Security things from the last few days:
- CopyFail (linux pwn'd)
- CopyFail 2/Dirty Frag
- 13 advisories in Next.js
- Over 70 CVEs addressed in MacOS 26.5
- ~50 CVEs addressed in iOS 26.5
- YellowKey (Windows Bitlocker pwn'd entirely)
- GreenPlasma (Windows privilege escalation)
- CVE-2026-21510 and CVE-2026-21513 confirmed to be used by Russia for Windows RCE
- CVE-2026-32202 separately confirmed to be used by Russia for sensitive document access
- Mini-Shai Hulud (over 300 JS and Python packages compromised via GitHub Action cache poisoning)
- Google confirms they have identified AI-powered exploitation of zero days in an unidentified "open-source, web-based system administration too"
- Canvas (popular LMS used in most schools) pwn'd entirely
- PAN-OS (palo alto networks) pwn'd with a 9.3 severity CVE-2026-0300
Are you scared yet?
In late 2023, French streamer TeufeurS was extorted for a ransom after a family member was kidnapped in France.
I can finally share that I helped lead efforts that resulted in an ~$800K freeze with the Binance Security team after a $2M ransom was paid.
Six suspects tied to the incident were later arrested. Given the sensitivity of the case, I held off commenting until now.
I have since assisted with asset freezes and identifying culprits in several of the recent France home invasion robberies, and hope to share details in the coming months.
If you or someone you know falls victim, reach out as soon as possible rather than delay.
I prioritize these types of cases as they have grown more frequent amidst this disturbing trend.
Obsidian CLI closes the loop so you can have your agent build you an Obsidian plugin autonomously:
- Write code
- Reload plugin
- Check for errors
- See the result
- Inspect styling
- Run arbitrary checks
Claude Code can now easily run 30+ minutes uninterrupted.
‼️ The German hacker known as "Martha Root" who dresses as a pink Power Ranger just released a video about how she destroyed the white supremacist dating website
It took her months and she had to verify she was white.
Martha used deepfakes to get verified as white and even secretly attended one of their meetups to see what they were up to.
@maiuratan@nickolayscout@nixos_org@grok How does this work ? The configuration file then update the torrc file ? There a configuration in torrc giving you the ability to filter nodes based on their country ?
#RappelProduit Michou - QUI SERA LE MENTEUR - TOPI GAMES
Risques: Dommage à la vue
Motif: Risque moral lié au contenu de la boîte de jeu non adapté pour les enfants à partir de 7 ans
https://t.co/5RLit7Cp7k