So far my #HomeAssistant instance had been running on the local subnet, behind the #Router's #Firewall and so was inaccessible from outside my house’s network. However, I’ve now got it onto the #Internet. Of course, there are inherent risks and potential problems with this if malicious actors want to crack the system and so I made sure that it’s only accessible as an #Encrypted connection via #HTTPS rather than #HTTP.

#GNU #Linux #FreeSoftware #HAOS

Laravel Lang Compromised with RCE Backdoor Across 700+ Versions

Community-maintained Laravel Lang packages were compromised with remote code execution backdoors affecting over 700 versions across multiple repositories including laravel-lang/lang, laravel-lang/http-statuses, laravel-lang/attributes, and laravel-lang/actions. The attack involved coordinated rapid tag publishing on May 22-23, 2026, suggesting organization-level credential compromise. A malicious helpers.php file was automatically executed via Composer's autoloader, deploying a sophisticated cross-platform information stealer. The second-stage payload systematically harvested credentials from cloud infrastructure, Kubernetes, CI/CD systems, browsers, password managers, cryptocurrency wallets, VPN clients, and local configurations. Stolen data was encrypted and exfiltrated to a command-and-control server. The backdoor employed advanced evasion techniques including TLS verification bypass, per-host execution markers, and embedded Windows executables to bypass Chrome encryption protections.

Pulse ID: 6a1187d92cdbfd79095008cd
Pulse Link: https://otx.alienvault.com/pulse/6a1187d92cdbfd79095008cd
Pulse Author: AlienVault
Created: 2026-05-23 10:56:25

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BackDoor #Browser #Chrome #Cloud #CyberSecurity #Encryption #HTTP #InfoSec #OTX #OpenThreatExchange #PHP #Password #RAT #RCE #RemoteCodeExecution #TLS #VPN #Windows #Word #bot #cryptocurrency #AlienVault

Got D3 rendering the charts. The design isn't set in stone, but I like it so far.

#GoLang #D3 #htmx #templ #HTTP

Working as intended so far. Main app and N probes start up and the app sends out info to each probe so it can go probe the endpoint, collect results, and report it back to the main app.

#GoLang #Docker #BuildInPublic #HTTP

This article originally appeared on The Fulcrum.

Welcome to this week’s The Programmer’s Fulcrum.

It’s your weekly curation of the essential news in the Open Media Network and Fediverse development communities with a focus on devastating big tech via Techno Anarchism.

As usual, we aim to provide actionable content you can use to destroy Techno Feudalism each week. It has the additional […]

Oh this is funny—check out http://vscode.com/

#vscode #miceosoft #visualstudio #visualstudiocode #code #coding #technology #website #http #example #test

Slumber a TUI HTTP Client

https://slumber.lucaspickering.me

#HackerNews #Slumber #TUI #HTTP #Client #HTTP #Client #Development #Open #Source #Tech #News

Can we please get rid of :// for denoting protocols?  Like it's fine to still support it, but how come : doesn't suffice? I hate having three forward slashes when I'm accessing a remote or virtual filesystem.

I love you GNOME but admin:/// is a travesty. 

EDIT: Actually, what about > ?  

https>cubhub.social and admin>/home/rusty

mostly because I like Matrix's @user:server.tld and matrix:@user:server.tld would like dumb but matrix>@user:server.tld would be pretty clutch  

#HTTP #GNOME #Linux #MatrixChat