roygbiv

@eroderegirl voce agora por alguma razao

mds... ok jesus cristo de nazare calm down

arrange

‼️🚨 Microsoft has patched a critical Windows DNS Client remote code execution vulnerability that allows an unauthorized attacker to execute code over a network. All it takes is a malicious DNS response. The vulnerability is tracked as CVE-2026-41096 with a CVSS score of 9.8. It is a heap-based buffer overflow in dnsapi.dll, the Windows component that processes DNS answers on every machine. To trigger it, an attacker needs a position where they can influence DNS responses: a rogue DNS server, a poisoned resolver, a compromised router, hostile WiFi, or a man-in-the-middle placement. That puts ordinary Windows DNS activity in the blast radius. Browsers, VPN clients, enterprise apps, update checks, and background services constantly ask DNS where to connect. The vulnerable processing sits in the Windows DNS Client path, not an edge-facing server product. Microsoft assessed exploitation as "less likely," and Rapid7 lists the issue as not publicly disclosed and not known to be exploited at release. On the contrary, a 9.8 unauthenticated network RCE in DNS client handling is exactly the kind of bug defenders should assume will be reverse-engineered quickly. Defenders should: - Deploy the May 2026 cumulative updates and confirm coverage across endpoints and servers - Restrict DNS traffic to trusted resolvers where possible - Monitor Dnscache and svchost.exe for abnormal child processes or unexpected outbound activity - Treat public WiFi and untrusted resolver paths as higher-risk until patching is complete

@VonAldrigen github.com/Nightmare-Ecli…

@VonAldrigen nsei se vc viu mas apareceu uma poc de bypass do bitlocker do windows ontem tbm, e a UNICA coisa que possibilita isso é um componente que nao existe em nenhum lugar da internet ou do windows alem do Windows recovery sus..

mutuals com android 16 e vpn: adb shell device_config put tethering close_quic_connection -1 e depois deem adb reboot. android nao vai consertar essa backdoor nao. de nada. sem isso qqr app pode(ria) pegar seu ip real.

@VonAldrigen eu tava lendo a PoC desse vpn bypass e que doideira isso é 100% uma backdoor do android

@VonAldrigen KKKKKK se atualizar o firmware o quic pode ativar dnv mas tirando isso ta desativado

This whole controversy is hilarious as a Visual Novel fan.

@ALTHUSSETA é nao

será que o nome do 3blue1brown é referência ao livro azul e ao livro marrom do wittgenstein?

(trying to impress a girl really into chinese traditional philosophy) tell me more about this guy who was confusing

QED, uma pessoa de 20 anos me dizendo que a vida de uma pessoa de 20 é MUITO diferente da de uma de 18, pq a primeira tá estudando pra faculdade e a outra estudando pro vestibular

our feminists

da ate vergonha de falar sobre superdotacao pq a pessoa media é tipo "eu tirava 10 na prova de historia e geografia do fundamental na escolinha do professor raimundo" x.com/diingo_bell/st…

the most low-effort / high reward thing you can do for security is installing the Russian language pack (not even joking, it's ridiculous how often that prevents execution)

sim, um sociólogo de 11 anos, com profunda compreensão das implicações sociais, me parece perfeitamente factível

Idea: An anonymous “vote to end meeting” button on Teams where if 50% of people press it, the meeting ends immediately.