Tootfinder

FreeBSD bug 290024 – FreeBSD Installer live system: pkg: POST-INSTALL script failed (files such as dconf, indexinfo, xmlcatmgr not found)
<https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=290024>
Cc @…

Security — 15 comment bubble on white
Cryptographers engage in war of words over RustSec bug reports and subsequent ban
Rust security maintainers contend Nadim Kobeissi's vulnerability claims are too much
🦀 https://www.theregister.com/2026/03/20/cry

Cryptographers engage in war of words over RustSec bug reports and subsequent ban
: Rust security maintainers contend Nadim Kobeissi's vulnerability claims are too much

Microsoft says bug causes Copilot to summarize confidential emails
https://www.bleepingcomputer.com/news/microsoft/microsoft-says-bug-causes-copilot-to-summarize-confidential-emails/

Microsoft says bug causes Copilot to summarize confidential emails
Microsoft says a Microsoft 365 Copilot bug has been causing the AI assistant to summarize confidential emails since late January, bypassing data loss prevention (DLP) policies that organizations rely on to protect sensitive information.

We need id for vulnerabilities on online services. Documenting is critical.
#cybersecurity #vulnerability

Microsoft says bug causes Copilot to summarize confidential emails
Microsoft says a Microsoft 365 Copilot bug has been causing the AI assistant to summarize confidential emails since late January, bypassing data loss prevention (DLP) policies that organizations rely on to protect sensitive information.

Gvc:ERROR:../gvc-mixer-stream.c:535:gvc_mixer_stream_get_port: code should not be reached
David attenborough's voice: and unsurprisingly the bug appeared in its natural environment and the code was actually reached.
#gnome #bug

16-year-old Safari bug to ignore `text-transform` on text copy:
https://bugs.webkit.org/show_bug.cgi?id=43202
Today, there’s a PR to address it:

Fed agencies ordered to patch Dell bug by Saturday after exploitation warning https://therecord.media/fed-agencies-ordered-to-patch-dell-bug-after-exploitation-warning

Exhibit #5356765336895 in "nobody hand-rolls anything related to cryptography correctly, even when they at least try to use tested, trusted algorithms."

🇺🇦 #NowPlaying on KEXP's #DriveTime
Fontaines D.C.:
🎵 Bug
#FontainesDC
https://holdoholdoholdo.bandcamp.com/track/fontaines-d-c-bug-holdo-remix
https://open.spotify.com/track/0MXmiqd7zoXxv6Gqn9ahhQ

Don't miss today's packed Metacurity for the most critical infosec developments you need to know, including
--DOGE workers shared SSN data with outsiders, derailed DISA operations,
--UK launches national fraud reporting service,
--China blames Taiwan for cyberattacks,
--EU proposes freezing out Chinese tech suppliers,
--New Zealand launches Manage My Health breach probe,
--Curl ends its bug bounty program due to AI flood,
--Cloudflare fixes WAF…

DOGE workers shared SSN data with outsiders, derailed DISA operations
UK launches national fraud reporting service, China blames Taiwan for cyberattacks, EU proposes freezing out Chinese tech suppliers, New Zealand launches Manage My Health breach probe, Curl ends its bug bounty program due to AI flood, Cloudflare fixes WAF flaw, much more

@…
Ich hatte mal einen ähnlichen Fall bei UPC (später Sunrise). Ich kann mir vorstellen dass das irgend ein Bug/Prozessproblem bei deinem Anbieter ist. Wahrscheinlich können die Mitarbeiter mit denen du telefonierst auch nicht viel machen. Da ich es tatsächlich geschafft habe bei Sunrise zu künden, ein Tipp: Frag bei deinem neuen Anbieter um Hilfe falls es Wechs…

Microsoft confirms a bug that let Microsoft 365 Copilot summarize confidential emails from Sent Items and Drafts folders, and deployed a fix in early February (Sergiu Gatlan/BleepingComputer)
https://www.bleepingcomputer.com/news/micr

I am guessing no one here can confirm or deny this #java #JVM crash-on-keystore-decrypt which, if true, is a VERY SERIOUS BUG that could not be trusted in a production environment, and then has gone unfixed for decades? That does not seem very likely, does it?
As it is, keytool says there is nothing wrong with my keystore or its password, and watching the process launch I see after the init, it sits, idle, a few seconds later its Time value in top only increments the millisecs, and within a minute, it is gone, voom, not a trace in any logs as to why.
I do, truly, LOATH this technology. It is so fucking fragile; a life-sentence for the sr developers and sysadmins in production systems (that's why they often don't get holidays)

