Practical Collision Attack Against Long Key IDs in PGP In response to the GPG.Fail attacks, a Hacker News user made this claim about the 64-bit "Long Key IDs" used by OpenPGP and GnuPG, while responding to an answer I gave to someone else's question: OK, to be clear, I am specifically contending…

Actions have consequences.

I don’t know who needs to hear this, but courage isn’t the absence of fear, it’s being scared and doing it anyway

Lots of "don't cry cuz it's over, smile cuz it happened" energy hitting me with this meme 🥲😭🫠

Cortana Halo is just Clippy after she transitioned

The same Republican state legislatures that passed age verification laws for porn are silent on Grok creating and publishing CSAM. It was never about the children.

Guys, we did it. We invented the Commodore 64

Prediction markets are now fully integrated in the framing disinformation campaigns require (and can additionally increase the number of financial beneficiaries of such campaigns).

Dear younger me who decided to do infosec in Europe rather than in the US: good job.

what i want from ai: please just do my laundry for me and make me tasty snacks what im getting from ai: here’s some generated anime waifus that we think you might enjoy

PSA: go.sum is not a lockfile. You never need to look at go.sum. go.mod has everything you need.

The 2025 Hacking the Cloud: Year in Review is out! We take a look at the growing tide of software supply chain attacks, discuss the most critical cloud vuln discovered to date, and share some stats for the site! hackingthe.cloud/blog/2025_wr...

Manufacturing consent and controlling the narrative by restricting what words can or cannot be used

An interesting fact: in the CISA KEV, we can find six (6) 0-day XSS vulnerabilities. All but one are related to e-mail products. 1. CVE-2025-27915, Zimbra 2. CVE-2024-11182, MDaemon 3. CVE-2023-37580, Zimbra 4. CVE-2023-5631, Roundcube 5. CVE-2022-24682, Zimbra 6. CVE-2021-1879, Apple

"international law must be followed" is european for "thoughts and prayers"

E anche quest'anno è già bruciato, che periodo storico di merda, essere millennial fa cagare

babe wake up, they're doing insider trading on war crimes

Quindi gli Stati Uniti sono ufficialmente i super cattivi, speriamo che il cinema d'azione ne tragga beneficio

If 2025 was the year of vibe coding, 2026 will be the year of vibe maintenance and security.

I think a big chunk of the "linux is hard" sentiment stems from the fact that most linux users do weird things with their computers. basically this:

This is - imo - ethical hacking. Because the person made a weighted personal ethical choice. CVEs and vulnerability reports are just bug reports. No more than this.

CCC never fails to be the real DEFCON

Not all heroes wear capes. Sometimes they wear pink power ranger costumes. And that's amazing.

Here's the #39C3 Talk: media.ccc.de/v/39c3-the-h...

oh my god

"A woman dressed as a pink Power Ranger hacked a dating site for far-right extremists. She deleted the entire site, but first she made users fall in love with AI bots she ran, thus obtaining information about them. Over 8,000 far-right profiles have now been mapped."

The evening of Feb 24, 2022 featured Russian special forces units randomly shooting civilian vehicles and getting in firefights with TDF inside Kyiv as they were attempting to find and kill Zelensky

I don’t want to say this was about oil, but Mr Trump will.

Non è difficile eh. "Maduro è un dittatore brutale e oppressivo del Venezuela. Trump non ha alcuna base legale legittima per un’azione militare contro il Venezuela, né secondo il diritto statunitense né secondo il diritto internazionale".

This person went on a buying spree over the past 24 hours. Fresh wallet. Only existed since Dec 27th and has only bet on Venezuela-related markets. polymarket.com/@0x31a56e9E6...

"I won't date trans people" is transphobic. You are not required to date any trans person. You are allowed to find every trans person you have encountered repulsive. 🧵 1/3

Anyone Else Here xkcd.com/3188/

It's kinda funny how the tech bros rapidly shifted from "a JPG can belong to someone in particular, you can't just use it!" to "i made this machine that steals JPGs and plagiarizes them"

Welp, I think I've now been scared sufficiently that I need to change out my 22 year old GPG key. #YOW25 It was already dated with use of dsa1024, but if the rsa2048 is in trouble for existing encrypt/sign operations, rather than just the risk of someone pretending to sign new sub-keys...

Child exploitation content on X/Twitter sharply increased under Musk, who not only abruptly disbanded the group of volunteer experts advising the platform on child safety, image exploitation, and other abuses in 2022, but tried to blame them for the company's CSAM problem www.npr.org/2022/12/12/1...

Sto sempre aspettando i mea culpa di tutti i giornalisti creduloni che all’epoca ripetevano a pappagallo le sciocchezze di Musk e dei suoi sulla lotta alla pedopornografia, quando era del tutto evidente che stavano peggiorando le cose.

This is a *greate* write-up! cc @soatok.bsky.social you could appreciate

📖 Read about a real-world C# #cryptography vulnerability we've discovered in the wild, in our latest blog post! No math required (unless you're into that sort of thing)! blog.doyensec.com/2025/08/19/t... #doyensec #appsec #security #csharp

Wow the Twitter guy responsible for the original shitty encrypted DMs feature[1] joking about the grok "can you put this in a bikini" thing is a level of gross even I didn't expect [1] As opposed to the new shitty encrypted DMs feature

The entire thread, in particular the conclusion.

“It is not simple. I do not know what that means.“

A message for you all to carry through the year

the thing is, “differing political views” used to be about what percentage to tax high earners and not whether brown people are humans

unvarnished gutter racism and Nazism from the president. a disgrace to our country.

Appena superato il 90% dell'obiettivo. Fine anno col botto 🚀🚀🚀🚀💙💙💙💙 Superato il 90% obiettivo 2026, +54mila euro raccolti e mancano 8 giorni alla fine del crowdfunding con ricompense di @valigiablu.it crowdfunding.valigiablu.it

La buona informazione va sostenuta. Con la buona informazione si salva il mondo. Io l'ho fatto, voi? crowdfunding.valigiablu.it/projects/cro...

I recently wrote some thoughts on wrapping Rust libraries for Wasm plus a couple patterns that I use to make wasm-bindgen feel a bit more manageable. No silver bullets here but maybe some sensible defaults (fight me in the comments 😛) notes.brooklynzelenka.com/Blog/Notes-o...

AI-made videos using attractive young women promote Poland's EU exit