The application has remained stable since approximately 9 PM PDT, April 16 despite ongoing Distributed Denial-of-Service (DDoS) attacks.
We have not seen any evidence of unauthorized access to private user data.
We will provide our next update on or before the morning of April 20.

❤️

New Open Source tool, the WolfSSL project has released a TCP/IP stack designed for embedded and safety-critical systems.

www.prweb.com/releases/wol...

The Dumbest Hack of the Year Exposed a Very Real Problem Last April, a hacker hijacked crosswalk announcements to mimic Mark Zuckerberg and Elon Musk. Records obtained by WIRED reveal how unprepared local authorities were.

“Authorities suspect the unknown culprit took advantage of weak and publicly available default passwords to wirelessly upload custom recordings that played whenever a pedestrian pressed a crosswalk button.”
www.wired.com/story/crossw...

But I’m not conflicted about this one.
www.etsy.com/listing/1885...

Cobalt-60 Drop & Run Prop Replica, 3D Printed Sci-Fi Collectible Immerse yourself in the thrilling world of sci-fi with this Cobalt-60 Drop & Run Prop Replica. Crafted with meticulous attention to detail, this 3D printed collectible captures the essence of a radioactive source, complete with the iconic radiation symbol and warning labels. Measuring approximately 4 inches in length, this prop is a must-have for any avid collector or movie enthusiast. Display it proudly alongside your other prized possessions or use it to enhance your cosplay or movie-themed events. With its realistic design and high-quality construction, this replica is sure to impress. Indulge your passion for science fiction and bring a touch of cinematic excitement to your collection today.

Adding things to my gift ideas list. I’m a little conflicted about this one.
www.amazon.com/Cobalt-60-Re...

A sticker with a sad looking cloud on it, captioned: "It's always DNS except when it's the IAM policy"

@mewtype.online saw this sticker today and thought of you

Virtual Blue Box A web-based blue box that can do MF, SF, DTMF, and ACTS signaling, all in one!

Ultimate Online Phreak Box. “This is a free online blue box, red box, and silver box.” (With this and a time machine, you could make free phone calls in the 1970s.) [phreaknet.org]

SG-41 cipher machine recreated online with 3D model : Martin Gillow's 3D recreation lets users explore would-be Enigma successor's mechanics and enciphering logic online

SG-41 cipher machine recreated online with 3D model
😍
www.theregister.com/2026/04/08/v...

I switched from sudo to doas and now my permission rules actually make sense Less config, less confusion, same power.

“Doas was written for OpenBSD after the OpenBSD project decided sudo was too large to ship in the system base. It was built from the ground up to fundamentally do the same job, without carrying along sudo's bloat.”
www.makeuseof.com/switched-sud...

AuraFonts is a fancy text generator. Type in your text and see how it looks in over a thousand different font/decorative styles. Example: 📺 @𝙴𝚜𝚝𝚑𝚎𝚛𝚂𝚌𝚑𝚒𝚗𝚍𝚕𝚎𝚛 📺

Screenshot of a web page with the following text: Chrome Extension Detector View source code: https://github.com/jasoncoon/chrome-ext-list Detected 3 of 2,956 extensions Detected Chrome Extensions React Developer Tools Undetected Chrome Extensions #1 Productivity extension for active people 1-Click Business 1000x Focus 100x - Jobs Tracker & Keywords Recommender 100xWorkflows 10XTribe 1dasou.com - B2B Company & Contact Info 1Page

I just read up on "BrowserGate" where LinkedIn is secretly searching users' computers for installed Chrome extensions, and I just had to make a simple demo web page.
It uses only client-side javascript & doesn't send any data anywhere: jasoncoon.github.io/chrome-ext-l...
More info: browsergate.eu

A Secure Chat App’s Encryption Is So Bad It Is ‘Meaningless’ TeleGuard is an app downloaded more a million times that markets itself as a secure way to chat. The app uploads users’ private keys to the company’s server, and makes decryption of messages trivial.

This is insane: TeleGuard, a 'secure' chat app downloaded more than a million times, uploads users' private keys, meaning the company can decrypt messages. And anyone can get anyone else's private key by just sending the user ID to the API. Possibly worst ever www.404media.co/a-secure-cha...

Tesla Admits Its Robotaxis Are Sometimes Driven by Remote Humans The electric-car maker says it happens rarely and at speeds below 10 mph. But the disclosure—in response to a US senator's questions—occasioned a call for more transparency.

“‘Every autonomous-vehicle company refused to disclose how often their AVs require assistance from [remote assistants]—hiding key information from the public about their AV’s true level of autonomy, …’”
🍿🍿 🍿
www.wired.com/story/tesla-...

👀

Spy Tech: Conflicts Bring A New Number Station If you know much about radios and espionage, you’ve probably encountered number stations. These are mysterious stations that read out groups of numbers or otherwise encoded messages to……

Spy Tech: Conflicts Bring A New Number Station hackaday.com/2026/03/30/s...

Your AI Stack Just Handed Over Your Root Keys: Inside the litellm PyPI Breach Litellm PyPI breach explained: malicious versions steal cloud credentials, SSH keys, and Kubernetes secrets. Learn impact and urgent mitigation steps.

Your AI Stack Just Handed Over Your Root Keys: Inside the litellm PyPI Breach www.trendmicro.com/en_us/resear...

I’m thinking about sneaking a peek inside that black book my master keeps chained to the desk at the top of his tower. I bet there’s some pretty interesting stuff in there

100% bizarro world.

Top US Fema official claims to have teleported to a Waffle House before ‘Teleporting is no fun,’ Gregg Phillips, picked to lead Fema’s office of response and recovery, has said on a podcast

“…Phillips claimed that his car was “lifted up” while he was driving and transported 40 miles (65km) away into a ditch near a church. And in another instance on the same episode, Phillips said he was teleported 50 miles away to a Waffle House in Rome, Georgia…”
🤨
www.theguardian.com/us-news/2026...

DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover

DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover

We're living through some wild times.

GitHub - ruvnet/RuView: π RuView: WiFi DensePose turns commodity WiFi signals into real-time human pose estimation, vital sign monitoring, and presence detection — all without a single pixel of video. π RuView: WiFi DensePose turns commodity WiFi signals into real-time human pose estimation, vital sign monitoring, and presence detection — all without a single pixel of video. - ruvnet/RuView

😳
"Instead of relying on cameras or cloud models, it observes whatever signals exist in a space such as WiFi, radio waves across the spectrum, motion patterns, vibration, sound, or other sensory inputs and builds an understanding of what is happening locally."
github.com/ruvnet/RuView

There are a lot of articles and discussions concerning the Handala Hack Team, and especially the recent attack on Stryker.

Multiple articles have been published regarding this threat actor and I have put together a "Threat Actor Profile" for Handala. It's as always reasonably well attributed to […]

sweepthestrait.com

Not to mention the cost of insurance after the insurance companies get that data. "You looked like you were distracted yesterday, so you premiums are going up 50%"

CVE-2026-3805: use after free in SMB connection reuse

https://hackerone.com/reports/3591944

Edition 11 – One mistake ties together more than 100 domains Hey there, Hakan here. This week's edition is going to be a short one about mistakes. Without those, it'd be a whole lot harder to do my job. When trying to...

Short newsletter item about one mistake from disinfo operations #Doppelgänger that makes it possible to tie together >100 domains

buttondown.com/readwrite/ar...

Everything is surveillance tech these days. It’s time to push back.