It is representative of a *profound* failure of a country that this group of people are up there talking about medicine and science at all

Beyond the message of the talk, the insights on the parliamentary monitoring system are super interesting!

Europe stands with Estonia in the face of Russia’s latest violation of our airspace. We will respond to every provocation with determination while investing in a stronger Eastern flank.

I've been researching the Microsoft cloud for almost 7 years now. A few months ago that research resulted in the most impactful vulnerability I will probably ever find: a token validation flaw allowing me to get Global Admin in any Entra ID tenant. Blog: dirkjanm.io/obtaining-gl...

Deterministic LLMs are possible. thinkingmachines.ai/blog/defeati...

We use @jameskettle.com Burp extension Collaborator Everywhere daily. Now our upgrades are in v2: customizable payloads, storage, visibility. Perfect for OOB bugs like SSRF. Find out more here: blog.compass-security.com/2025/09/coll... #AppSec #BurpSuite #Pentesting

This is a fascinating move www.reuters.com/world/europe...

Wow "Flashlights from the bow swept over the water. Fearing that they had been spotted, the SEALs opened fire. Within seconds, everyone on the North Korean boat was dead."

EPFL, ETH Zurich, and CSCS released Apertus, Switzerland's first large-scale, multilingual language model (LLM). As a fully open LLM, it serves as a building block for developers and organizations to create their own applications: www.cscs.ch/science/comp... @ethz.ch #AI #Apertus #AIforGood

ChatGPT just shipped the exact memory feature I've always wanted - automatic memory that's scoped to a specific project simonwillison.net/2025/Aug/22/...

In a somewhat better world this ChatGPT suicide case should at minimum trigger resignations from OpenAI top brass. This won't happen of course, showing what kind of people we are dealing with there. And yes, this case is different from finding similar information via search 1/2

Still more evidence that the US under Trump is an enemy of Europe.

This is a magnificent read. "Every warning about AGI danger is also a pitch deck for more funding" "The future is already here. You just have to stop looking for it in the wrong place."

I never managed to do any meaningful work on the train, I need a comfortable setup for it. With chatpgt I can (let it) work on small side projects I never allocated time for.

UK is beta testing all the shittiest ideas, first brexit and now this. At least other countries will see the consequences before wanting to follow.

AppSec Ezine - 597th edition #AppSec #Security pathonproject.com/zb/?0f5e45f0...

To keep up to date on AI topics without being on twitter I recommend news.smol.ai (Newsletter & RSS feed)

One of my coworkers refers to Open Source as “the most incredible thing humanity has ever accomplished.” When he says that, he’s not making a socioeconomic or political statement, nor is he ignoring technical shortcomings. Rather, he is making an observation about how millions of people have […]

We've just released a massive update to Collaborator Everywhere! This is a complete rewrite by @compass-security.com which adds loads of features including in-tool payload customization. Massive thanks to Compass for this epic project takeover. Check out the new features:

Many static site generator templates don't include meta tags for #RSS / #Atom feeds, but the data is generated by default. It's worth to check: /index.xml /feed.xml #syndication Original->

ETH Zurich and EPFL will release a large language model (LLM) developed on public infrastructure. Trained on the #Alps supercomputer at #CSCS, the new LLM marks a milestone in open-source AI and multilingual excellence: www.cscs.ch/science/comp...

LLM-based vuln hunting just leveled up with xvulnhuntr - a fork of vulnhuntr with support for: C#, Java, Go. Read @rationalpsyche.bsky.social's blog post and go grab the project on GitHub. blog.compass-security.com/2025/07/xvul...

We ditched CGI in the late 1990s because of the overhead of starting, executing and stopping a process for every incoming request... turns out modern servers (plus languages like Go or Rust with a fast startup time) mean CGI isn't such a bad idea any more! simonwillison.net/2025/Jul/5/c...

I wrote about how the Everglades experiment fits into the history of concentration camps in the US and abroad, and how it will connect a domestic network of camps to an international one. We’re watching the imposition of a global concentration camp network.

A new @OpenSecurityTraining2 course just dropped! #fuzzing 1001: Introductory white-box fuzzing with AFL++ https://p.ost2.fyi/courses/course-v1:OpenSecurityTraining2+Fuzz1001_Intro_AFL+2025_v1/about

Exploiting the @ubiquiti.bsky.social AI Bullet camera for #Pwn2Own made us sweat more than once. But persistence paid off. Our detailed blog post is now live: blog.compass-security.com/2025/06/pwn2... #penetrationtest #pentest #iot #embedded #cybersecurity www.compass-security.com/en/services/...

[RSS] RedirectionGuard: Mitigating unsafe junction traversal in Windows msrc.microsoft.com -> Original->

Thrilled for #TROOPERS25 Thursday! Emanuele & @yvesbieri.bsky.social share #Pwn2Own wins on #surveillance cams. Method, #exploit, lessons. Drop in, trade war-stories! Talk: troopers.de/troopers25/t... Compass pentest: www.compass-security.com/en/services/... #cybersecurity #iot #hw #fw #ot

When you watch people use AI, you see how absolutely confusing things are, not just the obvious (o3 is better than 4o?), but also how ill-explained features are. For most people, just realizing that you need to switch models to get more serious work done is a major revelation.

3) Summarizing search results. Gemini 2.5-pro has a "grounding" feature where it provides non-hallucinated search results on which the response is based. There are more. It is a very strangely shaped tool indeed, but the job of the artisan is to figure out what the tool can be used for...

My short impulse presentation from Cycon is online: youtu.be/qllU_B_Rmis?...

[IT] There's still hope: smartphones banned in italian high schools from next year.

Whatsapp introduces adds. Take this as an opportunity to install Signal play.google.com/store/apps/d...

The change in tenor from European clients before and after the ICC getting cut off from their MS services is palpable.

Welcome on Bluesky @blaklis.bsky.social 👋

If you pentest web apps this is a great explanation of HTTP/1.1, HTTP/2, and HTTP/3 www.netmeister.org/blog/http-12...

My experience with Canonical's interview process — dustri.org/b/my-experie...

A small slide deck for a 15 minute impulse talk at Cycon 2025 in Talinn: docs.google.com/presentation...

Without js I always relied on iframes but meta tag is indeed better with respect to X-Frame-Options

Tons of good tips there ⬇️💎

At some point, the fact that over a billion people use this technology and that they self-report high utility has to mean something. There is lots to criticize about AI and plenty of real issues caused by AI, but the narrative that this is all a fake thing that will disappear doesn't help anyone.

OffensiveCon 25 videos are out. Thank you @offensivecon www.youtube.com/watch?v=goEb...

I don't listen to podcasts because I like to consume raw information. I just realized that with text2speech I can create my own "blogpost as audiobook". My mind is blown.

Certipy v5 release github.com/ly4k/Certipy...

"The International Criminal Court ’s chief prosecutor has lost access to his email, and his bank accounts have been frozen. Microsoft cancelled Khan’s email address [...] "Trump sanctioned the court after a panel of ICC judges in November issued arrest warrants for Israeli Prime Minister Netanyahu"

I've written lots of words on "the cloud" and specifically Europe's woes. In the post below I tie many articles together into a hopefully useful overview. It may be good to know that nothing I write on the cloud is original, I mostly hope to report things as they are: berthub.eu/articles/pos...

Having participated in the MSC AI-Cybersecurity competition, I was curious to check the winning entries. The second place essay is imho the best one. Here is a summary thread to invite you to read it in full. Problem: it is increasingly difficult to tell human and computers apart.