Lobster Roll

All Programming (General) 31792 Systems / Low-Level / OS 23352 Programming Languages / CS Theory 16527 Data / Databases / Infrastructure 13189 Web Development 10674 Culture / Philosophy / History / Reading 9529 Security / Privacy 9254 Productivity / Career / Business 6734 Maker / DIY / Hardware 5438 AI / Machine Learning 4701 Science / Math / Physics 3415 Design / UX / Visualization 3345 Gaming / Retro Computing 3131 Apple / macOS / iOS 2475 Internet / Digital Culture 1236 Crypto / Blockchain 304 Health / Fitness / Lifestyle 81

Security / Privacy

Why (special agent) Johnny (still) Can't Encrypt (2011) (mattblaze.org)
4 pts 0 comments by fcbsd Sep 12, 2025 cryptographysecurity Security / Privacy
open-edison: An MCP Gateway to block Simon Willison's Lethal Trifecta (github.com)
3 pts 0 comments by 76SlashDolphin Sep 12, 2025 aisecurity AI / Machine LearningSecurity / Privacy
Phishing campaign targeting crates.io users (blog.rust-lang.org)
23 pts 3 comments by jmillikin Sep 12, 2025 rustsecurity Systems / Low-Level / OSSecurity / Privacy
Trail of Bits: Buttercup is now open-source (blog.trailofbits.com)
4 pts 0 comments by df Sep 12, 2025 aisecurity AI / Machine LearningProgramming (General)Security / Privacy
Team Atlanta (team-atlanta.github.io)
-1 pts 0 comments by df Sep 12, 2025 aisecurity AI / Machine LearningSecurity / Privacy
Lessons in Disabling RC4 in Active Directory (syfuhs.net)
3 pts 0 comments by fanf Sep 12, 2025 securitywindows Security / Privacy
VMScape: Exposing and Exploiting Incomplete Branch Predictor Isolation in Cloud Environments (comsec.ethz.ch)
3 pts 0 comments by fro Sep 12, 2025 hardwaresecurity Security / PrivacyMaker / DIY / Hardware
Kerberoasting (blog.cryptographyengineering.com)
34 pts 19 comments by fanf Sep 10, 2025 securitywindows Security / Privacy
I don’t want AI agents controlling my laptop (sophiebits.com)
23 pts 18 comments by carlana Sep 9, 2025 securityvibecoding AI / Machine LearningSecurity / Privacy
Supply chains and watering holes (cryptography.dog)
6 pts 5 comments by soulcutter Sep 9, 2025 security Security / Privacy
Memory Integrity Enforcement: A complete vision for memory safety in Apple devices (security.apple.com)
27 pts 16 comments by calvin Sep 9, 2025 hardwaresecurity Security / PrivacyApple / macOS / iOSMaker / DIY / Hardware
GNU/Linux Sandboxing - A Brief Review (hardenedlinux.org)
3 pts 0 comments by Kratacoa Sep 9, 2025 linuxsecurity Systems / Low-Level / OSSecurity / Privacy
Sandboxing Applications with Bubblewrap: A Simple Script (2024) (sloonz.github.io)
4 pts 0 comments by gnyeki Sep 9, 2025 linuxsecurity Systems / Low-Level / OSSecurity / Privacy
We all dodged a bullet (xeiaso.net)
1 pts 2 comments by freddyb Sep 9, 2025 security Security / Privacy
A look at a P2P camera (LookCam app) (palant.info)
3 pts 1 comments by freddyb Sep 9, 2025 security Security / Privacy
Replacing SGX with GitHub Actions: Or how to turn GitHub Actions into a trusted computing oracle (ethanheilman.com)
8 pts 0 comments by EthanHeilman Sep 9, 2025 compscicryptographymerkle-treesprogrammingsecurity Programming (General)Programming Languages / CS TheorySecurity / Privacy
A Novel Technique for SQL Injection in PDO’s Prepared Statements (slcyber.io)
4 pts 2 comments by sjamaan Sep 9, 2025 databasesphpsecurity Programming (General)Data / Databases / InfrastructureSecurity / PrivacyCulture / Philosophy / History / Reading
color npm package compromised (fasterthanli.me)
19 pts 10 comments by tumdum Sep 8, 2025 javascriptsecurity Web DevelopmentSecurity / PrivacyDesign / UX / Visualization
Anatomy of a billion-download NPM supply-chain attack (jdstaerk.substack.com)
26 pts 29 comments by kwas Sep 8, 2025 javascriptreversingsecurity Web DevelopmentSystems / Low-Level / OSSecurity / Privacy
Vibe-coded build system NX gets hacked, steals vibe-coders’ crypto (pivot-to-ai.com)
48 pts 14 comments by kel Sep 8, 2025 securityvibecoding AI / Machine LearningSecurity / Privacy
Ever shared a Spotify link on the internet? Someone you don't know can now message you (androidauthority.com)
23 pts 16 comments by Arya Sep 7, 2025 privacysecurity Security / PrivacyInternet / Digital Culture
Wolves in the Repository: A Software Engineering Analysis of the XZ Utils Supply Chain Attack (arxiv.org)
5 pts 3 comments by df Sep 5, 2025 pdfsecurity Programming (General)Security / Privacy
Subverting code integrity checks to locally backdoor Signal, 1Password, Slack, and more (blog.trailofbits.com)
9 pts 1 comments by freddyb Sep 4, 2025 security Programming (General)Security / Privacy
Addressing the unauthorized issuance of TLS certificates for 1.1.1.1 (blog.cloudflare.com)
1 pts 2 comments by yashgarg Sep 4, 2025 networking Data / Databases / InfrastructureSecurity / Privacy
A CA Trusted by Microsoft Mis-issued Certificates for 1.1.1.1 in May 2025, According to Logs (arstechnica.com)
27 pts 22 comments by hoistbypetard Sep 4, 2025 networkingsecurity Data / Databases / InfrastructureSecurity / Privacy
Strategically Holding Back Bugs and Patches (rya.nc)
2 pts 1 comments by freddyb Sep 4, 2025 pdfsecurity Security / Privacy
Linux Kernel SMB 0-Day Vulnerability CVE-2025-37899 Uncovered Using ChatGPT o3 (upwind.io)
0 pts 4 comments by df Sep 4, 2025 securityvibecoding AI / Machine LearningSystems / Low-Level / OSSecurity / Privacy
Cookie Chaos: How to bypass __Host and __Secure cookie prefixes (portswigger.net)
5 pts 0 comments by freddyb Sep 3, 2025 securityweb Web DevelopmentSecurity / Privacy
Passkeys and Modern Authentication (lucumr.pocoo.org)
38 pts 29 comments by alper Sep 2, 2025 security Security / Privacy
Kernel-hack-drill and a new approach to exploiting CVE-2024-50264 in the Linux kernel (a13xp0p0v.github.io)
11 pts 0 comments by mtlynch Sep 2, 2025 security Systems / Low-Level / OSSecurity / Privacy