Powerful regional-level jamming has hit the Strait of Hormuz again, with major location and AIS spoofing seen over the last couple of hours.
Seen here, AIS ship tracks on @MarineTraffic disappearing and jumping around.
People often underestimate how massive and brutal the war in Ukraine is, and many ignore that Russia is committing genocide.
In Mariupol alone, deaths in just three months may exceed the total toll in Gaza over the entire war, despite a much smaller population. Let that sink in
MongoBleed (CVE-2025-14847) is basically Heartbleed for MongoDB
- unauthenticated memory disclosure
- public POC, trivial to exploit
- leaks creds, tokens, cloud keys straight from RAM
- huge exposed surface on the internet
Good writeups and technical details here:
https://t.co/LgK4RABmJu
https://t.co/DWtByJQ3au
https://t.co/LUwfnF6uXG
Patch fast, rotate secrets, and assume exposed instances were scanned(!)
Sooo. Apparently.
Cloudflares outage was caused by a single oversized configuration file used for bots and threat related blocks.
The file which auto generates from live threat intel, grew far beyond expected size. When the system reloaded it during routine opss, the bot management service crashed, triggering 500 errors across the global CDN.
Surprisingly, it apparently was not a DNS issue (color me surprised).
Just one config file that got too big and took down the interwebs for hrs.
Virtual Machines render fonts. It’s kind of insane.
TrueType has its own instruction set, memory stack, and function calls.
You can debug it like assembly. It’s also exploitable:
Having fun cloning some Paxton Hitag2 fobs and encoding them into EM4100 (So I can write them to my T5577 tags) but beyjeysus I was getting inconsistent reads and almost zero luck dumping them on #Proxmark3 Easy.
Super hacker spoon to the rescue!
https://t.co/ZGPTNzYJ7P
The cherry on the cake:
FPV drones that attacked the Olenya airfield were assembled by hired Russians in Chelyabinsk.
The premises, 638 square meters in area and next to the Chelyabinsk Electric Locomotive Repair Plant, were rented for 350 thousand rubles per month.
Apparently an Israeli company has forked Signal client and added features to retain messages for compliance. As someone in USG just said to me: what could go wrong? https://t.co/Ie3AkeZXZR
🧵 THREAD: A federal whistleblower just dropped one of the most disturbing cybersecurity disclosures I’ve ever read.
He's saying DOGE came in, data went out, and Russians started attempting logins with new valid DOGE passwords
Media's coverage wasn't detailed enough so I dug into his testimony:
Chinese Great Firewall (website access blockade and. content filter for internet traffic) was leaking data! It's a fascinating discovery of security and privacy vulnerability in a large-scale technical censorship system. "Traffic with no relation to China could be leaked".
New Zealand, let's do this.
3,000km. 300,000 feet of elevation. 60 back to back ultra marathons.
There will be highs, lows, and plenty of adventures to be had along the way!
Buzzing to share the journey with you.
@purenewzealand - ad
#NZMustDo#NZBucketList