Yes, you read that correctly: the majority present voted _against_ chat control.
But due to the absurdly undemocratic, illegal, procedure they're using, it comes into law anyway after being rejected multiple times before in previous votes.
Insane.
‼️ BREAKING: New research shows you can copy any signed GitHub commit into a second one that looks identical, without the author's secret key, creating a distinct commit with an identical tree, identical metadata, a valid signature, and a "Verified" badge from GitHub.
On GitHub, a green "Verified" badge is supposed to mean two things: a trusted author signed it, and its ID is a one-of-a-kind fingerprint for that exact code. A new Carnegie Mellon preprint from Jacob Ginesin says the second promise, the unique fingerprint, does not hold.
Why it matters: security teams and package systems (behind tools like Go, Nix, and GitHub Actions) trust that ID as a unique handle for code. Block or pin the "bad" version, and an attacker can re-issue the same signed code under a fresh, still-verified ID that slips past. The author says Git and GitHub have not fixed it.
PoC: https://t.co/b2CevCtpcd
Today the EU 🇪🇺 Parliament betrayed us once more.
#ChatControl was rejected 2 times already — yet they voted to fast-track it for Thursday.
They won’t stop until our private messages are scanned and our freedom online is gone.
This is sick. 🤮
#StopChatControl#EUP
@RevijaReporter Upam da 0. Ker z vsakim stanovanjem, ki ga "zgradi" drzava, postane za normalne drzavljane nepremicnina se bolj nedosegljiva. Sam ko vem, da se bodo sli podoben virtue signaling kot tisti prej
@Vikingobitcoin9 Not too bad if you had 10 BTC even today. But I don't think flex is the right word, this somehow implies high time preference and showing off with money. My goal is to live a comfortable quiet life
@SatoshiSound Ark is far from the original idea because we don't have covenants. There is no coinjoin and every round is a DoS prone because of the interactive signing requirements. On lightning the state your node needs to keep is unbounded and restoring an old backup can lead to loss
@SatoshiSound become a minority fork and people will start calling for changing PoW algorithm/difficulty adjustment to prevent "attacks" / "malicious behavior from the other side" I will use the r.. word with no hesitation.
@SatoshiSound Reducing spam is great but it's the opportunity cost that worries me. What could have been done, but hasn't because people were kept busy fighting. I refrain from calling anybody a retard. My line in the sand is changing PoW however. So if either side wins fine. But should bip110
@VasjaBocko@Stajerski_Hrast Here you go: https://t.co/lthKMJVF4d mogoce je mal overcomplicated, ampak za moj use-case je tako, da hocem dobit prek maila ze popravljene poloznice od vseh ponudnikov. Ce kdaj dobim papirnato verzijo, naredim sliko in si tisto posljem na svoj qr@ mail (ne rabim vec phone appa)
@niftynei@matthewvuk2 I agree it'd be great. However you still need punishment imo. Daric style. The benefit is O(1) state size. Or perhaps you could have type configurable per channel/peer. Like those are my friends: let's have an eltoo-style channel with them so backup restore works, SCB for others
@VasjaBocko@Stajerski_Hrast To mislis tist eslog xml za racune, dejansko mam ze nek basic support za to pa tud na githubu je ze. Odprem the ugly code, sam da pridem z dopusta :)
@Stajerski_Hrast@VasjaBocko To ze zdaj lahko, jaz sem si v 10 min vibecodal wrapper tool, ki mi converta UPN QR v EPC QR kodo, ki jo razume tudi Revolut. Pa se to samo zato, ker nocem na tisti free page vseh svojih poloznic "objavljat". N26 pa dela out-of-the-box s slovenskimi UPN nalogi btw.
@Scotthew82 Markets hate uncertainty. So when the situation is resolved adoption and hash power is likely going to get up - eventually also impacting buying power ("fiat price"). But I wouldn't really bet on BIP110 activation.
🚨 CVE-2026-24207 PoC for NVIDIA Triton Inference Server
https://t.co/WMZC9Etlev
CVE-2026-24207, a critical auth bypass affecting NVIDIA Triton Inference Server.
The flaw impacts versions prior to r26.03 and may allow unauthenticated access to the model-management surface. Under certain conditions, researchers say it can be chained to pre-auth RCE as the Triton process user.
Repo includes:
• Detection script
• Auth bypass demo
• RCE-chain PoC
• Suricata / IDS rules
• Root-cause notes
• Patch-diff docs
Details:
• Product: NVIDIA Triton Inference Server
• CVE: CVE-2026-24207
• Severity: Critical
• CVSS: 9.8
• CWE: CWE-288
• Fixed version: r26.03+
Admins should update Triton Server to r26.03 or later.
🛑 A new #Linux kernel exploit (CVE-2026-46331) gets root without modifying a single file on disk.
It poisons the cached copy of /bin/su in memory. The binary on disk stays untouched. File-integrity checks come back clean.
The root shell is already open.
Details here ↓ https://t.co/y2FDVjcSEq
🚨 Successful PoC for Linux Kernel CVE-2026-43503 (DirtyFrag variant) 🚨
JFrog researchers successfully developed a privilege escalation exploit for CVE-2026-43503, a newly discovered DirtyFrag variant we dubbed "DirtyClone".
The vulnerability was patched and merged into mainline Linux on May 21 (v7.1-rc5, commit 9e171fc1d7d7). Make sure your systems are up to date.
Read the full technical writeup: https://t.co/y7a3dduBsD
PixelSmash – Critical FFmpeg Vulnerability Turns Media Files into Weapons
A critical vulnerability in FFmpeg's MagicYUV decoder leads to remote code execution via a crafted media file
https://t.co/2Wud51mqoK