Link Sharing

Link Sharing

IonStack part II: GhostLock, a stack-UAF that has existed in ALL Linux distributions for 15 years
IonStack part II: GhostLock, a stack-UAF that has existed in ALL Linux distributions for 15 years
GhostLock (CVE-2026-43499) is a Linux kernel vulnerability found by VEGA that exists in every major distribution since 2011. Triggering the bug does not require any special kernel config or privilege. By turning it into a 97% stable privilege escalation and container escape, Google has rewarded us $92,337 in kernelCTF. This writeup covers the technical details of the exploit.
·nebusec.ai·
IonStack part II: GhostLock, a stack-UAF that has existed in ALL Linux distributions for 15 years
SK Hynix CEO sees worst memory shortage in 2027, demand to outstrip supply beyond 2030
SK Hynix CEO sees worst memory shortage in 2027, demand to outstrip supply beyond 2030
SK Hynix Chief Executive Kwak Noh-jung said the global memory industry is heading for its worst-ever supply shortage ​in 2027, forecasting that demand for memory will continue to exceed the company's ability to produce it well into the next decade despite aggressive capacity expansion.
·reuters.com·
SK Hynix CEO sees worst memory shortage in 2027, demand to outstrip supply beyond 2030
Who does Anubis actually stop?
Who does Anubis actually stop?
I have been working on a patch to the Linux kernel to support $ORIGIN for the interpreter (PT_INTERP) via bpf in binfmt_misc [thread].
·fzakaria.com·
Who does Anubis actually stop?
ClickHouse on Docker Hardened Images | ClickHouse
ClickHouse on Docker Hardened Images | ClickHouse
ClickHouse is now available as a Docker Hardened Image: a minimal, security-hardened build that passes enterprise vulnerability scans by shipping only what the database needs to run, with no change to how ClickHouse behaves.
·clickhouse.com·
ClickHouse on Docker Hardened Images | ClickHouse
JustVugg/colibri: Run GLM-5.2 (744B MoE) on a 25GB-RAM consumer machine — pure C, zero deps, experts streamed from disk. Tiny engine, immense model. 🐦
JustVugg/colibri: Run GLM-5.2 (744B MoE) on a 25GB-RAM consumer machine — pure C, zero deps, experts streamed from disk. Tiny engine, immense model. 🐦
Run GLM-5.2 (744B MoE) on a 25GB-RAM consumer machine — pure C, zero deps, experts streamed from disk. Tiny engine, immense model. 🐦 - JustVugg/colibri
·github.com·
JustVugg/colibri: Run GLM-5.2 (744B MoE) on a 25GB-RAM consumer machine — pure C, zero deps, experts streamed from disk. Tiny engine, immense model. 🐦
Ways to think about token pricing — Benedict Evans
Ways to think about token pricing — Benedict Evans
AI is in a supply crunch today, but what happens when we come out of it? How and where will supply, demand, price, capacity and capex get back into equilibrium? Today, model labs can name their price, but why won’t they end up as low-margin commodity infrastructure?
·ben-evans.com·
Ways to think about token pricing — Benedict Evans
Samsung chip division's single-year profits beat its past 40 years of profits, combined, due to increased memory and storage prices — Samsung passes Nvidia to become most profitable company in the world, notches 19x quarterly increase in profit
Samsung chip division's single-year profits beat its past 40 years of profits, combined, due to increased memory and storage prices — Samsung passes Nvidia to become most profitable company in the world, notches 19x quarterly increase in profit
DS president Kim Yong-Kwan told staff the unit's 2026 operating profit will top everything it has earned since Samsung entered the memory business.
·tomshardware.com·
Samsung chip division's single-year profits beat its past 40 years of profits, combined, due to increased memory and storage prices — Samsung passes Nvidia to become most profitable company in the world, notches 19x quarterly increase in profit
Rotating Postgres Credentials Without Dropping a Single Connection in Node.JS
Rotating Postgres Credentials Without Dropping a Single Connection in Node.JS
Credential rotation is a compliance requirement (PCI DSS, SOC 2, HIPAA) that most teams treat as a downtime event. Here is how to rotate postgres passwords in a Node.js application without restarting a single process or dropping a single connection.
·the-practical-developer.online·
Rotating Postgres Credentials Without Dropping a Single Connection in Node.JS
GitLost: How We Tricked GitHub’s AI Agent into Leaking Private Repos - Noma Security
GitLost: How We Tricked GitHub’s AI Agent into Leaking Private Repos - Noma Security
TL;DR: Noma Labs discovered a critical prompt injection vulnerability within GitHub’s new Agentic Workflows, allowing an unauthenticated attacker to silently pull data from private repositories by posting a crafted GitHub Issue in a public repository belonging to the same organization as the private repositories. Noma Labs named the vulnerability GitLost.    Introduction GitHub recently launched […]
·noma.security·
GitLost: How We Tricked GitHub’s AI Agent into Leaking Private Repos - Noma Security
GitHub Has Restricted Access to Star Data
GitHub Has Restricted Access to Star Data
GitHub is restricting its stargazers API to a repository's admins and collaborators, which breaks star history for repos you don't own. Here's what happened and what we're doing.
·star-history.com·
GitHub Has Restricted Access to Star Data