One method for discovering the correct amount of columns to SELECT in a SQL injection is to keep adding NULL until the error disappears. Check it out! 👇
Se a mensagem de alerta da defesa civil fosse "Constantinopla" aí sim eu ficaria preocupada, porque iria acionar uma galera por aí
#defesacivil#cibersegurança
Só as vezes percebo os sacrifícios contínuos que faço para poder estar preparada para problemas e inconveniências. Estar sempre em alerta é complicado! Eu nem tenho crise de ansiedade porque me desprepararia para as coisas... "Eu não tenho tempo para sangrar". #LifeQuotes
Que loucura é isso aqui, @policiafederal ?
A página de solicitação de passaporte (NÃO CLIQUEM https://t.co/d8zhyWFq7L) trava o computador só de acessar a página. Mesmo usando o Firefox, recomendado por vocês.
Fui investigar, e a função "get HTMLSelectElement.selectedIndex" é executada 13 mil vezes só ao carregar a página e leva incríveis 6 minutos.
E se você clica no dropdown de cidades sem ter escolhido o estado primeiro, lá se vão mais 30k+ execuções da mesma função.
Senhores, isso é um serviço público essencial. Como pode ser tão mal desenvolvido assim? Nem vibe coding faz algo tão ruim.
Existem ataques antigos que simulam torres 4G/3G (IMSI catchers) para emitir alertas falsos, mas não foi o caso aqui.
O atacante foi até:
Pegou os principais domínios, jogou em infostealers, mirou @defesacivil.sp e acessou o sistema.
O ponto mais crítico, na minha opinião, foi direto em:
🔴 https://t.co/WWX3DFSZ0N
Vazamento de credenciais — geralmente isso.
A IDAP estava bem desatualizada, o que torna uma invasão direta, sem credenciais, perfeitamente possível também.
O DCA (Defesa Civil Alerta) é relativamente novo (2024) e tem ~1.200 agentes capacitados no Brasil todo.
Sobre a mensagem, trollagem ou IA avisando que vai destruir a humanidade (brincadeira)
A DEVELOPER PROVED THE REGEX YOU'VE WRITTEN A THOUSAND TIMES IS SECRETLY A COMPILER AND THAT ALMOST NO ONE WHO USES THEM HAS ANY IDEA WHAT ACTUALLY RUNS
36 minutes from Paul Wankadia, the engineer behind a regex engine that compiles your pattern straight down to raw machine code -- walking through what really happens between the slashes.
-> The moment it clicks, regex stops being magic punctuation you paste from Stack Overflow and becomes what it actually is: a tiny machine. Your pattern gets turned into a state machine, and that machine is what runs against every character of your text.
That one idea explains everything you never understood. Why one regex returns instantly and a nearly identical one hangs your whole server. Why some patterns are safe and others are a denial-of-service waiting to happen. It was never random -- it's whether the machine underneath is built well or badly.
Writing a regex was never the skill -> reading one is. And now that an AI agent hands you dense, clever patterns you'd never write yourself, the person who can see the machine underneath is the one who catches the one that takes down production at 3am.
Everyone copies regex and prays. This is the talk that ends the praying.
Save it. The next time a pattern "Just works," you'll actually know why ↓
Isso deveria ser proibido ou passível de multa. Banco é um serviço crítico, uma notificação bancária tem um peso diferente, vc vai querer ver. Utilizar-se dessa posição pra mandar ADs é sem noção, estão passando fome? (e sem essa de pode dar opt-out - não deveria nem ter mandado)
The creator of Linux just publicly called out the AI hype. Word for word.
Linus Torvalds took the stage at Open Source Summit 2026 and said this:
"When I see people saying 99% of our code is written by AI, I literally get angry. Because those same people — I can pretty much guarantee — 100% of their code is written by compilers. But they never say that."
He is not anti AI. The Linux kernel saw a 20% jump in submissions this release because of AI tools. He uses it. He gets it.
His point is something most people are too afraid to say.
AI is a productivity tool exactly like compilers were. Compilers boosted programming by 1000x. AI adds another 10x on top. Enormous. But nobody says "the compiler wrote my code." So why are we saying AI wrote it?
He also flagged something nobody is talking about.
AI is flooding small open source projects with drive-by bug reports. Someone runs a prompt, files a report and disappears when asked for a patch. Maintainers with one or two people are drowning trying to keep up.
"Sometimes AI reports a bug and when you ask for more information the person has done that drive-by and does not even answer your question. That is the real burnout issue."
And his final warning was the sharpest of all.
"People who do not understand the complexity of systems will prompt systems and write processes that will fail."
The AI hype crowd is very loud right now.
Linus has been building real systems for 35 years. When he talks, engineers listen.
Full interview here:
https://t.co/LmXJtvKc4O
PewDiePie just built and open-sourced a full AI workspace that runs entirely locally.
it’s called Odysseus and it’s FREE.
local AI agent that browses the web, edits your files, transcribes videos and auto replies to dumb emails. it self-evolves too, writing its own instructions to do repeat tasks faster and pulling memories from your interactions to understand you better over time.
odysseus has:
- document editor.
- image editor (better photoshop)
- visual research.
- a calendar.
- search.
- custom AI characters.
and a “cookbook” that scans your hardware and tells you exactly which models you can run so you don’t need to be nerdy and shi.
bro really said “fuck Claude and ChatGPT i’ll build it myself”💀
35 WEBSITES THAT ARE ACTUALLY USEFUL
1. archive. org — access old content
2. wolframalpha. com — solve anything
3. removebg. com — remove image background
4. tinypng. com — compress images free
5. smallpdf. com — edit PDFs free
6. ilovepdf. com — merge & split PDFs
7. deepl. com — best translator online
8. grammarly. com — fix your writing
9. hemingwayapp. com — simplify writing
10. chatgpt. com — ask any question
11. perplexity. ai — smart search engine
12. notion. so — organize your whole life
13. trello. com — manage any project
14. canva. com — design for free
15. unsplash. com — free photos
16. pexels. com — free videos & photos
17. flaticon. com — free icons
18. coolors. co — pick color palettes
19. fonts. google. com — free fonts
20. namecheap. com — buy cheap domains
21. github. com — free code hosting
22. replit. com — code from browser
23. regex101. com — test any code
24. explainshell. com — understand commands
25. fast. com — check internet speed
26. haveibeenpwned. com — check if hacked
27. virustotal. com — scan files for virus
28. downdetector. com — check if site is down
29. 10minutemail. com — temp email address
30. justpaste. it — share text instantly
31. screely. com — make screenshots beautiful
32. carbon. now. sh — share code beautifully
33. squoosh. app — compress any image
34. similarsites. com — find similar websites
35. shortcuts. design — design shortcuts list
Tenho uma informação de utilidade pública 🚨
Recentemente, vc viu na sua aplicação usuários com nome/username com a string pentest ?
Esse é o comportamento do Claude Code se estiverem tentando vibe-hackear e deixando o Claudio criar requisições 🤣 #bolhasec