RE:

Miguel de Icaza ᯅ🍉 (@Migueldeicaza@mastodon.social)

Jesus fucking christ. https://hey.paris/posts/appleid/

This is terrible, obviously. But another lesson for self hosting weirdos like me who offer services to friends and family is that the same outcome is possible with a simple accident or mistake. Be careful with other people's data. There's more to it than just encryption. View quoted note →

npub1s6ee...n008 1 week ago

Ten CVEs in GitLab fixed, including four sev:HIGH ones.

GitLab Patch Release: 18.6.2, 18.5.4, 18.4.6

Learn more about GitLab Patch Release: 18.6.2, 18.5.4, 18.4.6 for GitLab Community Edition (CE) and Enterprise Edition (EE).

npub1s6ee...n008 1 week ago

BoF in glib.

cve-details

> A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.

npub1s6ee...n008 1 week ago

Every single morning this week I've had to wait for Microsoft to go wake up GitHub. I thought it was supposed to be a 24 / 7 service.

npub1s6ee...n008 2 weeks ago

MS advisories are live. Looks like two publicly disclosed and one EITW.

Security Update Guide - Microsoft Security Response Center

npub1s6ee...n008 2 weeks ago

BleepingComputer

Google Chrome adds new security layer for Gemini AI agentic browsing

Google Chrome is introducing a new security architecture designed to protect upcoming agentic AI browsing features powered by Gemini.