Better Browser Caching With “No-Vary-Search”, by @csswizardry:

https://csswizardry.com/2026/05/better-browser-caching-with-no-vary-search/

#caching #httpheaders #http

Content-Type: human-made

Accept: genai-forbidden

I assume somebody already proposed something equiv?

#HTTP

Kazuar: Anatomy of a nation-state botnet

Kazuar is a sophisticated malware attributed to Russian state actor Secret Blizzard, having evolved from a traditional backdoor into a highly modular peer-to-peer botnet ecosystem. The malware comprises three distinct module types—Kernel, Bridge, and Worker—that distribute functionality across infected systems. A leadership election mechanism ensures only one Kernel module communicates externally, reducing detection opportunities. The architecture supports flexible configuration with over 150 options, multiple C2 channels including HTTP, WebSockets, and Exchange Web Services, and extensive data collection capabilities. Secret Blizzard primarily targets government, diplomatic, and defense organizations in Europe, Central Asia, and Ukraine to support Russian foreign policy and military intelligence objectives. The botnet maintains persistent access through sophisticated IPC mechanisms, staged data exfiltration during working hours, and comprehensive anti-analysis checks.

Pulse ID: 6a062c383bdae760fc221b6f
Pulse Link: https://otx.alienvault.com/pulse/6a062c383bdae760fc221b6f
Pulse Author: AlienVault
Created: 2026-05-14 20:10:32

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Asia #BackDoor #CentralAsia #CyberSecurity #Europe #Government #HTTP #InfoSec #Kazuar #Malware #Military #NATO #OTX #OpenThreatExchange #RAT #Russia #SMS #UK #Ukr #Ukraine #bot #botnet #AlienVault

HTTP requests (aka HTTP methods) are the verbs of the web: they define not only what a request does, but whether it is safe to repeat, safe from side effects, or reusable through caching.

Let’s review and compare different HTTP requests 😎👇

Find high-res pdf ebooks with all my DevOps related infographics at https://study-notes.org/devops-ebook.html

#http #devops #technology #networking #backend

iX-Workshop: API-Design und -Entwicklung mit HTTP, REST und OpenAPI

Lernen Sie, wie man effiziente und benutzerfreundliche APIs entwickelt, HTTP- und REST-Standards anwendet und standardisierte Referenzdokumentationen erstellt.

https://www.heise.de/news/iX-Workshop-API-Design-und-Entwicklung-mit-HTTP-REST-und-OpenAPI-11142307.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#API #HTTP #IT #iXWorkshops #Schnittstellen #Softwareentwicklung #news

Dear Friends of AI-Slop,

1) I get sent or confused by generated output. But sometimes it is #AI and horrific, dreamlike 20 minutes of distraction into a #cyberpunk world...
https://youtu.be/-Rzl7nUdEs4

2) Seems #innovativeCityDesign to me. Does it use previous work? Yes but it has been crafted. Will it or similar be moneterised? Probably eventually.
Watching many films, they are increasingly a combination of real talent and just like in the film a search for 'The Real' preferences of a new youngling world. A street level cheaper way into creating...  

3) Meanwhile your humble wetware 🦞 (ungenerated, unrepetant, soul based lobster - or me as I like to think I AM) is as usual on the outgoing side of the audience  

4) Anyway about to use my remaining days to doze and search for an oasis of a personal #HTTP #server on a #keydrive to broadcast about #Zion, ways to #revolt against Status Quo (the inventors of the air guitar and no real ability) and cyber-punkettes. Iz plan! 

Disclosing new PebbleDash-based tools

Kaspersky researchers conducted an in-depth analysis of Kimsuky APT activity, revealing tactical shifts and new malware variants based on the PebbleDash platform. The group introduced HelloDoor, a Rust-based backdoor, httpMalice leveraging HTTP and Dropbox communications, and updated MemLoad and httpTroy variants. Kimsuky maintains persistence through legitimate tools including VSCode Tunneling with GitHub authentication and DWAgent remote management software. Initial access occurs via spear-phishing with malicious attachments disguised as documents. The group primarily targets South Korean entities across government and defense sectors, with additional PebbleDash attacks observed in Brazil and Germany. Infrastructure relies on free South Korean hosting services and tunneling services like Cloudflare Quick Tunnels and Ngrok. Both PebbleDash and AppleSeed malware clusters demonstrate ongoing development with shared distribution methods, stolen certificates, and overlapping targets, indicating single-actor c...

Pulse ID: 6a05af0979e3cc1214a50d4e
Pulse Link: https://otx.alienvault.com/pulse/6a05af0979e3cc1214a50d4e
Pulse Author: AlienVault
Created: 2026-05-14 11:16:25

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#AppleSeed #BackDoor #Brazil #Cloud #CyberSecurity #Dropbox #Germany #GitHub #Government #HTTP #InfoSec #Kaspersky #Kimsuky #Korea #Malware #OTX #OpenThreatExchange #Phishing #RAT #Rust #SouthKorea #SpearPhishing #UK #bot #AlienVault

𝗠𝗼𝘁𝗿𝗶𝘅:

#DownloadManager #FTP #HTTP #BitTorrent #Motrix

https://thewhale.cc/posts/motrix

Motrix is a free, cross platform and open source full-featured download manager. Its design is clean and it supports downloading HTTP, FTP, BitTorrent, Magnet, Baidu Net Disk etc.

Waiting for Website Changes in the Browser

이 글은 Python 표준 라이브러리만 사용해 로컬 개발 환경에서 웹사이트 변경 감지 후 브라우저를 자동 새로고침하는 방법을 설명합니다. HTTP 롱 폴링 기법을 활용해 서버가 변경 신호를 받을 때까지 연결을 유지하고, 변경 발생 시 즉시 응답을 보내 브라우저가 빠르게 리로드되도록 구현합니다. ThreadingHTTPServer를 사용해 다중 브라우저 탭 지원과, 타임아웃 대응을 위한 204 응답 처리 및 재시도 로직도 포함되어 실용적인 라이브러리 없는 라이브리로드 서버 구축법을 제시합니다.

https://alexwlchan.net/2026/livereload-in-browser/

#python #http #longpolling #livereload #webdevelopment