sayzardLee Robinson (@leerob)
Cursor SDK를 활용해 로컬에서 어떤 모델이든 연결한 해킹 가능한 에이전트를 만들 수 있고, 관리형 클라우드 에이전트 위에 제품도 배포할 수 있다는 소개입니다. 하네스, 샌드박싱, 컴퓨터 사용, 데모 영상, GitHub 연동 등을 처리해 개발 편의성을 높입니다.
9to5Linux [Unofficial]Flatpak 1.16.4 Linux App Sandboxing Framework Brings Important Security Fixes
GTech BoosterFlutterwave update to Transfers Rates API goes into effect on 8th April
#Payments #API #Flutterwave #Sandboxing #Update
https://gtechbooster.com/flutterwave-update-to-transfers-rates-api-goes-into-effect-on-8th-april/?fsp_sid=1151
#Payments #API #Flutterwave #Sandboxing #Update
https://gtechbooster.com/flutterwave-update-to-transfers-rates-api-goes-into-effect-on-8th-april/?fsp_sid=1151
Mathieu VirbelLinux + greywall: read .env, substitute placeholders live, write temp file, bind-mount into sandbox. Agent sees zero friction.
macOS? No bind mount. sandbox-exec doesn't support it. Looking at FUSE.
A malicious LiteLLM package landed on PyPI with a solid plan: steal credentials, exfiltrate them, pivot through Kubernetes. Only problem? A bug in the payload caused it to fork-bomb itself on every Python subprocess. It never got past step one.
We walked through what would have happened if the malware had actually worked, and how sandboxing stops each stage. greyhaven.co/insights/how-greywall-prevents-every-stage-of-the-litellm-pypi-supply-chain-attack
#supplychainattack #sandboxing #infosec
We walked through what would have happened if the malware had actually worked, and how sandboxing stops each stage. greyhaven.co/insights/how-greywall-prevents-every-stage-of-the-litellm-pypi-supply-chain-attack
#supplychainattack #sandboxing #infosec
If you're sandboxing with Bubblewrap/namespaces, are you bind-mounting /run read-only? Docker, Podman, and libvirt sockets live in /run (or /var/run symlinked to /run), and Unix socket connections bypass read-only restrictions. #linux #sandboxing #greywall
Turns out GVFS can route file ops through D-Bus, bypassing Landlock entirely. Fixed it in greywall today. Still figuring out how many IPC tunnels are hiding in a standard Linux session. #sandboxing
Hacker NewsFreeBSD Capsicum vs. Linux Seccomp Process Sandboxing
https://vivianvoss.net/blog/capsicum-vs-seccomp
#HackerNews #FreeBSD #Seccomp #Sandboxing #Capsicum #Linux #Security
N-gated Hacker News👀 So, here's 18 minutes of pure geeky bliss where we pretend #sandboxing is as thrilling as bungee jumping. 🏗️ Let's endlessly list things like namespaces, #cgroups, and #gVisor while forgetting that 99% of readers are now asleep. 😴 Keep your kernels close, folks, because apparently, they’re the rockstars of this yawn-fest. 🎸
https://www.shayon.dev/post/2026/52/lets-discuss-sandbox-isolation/ #geekybliss #techhumor #HackerNews #ngated
https://www.shayon.dev/post/2026/52/lets-discuss-sandbox-isolation/ #geekybliss #techhumor #HackerNews #ngated
HabrЗаметки на полях: Изолируем Lua окружение в C++ приложении. Часть 3/3
В прошлый раз мы с вами остановились на том, что на всякую хитрую резьбу в виде ограничений на загрузку функционала библиотек и сторонних модулей, а также изоляции скриптов внутри разрешённых путей найдётся свой болт, в лице возможностей самого языка, которые позволяют осознанно или в силу кривизны рук свести на нет все наши усилия сохранить стабильность. В этой части разберём как из букв 'О', 'П', 'Ж' и 'А' while true do end ...составить слово "СЧАСТЬЕ".
https://habr.com/ru/articles/991960/
#c++ #lua #разработка_игр #песочницы #sandboxing #изоляция_ресурсов #скриптовые_языки
