LobstersStructured Primary Keys
Markus WinandPrimary keys should be neither surrogate nor natural.
https://modern-sql.com/de/blog/2026-06/strukturierte-primaerschluessel#per-parent-sequences
Habr«IT-Планета 2026»: задачи третьего этапа по PostgreSQL
В этом году мы вернулись к схеме, которую попробовали два года назад: в течение дня участники пишут и отлаживают SQL-запрос, делающий ходы в какой-то игре; ночью проводится турнир между итоговыми запросами претендентов и по сумме набранных очков определяется победитель. В отличие от традиционного набора задач с «правильными решениями», в таком формате участники не могут упереться в потолок набранных баллов, а напряжение держится до последнего. В позапрошлом году мы развлекались крестиками-ноликами , а сейчас выбрали гонки — в них, кстати, тоже можно играть в тетрадке в клетку. Погнали развлекаться
8 песочниц в браузере без Docker: как мы изолировали выполнение кода на клиенте
Как дать пользователю выполнять JavaScript, Python и SQL прямо в браузере и не пожалеть? Разбираем восемь песочниц: Web Worker для JS, Pyodide для Python, SQL.js для SQLite, iframe sandbox для HTML/CSS, DOMPurify для Markdown, самописный эмулятор Bash. Никаких Docker-контейнеров — только клиент.
https://habr.com/ru/articles/1051752/
#разработка #песочница #изоляция_кода #web_worker #webassembly #pyodide #sql #безопасность
И вновь уроки про deadlock-и
Многие из backend-разработчиков получали ошибки с неприятным содержанием, суть которого можно описать двумя словами: deadlock detected . Эти ошибки коварные. Возникают они там, где их не ждёшь, отладочной информации крайне мало или вообще нет, и для их решения необходимо глубокое понимание архитектуры как самого запроса и метода, из которого он вызвался (или методов, возможно, чужих...), так и архитектуры самой СУБД. Поэтому часто у таких ошибок либо переносится срок, либо попытки их исправить приводят к тому, что они возвращаются снова и снова. А deadlock-и так никуда и не исчезают...
Tommi 🤯 🔜 DWeb CampI have been having trouble with #Ghost on #YunoHost, and it has been causing me headaches for weeks.
I cannot upgrade to any version after 6.22.1~ynh1, but I must, because there are critical vulnerabilities patches in following versions.
Can anyone please help or give me tips on how to troubleshoot this? Here is the GitHub issue I opened about it.
Thank you in advance 🌻
Cc: @yunohost
#sysAd #Linux #database #MariaDB #MySQL #SQL #systemAdministration #server #selfHosting #techSupport #help
Jobs for DevelopersRoblox is hiring Senior Risk Data Analyst
🔧 #python #sql #seniorengineer
🌎 San Mateo, California
⏰ Full-time
🏢 Roblox
Job details https://jobsfordevelopers.com/jobs/senior-risk-data-analyst-at-roblox-com-jan-12-2026-7b6cd1?utm_source=mastodon.world&utm_medium=social&utm_campaign=posting
#jobalert #jobsearch #hiring
Andrew ArmstrongSCCM - Create a device collection based on Exchange Server role | https://techygeekshome.info/sccm-create-a-device-collection-based-on-exchange-server-role/?fsp_sid=47231 | #Exchange #Guide #Microsoft #Query #SCCM #SQL
https://techygeekshome.info/sccm-create-a-device-collection-based-on-exchange-server-role/?fsp_sid=47231
https://techygeekshome.info/sccm-create-a-device-collection-based-on-exchange-server-role/?fsp_sid=47231
robrichhttps://www.linkedin.com/posts/jolandadekoff_ethicalhacking-cybersecurity-infosec-share-7465011800669974528-0U99/ - "A #SQL injection vulnerability in #GhostCMS has turned Harvard University, Oxford University, and DuckDuckGo into malware distribution platforms." #Claude was pointed at Ghost CMS because "it had never had an unauthenticated critical vulnerability in its history. Ninety minutes later, Claude had found a blind SQL injection in Ghost's Content API and pulled the admin API key straight out of the database."
#ethicalhacking #cybersecurity #infosec #ghostcms #sqlinjection #clickfix #cve #malware #websecurity #threatintelligence | Jolanda de Koff
A SQL injection vulnerability in Ghost CMS has turned Harvard University, Oxford University, and DuckDuckGo into malware distribution platforms. Visitors arrive at a page they trust completely, a fake Cloudflare verification prompt appears, and their machine gets infected if they follow the instructions. More than 700 sites. Software that had never had an unauthenticated critical vulnerability in its entire history When Anthropic released Opus 4.6, they had Nicholas Carlini point Claude at a set of open-source projects to see what it would turn up. He picked Ghost because it had never had an unauthenticated critical vulnerability in its history. Ninety minutes later, Claude had found a blind SQL injection in Ghost's Content API and pulled the admin API key straight out of the database. Anthropic told Ghost on February 16. Three days later, on February 19, the patch was out. In March, he stood on stage at the [un]prompted conference in San Francisco and showed the room what Claude had just done. He described what he had witnessed as terrifying The vulnerability is CVE-2026-26980, rated CVSS 9.4 Critical The compilation timestamp on the DLL file found inside the attack campaign is February 16, 2026. That is the day Ghost published their security advisory to GitHub, three days before the public CVE disclosure on February 19 This was not a targeted attack. It was a fully automated pipeline scanning every unpatched Ghost site on the internet, pulling the admin key automatically, rewriting every article on every compromised site, and delivering whatever payload the attacker wanted. At least two separate attack groups were running this campaign simultaneously By May 17, XLab had confirmed more than 700 compromised domains → Personal blogs and independent sites: 368 (48.1%) → Software development, SaaS, and tech blogs: 113 (14.8%) → AI and machine learning sites: 35 (4.6%) → Education and academia: 21 (2.7%) → Security and cybersecurity research sites: 11 (1.4%) Indicators of compromise: → C2 domain, first wave: clo4shara[.]xyz → C2 domain, second wave: com-apps[.]cc → Final payload C2: web-telegram[.]ug → installer.dll hash, first wave: MD5 5659292833ec421da11ebde005d9c9a8 If you run a self-hosted Ghost site: → Update to Ghost 6.19.1 or later right now → Rotate all Admin API keys after updating, even if the site looks completely clean → Check article content at the database level, not through the Ghost editor interface → Ghost Pro users are not affected. Ghost manages updates on that platform Every one of those techniques is covered in my ethical hacking course: → https://lnkd.in/ebs6AY7K Research & writing: Jolanda de Koff Sharing is fine. Copying without credit is not Full breakdown → https://lnkd.in/e3nVqpQA #EthicalHacking #CyberSecurity #InfoSec #GhostCMS #SQLInjection #ClickFix #CVE #Malware #WebSecurity #ThreatIntelligence
airankedSQL Parser Optimization
Rewrite SQL parser 70x faster without sacrificing maintainability
