Miod VallatHere is your last #OpenBSD story before the summer break: that one time OpenSSH was used in a supply-chain attack, before that expression was even coined.
| Homepage | https://0xdeadbeef.info |
| GitHub | https://github.com/0xdea |
raptor
- 2.8K Followers
- 83 Following
- 6.6K Posts
When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl.
Will DormannIn fact, we can try the OG YellowKey exploit on a Win11 25H2 system with KB5094126 installed. We should be protected, right?
Get real. If only KB5094126 (which is cumulative, as all Patch Tuesday updates are since 2015, and clocks in at 4.75GB) is installed, then Windows will still be vulnerable to YellowKey.
Did Microsoft attempt to fix YellowKey or bitskrieg? Nobody outside of Microsoft knows. MSRC publications don't say what they fix in any meaningful way. You just install all the updates and hope for the best.
Do we need to worry about this? No, not really. Having a stock Win11 25H2 system and installing only KB5094126 is not something you'd likely see in the real world. People generally install all of the updates.
And a Win11 with all of the updates through June will not allow Command Prompt to be directly entered via WinRE if Bitlocker is enabled for the OS disk.
If it's not KB5094126, which update fixes WinRE so that you can't get to Command Prompt directly? I have no clue. And I definitely don't have the time or patience to figure it out. If you really want to know, take it up with Microsoft.
Slashdot 
Visa Plugs Its Payment Network Into ChatGPT https://news.slashdot.org/story/26/06/10/2030213/visa-plugs-its-payment-network-into-chatgpt?utm_source=rss1.0mainlinkanon
Visa Plugs Its Payment Network Into ChatGPT - Slashdot
Visa is integrating its payment network with ChatGPT so AI agents can shop and complete purchases on users' behalf. "It means AI agents can not only recommend products but complete the purchase on the user's behalf, at potentially any merchant that accepts Visa," reports the Associated Press. "The p...
DEY!
JA WestenbergYou can care about nutrition and still eat cake at a birthday party.
You can be disciplined and still be fun.
Don’t confuse self-improvement with self-surveillance.
Don’t confuse certainty with wisdom.
And don’t confuse being a dick with courage.
Dr. Christopher KunzThe simplest of all possible modifications to the original RoguePlanet.cpp (literally interchanging two letters in the source code) defeats the detection and re-enables the exploit in current, fully patched Windows 11 with Definition Update 1.453.20.0 installed.
David Chisnall (*Now with 50% more sarcasm!*)I employ a two-pronged defence against phishing:
First, I am so behind on reading my email that, by the time a phishing message actually gets read, the original scammers have probably had their site taken down, or maybe died of old age.
Second, I don’t know any of my passwords and, if your domain doesn’t match, my password manager won’t fill them, and I’m much too lazy to fill them manually, so will probably just close the window. If it looks important, I’ll flag the email and come back to it eventually. Maybe.
buheratorAdded some new entries to avpwn, including the CVE-2026-41091 Defender LPE from this Patch Tuesday:
https://github.com/v-p-b/avpwn
https://github.com/v-p-b/avpwn
[RSS] RoguePlanet, a quick history
https://deadeclipse666.blogspot.com/2026/06/rogueplanet-quick-history.html
https://deadeclipse666.blogspot.com/2026/06/rogueplanet-quick-history.html
FCC Wants To Kill Burner Phones By Forcing Telecoms To Get All Customers' IDs https://yro.slashdot.org/story/26/06/09/2026231/fcc-wants-to-kill-burner-phones-by-forcing-telecoms-to-get-all-customers-ids?utm_source=rss1.0mainlinkanon
FCC Wants To Kill Burner Phones By Forcing Telecoms To Get All Customers' IDs - Slashdot
An anonymous reader quotes a report from 404 Media: The Federal Communications Commission (FCC) wants to make it effectively impossible for people to buy what many call burner phones -- a phone not explicitly linked to your identity at the point of purchase -- which would impact privacy-conscious pe...