Unlocked Wheel

BREAKING: Rage Against The Machine’s Tom Morello just BURIED Trump’s Freedom 250 concerts under an avalanche of rock legends. Donald Trump's Great American State Fair — his big musical celebration of America's 250th birthday — features Vanilla Ice, a version of Milli Vanilli whose original member died in 1998, and Bret Michaels of Poison. Artists have been fleeing it since the day it was announced. Tom Morello just answered with the Foo Fighters, Bruce Springsteen, Dave Matthews, Joan Baez, Cypress Hill, Killer Mike, Dropkick Murphys, Jack Black, System of a Down's Serj Tankian, Alabama Shakes' Brittany Howard, Run-DMC's Darryl McDaniels, and Soundgarden/Pearl Jam drummer Matt Cameron. The contrast could not be more devastating. Morello's Power to the People Festival will take place on October 3rd at Merriweather Post Pavilion in Columbia, Maryland — exactly one month before the midterm elections — with any of a dozen acts on the bill capable of selling out the venue by themselves. Springsteen, who just finished his protest-heavy Land of Hope and Dreams Tour under FBI protection due to death threats from Trump supporters, announced the festival from the stage at Nationals Park on the tour's closing night. The festival will include a "Freedom Village" — an immersive space for civic engagement, grassroots organizing, mutual aid, and social impact initiatives. A portion of ticket proceeds, and 100 percent of VIP ticket sales, go directly to pro-democracy organizations VoteRiders and HeadCount. Trump's concert was paid for by Boeing, Shell, Toyota, and Royal Caribbean — companies regulated by his own cabinet. Morello's festival is funding voter registration. Trump's lineup includes an act whose original member died in 1998, a rapper whose last hit was in 1990, and a Celebrity Apprentice winner. Morello's lineup includes living legends who are actively touring, recording, and selling out arenas worldwide. Young MC fled Trump's concert because nobody told him it was political. C+C Music Factory's frontman stayed while saying on camera that he doesn't "f--- with Trump." Morris Day simply posted, "It's a no from me." Meanwhile, Springsteen announced his participation in the Power to the People event from a sold-out stadium in Washington DC during his “Land Of Hope & Dreams” tour. This is what the resistance sounds like. And it sounds a whole lot better than "Ice Ice Baby." Tickets for the Power to the People Festival go on sale on May 30 at 10AM ET, but you can sign up for pre-sale access on May 29 at 10AM ET via sign-up on the Power to the People website. Please like and share this post everywhere to spread the news!

Microsoft ridiculed a researcher reporting very serious bugs to them, deleted his account, and no bug bounties were paid. These should be high payouts. Now $MSFT is threatening legal action and speaking as if a researcher’s proof of concept code is illegal. This is because the unappreciated researcher released more zero-day vulnerabilities on his own and had those GitHub/Lab accounts banned. They were serious enough that Microsoft is scrambling to fix them but wasn’t serious enough to be paid or recognized, instead was ridiculed. News of the Nightmare Eclipse exploits are everywhere but read the personal blog of the researcher, Nightmare Eclipse: https://t.co/SuSxBr5oT4

Anthropic AI engineer just showed how to give AI agents real memory in 4 steps - and it changes everything in 28 minutes he shows exactly how agents can remember across sessions, completely free worth more than any $500 AI engineering course here's what he covers: • why agents forget everything between sessions • memory stores - agents read, write across sessions • dreaming - agents that improve their own memory • 95% cache hit rate, so it stays cheap most people are still copy-pasting context into every new chat - while the people who figured this out are building agents that get smarter every single night watch full video then read article below

The Three Buddy Problem visits Ekoparty Miami: Jordan Wiens, co-founder of Vector 35 and creator of Binary Ninja, talks about a decade spent building a decompiler in a market everyone told him not to enter. He walks through why accessibility drove the whole project, how Binja's intermediate-language system stacks up against IDA, Ghidra, and Radare, and why language-specific decompilation for Rust, C++, and Go is the next real frontier. Plus, thoughts on AI disruption and why "the model can do it" misses the point that the model is just driving the tool, what verifiability really means, whether AI tilts the field toward offense or defense, and questions around subsidized tokens, the collapse of the CTF talent pipeline, and what happens to a craft when the shortcut is always one prompt away. Apple Podcasts https://t.co/1ZcIAbSGO5 Spotify https://t.co/wDEbdngWwa Transcript https://t.co/DcJBmcTuEl

My Windows reverse engineering and exploit research workflow has been: 1. Pick a binary to research like tcpip.sys 2. Use https://t.co/fOxBB6tEsN to automate seeing existing binary versions, download, and generate diffs from them 3. Load the resulting .binexport's and .bindiff into an LLM and ask it to analyze 4. Look up the build number of previous Windows version that old binary existed in from https://t.co/U788ndiJbj such as 26100.8328 and create a VM from it 5. Write code and test, working backwards from LLM analysis

🚨 Critical Linux Kernel Vulnerability Alert Qualys has disclosed ssh-keysign-pwn: a 6-year race condition in __ptrace_may_access() that lets unprivileged local users read root-owned files. A privileged process (e.g. ssh-keysign or chage) opens sensitive FDs. During do_exit(), after exit_mm() (mm=NULL) but before exit_files(), pidfd_getfd() can steal those FDs. Impact: • Theft of host SSH private keys → real impersonation & MitM risk until keys are rotated
• Full read access to /etc/shadow → offline password cracking Affected: All kernels before 31e62c2ebbfd (May 14, 2026) — Ubuntu, Debian, Arch, CentOS, Raspberry Pi OS and more. Immediate action required: Apply the kernel patch NOW. 🔗 PoC: https://t.co/UZJyKb6Szj
🔗 Patch: https://t.co/rNU2YB4mVv…/31e62c2ebbfd
🔗 Full analysis: Phoronix & Qualys oss-security #LinuxSecurity #KernelVulnerability #CyberSecurity #InfoSec #OpenSSH #PrivilegeEscalation #ThreatIntelligence #Linux #CyberThreat #PatchNow