a native, OS-level broker for MCP servers. We reverse engineered Odr.exe to understand how it validates clients, manages consent, and controls access - uncovering undocumented COM interfaces and a full ETW audit trail. originhq.com/blog/msft-odr-…

After much reflection, I have decided to resign from my position as Director of the National Counterterrorism Center, effective today. I cannot in good conscience support the ongoing war in Iran. Iran posed no imminent threat to our nation, and it is clear that we started this war due to pressure from Israel and its powerful American lobby. It has been an honor serving under @POTUS and @DNIGabbard and leading the professionals at NCTC. May God bless America.

Looking forward to building frontier open source AI models together with @Nvidia as we join the Nemotron Coalition and start training the first base models.

BREAKING: France has officially rejected Trump's request, saying it will not send warships to the Strait of Hormuz

europeans when asked to help unblock the strait of hormuz

It’s crystal clear now that Trump has lost control of this war. He badly misjudged Iran’s ability to retaliate. The region is on fire. 1/ I’m going to explain to you in this🧵what I’ve learned - in part from closed door briefings - about the four biggest current crises.

5pm: “Claude usage limit reached. Your limit will reset at 7pm..” Me from 5pm to 6:59pm:

Next features in mind: - MCP Server - Git log <struct/field>: track how stable a structure is across 28 years of Windows - Binary hardening timeline with checksec analysis Happy to hear your ideas ! 💡

🚀 OSWatcher 0.5 Structs and Symbols are here for Windows ! - ntoskrnl.exe - kernel32.dll - ntdll.dll Diff them at OS or patch level granularity 👏 Note: Other plugins access are available by invite. ➡️oswatcher.github.io/frontend/

@0x_shaq Are we talking about rich ? :)

I didn’t know there are python packages specifically for pretty-printing things like that. I literally wrote that progress bar in 5 minutes last night

Unveiling our new startup Advanced Machine Intelligence (AMI Labs). We just completed our seed round: $1.03B / 890M€, one the largest seeds ever, probably the largest for a European company. We're hiring! [the background image is the Veil Nebula - a picture I took from my backyard, most appropriate for an unveiling] More details here: techcrunch.com/2026/03/09/yan…

Vulhunt is now open-source, this is a game changer: github.com/vulhunt-re/vul… @binarly_io @vulhuntdev

Due to the current situation, we’ve decided to postpone BlueHat IL 2026. We’ll share a new date when possible. Until then - take care and stay safe 💙

Nouvel enrichissement du tableau de bord de la France avec ce qu'on m'a le plus réclamé : une projection de notre système de retraites selon différents scénarios, et la capacité de faire varier soi-même les paramètres. Les conclusions me semblent évidentes : - le système actuel ne tiendra pas une génération de plus. Avant 2050, à ce rythme, nous n'aurons plus les moyens de financer ne serait-ce que le régalien et les services publics. - même les scénarios très optimistes du COR sont des scénarios de crise chronique. - même une réforme ambitieuse des retraites, bien qu'indispensable, n'est pas suffisante. - il faut une réforme complète de notre économie et renouer durablement avec la croissance. Sinon, nous aurons une crise financière majeure à la grecque, et une dégradation durable de notre niveau de vie et de notre capacité à maîtriser notre destin. - alors que la troisième révolution industrielle est là et nécessite des investissements massifs, retrouver nos marges de manœuvre financières devrait être notre priorité absolue. Vous pouvez jouer avec le modèle et même partager vos scénarios ici : #retraites" target="_blank" rel="nofollow noopener">francetdb.com/#retraites Comme d'habitude, si vous voyez des erreurs, faîtes le moi savoir, je corrigerai aussi vite que possible.

Is France the first country in the world to actually ship a fully functional MCP (and OPEN SOURCE!!!) for a governemental service or am I tripping ? France trailblazing governmental agentic transition was not on my bingo card. Champion mon frère 🇫🇷🥖

In the final part of his blog series, @tiraniddo tells the story of how a bug was introduced into a Windows API. Code re-writes can improve security, but it’s important not to forget the security properties the code needs to enforce in the process. projectzero.google/2026/02/gphfh-…

“Police vehicles were used to traffic her and some of the abuse events were called ‘cop nights.'” “torture included waterboarding and strangulation by rope.” “raped by a dog, filmed, and forced to rewatch the footage as the men placed bets.” “she witnessed the murder of at least three girls, one of whom was allegedly killed as a punishment for speaking to the police force.” You aren’t angry enough.