I’m no longer employed by Red Hat.

As a result, any projects I maintained there as part of that employment should no longer be considered maintained by me, whether in that former capacity or otherwise.

Because those projects were solely maintained by me, they may now fall into an unmaintained state unless other community members step in. I am not available to maintain, review, or support them in any capacity for the foreseeable future.

For context read https://blogs.gnome.org/chergert/2026/02/06/mid-life-transitions/

Just noting, for the benefit of people who are pointing out that Hungary's PM-elect isn't some sort of progressive saint:

1. Yeah, his party is centre-right, but it's also the furthest left of the parties with seats in the new parliament.

2. Winning a two-thirds majority in a system designed to disadvantage opposition parties is a seismic shift.

3. Look back over the last century-and-a-bit of Hungarian history and you'll see the red-rag Left doing many horrible things which have not been forgotten. You'll also see the interwar fascism of the Horthy "regency" and maybe you'll agree that Hungary can have a bit of near-centrism, as a treat.

So, this is where us outsiders sit back and shut up and watch as an antidemocratic system is brought back to something resembling normality.

There is at least one Adobe Reader 0day being exploited in the wild:
https://justhaifei1.blogspot.com/2026/04/expmon-detected-sophisticated-zero-day-adobe-reader.html

TL;DR: One 0day is being used to simply communicate details to a C2 server to get further commands. Specifically, there is a vulnerability that allows reading arbitrary local files using Reader JavaScript. In this case, ntdll.dll and friends, so that the C2 knows specifically what version of Windows the victim is running.

Nobody knows what secondary payload the C2 is delivering to selected targets. But it's a direct pipeline to allow the C2 to run arbitrary JavaScript on the victim system.

So I'll bet dollars to donuts that there is a second more powerful vulnerability that the attackers have up their sleeves. Or at the very least, the same vulnerability that allows the privileged file read might be able to be leveraged to do something nasty. And the whole AES-encrypted C2 stuff is merely to not put the payload statically in the exploit PDF, allowing a dynamic payload for any given target.

Edit: This is now fixed as CVE-2026-34621.

# WireGuard VPN developer can't ship software updates after Microsoft locks account

I should be surprised if Windows will ever be suitable outside niche hobbyist communities with this kind of unreliable behaviour.

Real users need consistency and stability.

https://techcrunch.com/2026/04/08/wireguard-vpn-developer-cant-ship-software-updates-after-microsoft-locks-account/

Spotted in my RSS feeds: ByeDoom. “Add any public account from Instagram, Facebook, Threads, X, TikTok or YouTube to quickly get a feed for your favorite reader.”

There's a new Windows 0day LPE that has been disclosed called BlueHammer. The reporter suggests that it's being disclosed due to how MSRC operates these days.

MSRC used to be quite excellent to work with.
But to save money Microsoft fired the skilled people, leaving flowchart followers.
I wouldn't be surprised if Microsoft closed the case after the reporter refused to submit a video of the exploit, since that's apparently an MSRC requirement now. 😂

Anyway, yeah, it works. Maybe not 100% reliably, but well enough...

The idea that Office 365 is compliant for use in any regulated space is *absolutely laughable*, but apparently the reason GCC High is approved for government use is because the government let agencies use it while they were evaluating it, and then realized so many agencies were now dependent on it, that they had to approve it even though it wasn't able to actually meet the security criteria.

https://arstechnica.com/information-technology/2026/03/federal-cyber-experts-called-microsofts-cloud-a-pile-of-shit-approved-it-anyway/

#microsoft