If you open the Microsoft Secure Score recommendations and try to accept a risk, your browser happily tells you Microsoft made a spelling mistake.
| Website | https://lolware.net/ |
| Github | https://github.com/technion/ |
| Age Key | https://lolware.net/age.txt |
Joshua Small
- 193 Followers
- 88 Following
- 1.6K Posts
Best use of Claude code in a pentest so far (could not surface this answer on Google).
/cc @wdormann
Javascript people falling over themselves to bundle megabytes of compat shims everywhere. Meanwhile, I have to say this is on of my favourite bits of code. Honestly, try it. The only people you'll break already can't use your website because your CSS never catered to them.
Will DormannThere's a new Windows 0day LPE that has been disclosed called BlueHammer. The reporter suggests that it's being disclosed due to how MSRC operates these days.
MSRC used to be quite excellent to work with.
But to save money Microsoft fired the skilled people, leaving flowchart followers.
I wouldn't be surprised if Microsoft closed the case after the reporter refused to submit a video of the exploit, since that's apparently an MSRC requirement now. 😂
Anyway, yeah, it works. Maybe not 100% reliably, but well enough...
I know people are rightfully concerned about the privacy and bloat here, the way logon forms are hammered by bots I'd implement it there myself if I could (and only on logon forms).
ChatGPT Won't Let You Type Until Cloudflare Reads Your React State. I Decrypted the Program That Does It.
Edit April 2, 2026: I've been getting inbound interest from researchers wanting to run their own queries. The MCP integration I use for my own research lets you analyze live mobile telemetry continuously collected from real devices in the wild, directly from Claude. To access it reach out at buchodi@
Kevin Beaumont
Someone's just published a very nice BYOVD exploit and I'm amazed I never heard more about this sort of thing.
What on earth is this Sharepoint outage update? "will illuminate the manifestation point" ?
