Matthias Luft

@[email protected]
161 Followers
172 Following
228 Posts
Infosec Enthusiast & Practitioner. Opinions are my own. Pentest→Research→Leading→Security Engineering. Love Martial Arts, Outdoors, Dogs.
Websitehttps://www.rational-security.io/
Matthias LuftFeb 11
Windy cityFeb 11

They finally did it. Microsoft has successfully over-engineered a text editor into a threat vector.

This CVE is an 8.8 severity RCE in Notepad of all things lmao.

Apparently, the "innovation" of adding markdown support came with the ability of launching unverified protocols that load and execute remote files.

We have reached a point where the simple act of opening a .md file in a native utility can compromise your system. Is nothing safe anymore? 😭

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20841

#noai #microslop #microsoft #windows #programming #writing #windows11 #enshittification #cybersecurity #infosec #technology

Matthias LuftNov 7
Moved to @[email protected]Nov 7

Bonfire Social 1.0 is live! A federated, community‑first social network built on the modular Bonfire toolkit, and it’s only the beginning.

It's time to go beyond microblogging and build apps for community organising, open science, mutual aid, and collective decision‑making. Let's take back the internet with open protocols, consent‑based governance, and portability by design.

Back the “last migration” from closed platforms to open networks: https://www.indiegogo.com/projects/bonfire/community?refcode=FVxjqI1kLUOhHXxqyrS6-g

1/2

Matthias LuftApr 10, 2025

I didn't even think about this yet, but linting file- and directory names in project structures makes a lot of sense - and there is of course a tool for it:

https://ls-lint.org/

ls-lint

An extremely fast file and directory name linter - Bring some structure to your project filesystem

Matthias LuftApr 2, 2025

Alright AKS, pick a lane:

Kubenet: Pods receive IP from an overlay network. Retires March 2028

Azure CNI Standard: Pods receive IP from VNET

Azure CNI Overlay: Pods receive IP from an overlay network.

Matthias LuftApr 1, 2025

Great article on using GitHub as a workflow platform:

https://github.blog/engineering/issueops-automate-ci-cd-and-more-with-github-issues-and-actions/

Can absolutely recommend for security workflows and management as well!

IssueOps: Automate CI/CD (and more!) with GitHub Issues and Actions

A look into building IssueOps workflows on GitHub to do everything from CI/CD to handling approvals and more.

The GitHub Blog
Matthias LuftMar 31, 2025

Quite some #IngressNightmare #CVE-2025-1974 PoCs on GitHub now that look good at a cursory review:

https://github.com/hakaioffsec/IngressNightmare-PoC

https://github.com/yoshino-s/CVE-2025-1974/

https://github.com/Esonhugh/ingressNightmare-CVE-2025-1974-exps/

https://github.com/hi-unc1e/CVE-2025-1974-poc/

https://github.com/lufeirider/IngressNightmare-PoC

https://github.com/zwxxb/CVE-2025-1974

https://github.com/rjhaikal/POC-IngressNightmare-CVE-2025-1974

Quick note on exploits trying to use `nginx.ingress.kubernetes.io/server-snippet`: That annotation has been identified as an issue before and has been disabled to mitigate CVE-2021-25742.

GitHub - hakaioffsec/IngressNightmare-PoC: This is a PoC code to exploit the IngressNightmare vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974).

This is a PoC code to exploit the IngressNightmare vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974). - hakaioffsec/IngressNightmare-PoC

GitHub
Matthias LuftMar 28, 2025

I wrote up some details on exploiting #IngressNightmare #CVE-2025-1974:
www.averlon.ai/blog/kuberne...

Where are we at with releasing a full PoC?

Matthias LuftMar 18, 2025

Wow, GitHub not supporting IPv6 for Webhooks:

https://docs.github.com/en/webhooks/about-webhooks#about-webhooks-on-github

About webhooks - GitHub Docs

Webhooks provide a way for notifications to be delivered to an external web server whenever certain events occur on GitHub.

GitHub Docs
Matthias LuftDec 20, 2024
Lynnesbian Apr 10, 2020

in switzerland you aren't allowed to have a train with exactly 256 axles because of an integer overflow in the axle counting machine

i wish i could fix my software bugs by making it illegal to cause them

Matthias LuftDec 19, 2024

One long plane ride later and my cloud security knowledge base is finally transformed into a proper awesome-repo:

https://github.com/uchi-mata/awesome-cloud-security

There are lots of good cloud security knowledge collections out there, but maybe this is helpful for some 🙂

GitHub - uchi-mata/awesome-cloud-security: My collection of Cloud Security Resources

My collection of Cloud Security Resources. Contribute to uchi-mata/awesome-cloud-security development by creating an account on GitHub.

GitHub