Dan 🏴󠁧󠁢󠁷󠁬󠁳󠁿󠁧󠁢󠁷󠁬󠁳🇪🇺🇺🇦🇵🇸🇱🇧

Friends, I'm also newly over on the blue butterfly platform, same username. Eventually I'll sunset this rotten platform's account.

This is just... I barely even know what to say. This has to be one of the absolute worst (meaning: most incredibly ridiculous) vulnerabilities in a major vendor product in the last decade. Cisco's devs literally just forgot to invoke the authentication check.

78 years of this. #NAKBA78

@PR0GRAMMERHUM0R The "keys" were base64 encoded strings tormenting the requester

broGonnaDeclareBankruptcy

ABSOFUCKINGLUTELY THIS:

My dog when he hears the crinkle of a food wrapper

kier starmer took my fucking imgur embeds away

@Miles_Ahead_YT @Google Google's UX team went to shit quite some time ago, don't expect much.

@Google This is so unreadable… 💀 Did they even test this?

The next generation of Android Auto has new visuals that look great on any car screen, premium entertainment and a more helpful Gemini. #TheAndroidShow

@IntCyberDigest I feel like all the Windows bugs lately should tip MS into releasing a W10 security update regardless of whether a user is ESU-enrolled or not.

‼️🚨 Microsoft has patched a critical Windows DNS Client remote code execution vulnerability that allows an unauthorized attacker to execute code over a network. All it takes is a malicious DNS response. The vulnerability is tracked as CVE-2026-41096 with a CVSS score of 9.8. It is a heap-based buffer overflow in dnsapi.dll, the Windows component that processes DNS answers on every machine. To trigger it, an attacker needs a position where they can influence DNS responses: a rogue DNS server, a poisoned resolver, a compromised router, hostile WiFi, or a man-in-the-middle placement. That puts ordinary Windows DNS activity in the blast radius. Browsers, VPN clients, enterprise apps, update checks, and background services constantly ask DNS where to connect. The vulnerable processing sits in the Windows DNS Client path, not an edge-facing server product. Microsoft assessed exploitation as "less likely," and Rapid7 lists the issue as not publicly disclosed and not known to be exploited at release. On the contrary, a 9.8 unauthenticated network RCE in DNS client handling is exactly the kind of bug defenders should assume will be reverse-engineered quickly. Defenders should: - Deploy the May 2026 cumulative updates and confirm coverage across endpoints and servers - Restrict DNS traffic to trusted resolvers where possible - Monitor Dnscache and svchost.exe for abnormal child processes or unexpected outbound activity - Treat public WiFi and untrusted resolver paths as higher-risk until patching is complete

NYT reporting on classified U.S. intelligence assessments of Iranian missile capacity reiterates that they maintained 70% of their missiles and launchers but adds that 90% of their underground storage and launch facilities are also still active. Iran had designed is missile program with the acknowledgement of not being able to protect its airspace and relied on hardened underground "missile cities" to compensate. U.S. and Israeli attacks apparently disabled the entrances to some of these facilities and hit surface buildings. But as many observed at the time the attacks were failing to actually penetrate the underground facilities where the operations were carried out and missiles kept in storage. Most problematically for a renewed campaign the missile complexes near Hormuz are almost all still active according to the assessment. If the U.S. intel assessment is accurate it also explains why Iran was able to maintain a steady rate of missile fire until the end of the war, and also suggests that the U.S. and Israel simply wasted a lot of top-tier standoff munitions firing at rock complexes that it failed to penetrate.

Honestly, this can't go on. We need a permanent fix, either with npm or completely rethink how we share packages.

Several of my british friends have been using VPNs almost nonstop for a year straight because of the Online Safety Act banning being able to access basic information they could have looked up on Google. The OSA banned forums on hamsters. This is not about protecting children.

@TarasBuria @zacbowden Unattended longer running tasks, or RDP.

@zacbowden How do you use a closed laptop without an external monitor?

It's crazy that MacBooks don't just have an option in Settings that lets you keep the device on with the lid closed. Windows can do this np

@HQNewsNow What are we even doing here any more? Serious question gets asked, Trump insults the reporter, nobody calls him out on it. Rinse and repeat.

Q: You promised to bring inflation down. It's now at it's highest level in 3 years. Are your policies not working? Trump: You happen to be a stupid person. I know you very well

@SA_Defensa They wanted that thing down so bad.

Video of the February 27th crash of the Bolivian Air Force C-130.

Trump appears to be completely asleep at his desk during his mid-morning event

Now let's run it back to 2022...

This one's a completely real problem, the data center is technically under the noise threshold where the county acts but produces enough constant annoying low level hum that it's lowering quality of life for the homes nearby. A lot of the noise is coming from temporary gas turbines that will be gone once it's fully connected to the grid, but that timeline's been extended way back and could be as much as 7 years now. This is a ridiculous situation that imo a lot of places don't have good rules to govern well right now.

Doing this is disgraceful, not the act of condemning it.

We've archived 327 videos related to Israel blocking ambulances. This will be the 328th.