Plasma: high CPU usage whilst the screen is locked
<#FreeBSD

🇺🇦 Auf radioeins läuft...
Fontaines D.C.:
🎵 Bug
#NowPlaying #FontainesDC
https://holdoholdoholdo.bandcamp.com/track/fontaines-d-c-bug-holdo-remix
https://open.spotify.com/track/0MXmiqd7zoXxv6Gqn9ahhQ
Schon gewusst❓
Wenn Du einen Beitrag des Bots ⭐ FAVORISIERST, erfährt das nur der Bot - nicht Deine FollowerInnen.
Wenn Du einen Song weitererempfehlen möchtest, dann 🔁 TEILE ihn❗

The latest Finder bug is that I have windows open that I can move around but can no longer select the files in the window. I also cannot close, or maximize or minimize the window.
I have four of them jammed into the lower edge of the screen for now until I reboot. (Current uptime is 22 days.)
#macOS #apple

#heiseshow: KI auf Bug-Suche, Kernkraft-Comeback, Homeoffice in der Energiekrise
In der #heiseshow: KI findet Firefox-Bugs schneller als Menschen, von der Leyen bereut den Atomausstieg und Homeoffice als Reaktion auf Energiekrisen.

Jeremy Keith found a `<datalist>` bug in iOS 26:
https://adactio.com/journal/22360
I confirmed it affects iPadOS 26.2:
https://

I guess this video is one of my official flops. But I still think it would be funny if AMD received a handful of respectful bug reports on this issue 😀
No FSR 4 on RDNA 2 or 3? Send a Bug Report!
https://www.youtube.com/watch?v=_PsjkpgMWI0

@… I double checked, it seems that Kubuntu uses less CPU when the screen is locked.
If you can discover why your Void uses more (not less), maybe you'll find a report of a bug that's not yet fixed in whatever versions of stuff that you use.
I did check for an upstream bug before making the report in Bugzilla for FreeBSD. I suspect that 29382…

Bugs were supposed to be the future of food. Now, the insect farming industry is collapsing.

“We have to get used to the idea of eating insects.”
This proclamation came from, of all people, an insect researcher. Dutch entomologist Marcel Dicke pitched eating bugs in his 2010 TED talk as critical to sustainably feeding a growing human population, because insects have a much smaller carbon footprint than beef, pork, and chicken.
Spoiler alert: We di…

Bugs were supposed to be the future of food. Now, the insect farming industry is collapsing. 
How the frenzy over farming insects for food went bust.

🇺🇦 #NowPlaying on KEXP's #VarietyMix
Sudan Archives:
🎵 A BUG'S LIFE
#SudanArchives
https://sudanarchives.bandcamp.com/track/a-bugs-life
https://open.spotify.com/track/1D7qrNAEbZ0G4oR6YZTvFK

Don't miss today's Metacurity which is jam-packed with a host of intense cybersecurity developments, including
--Texas AG sues TP-Link, saying it allowed the CCP to hack routers,
--A hacker gained access to a French national bank database with 1.2m accounts,
--Microsoft 365 Copilot bug summarized confidential emails,
--DEF CON bans Epstein's hacking associates,
--Deutsche Bahn operations disrupted by cyberattack,
--Polish army bans Chinese cars,…

Texas AG sues TP-Link, saying it allowed the CCP to hack routers
A hacker gained access to a French national bank database with 1.2m accounts, Microsoft 365 Copilot bug summarized confidential emails, DEF CON bans Epstein's hacking associates, Deutsche Bahn operations disrupted by cyberattack, Polish army bans Chinese cars, much more

🇺🇦 #NowPlaying on #BBC6Music's #DebGrant
Wax Head:
🎵 Bug Doctor
#WaxHead
https://waxhead1.bandcamp.com/track/bug-doctor
https://open.spotify.com/track/50lVuRoIw1cmIQRRpFErRw

Oh, Jings, my own execution traces are REALLY hard to read. It's my own fault: these are my traces in my software, there's no-one else to blame, but...
#Lisp

Maybe this is interesting regarding AI-features, translations, Mozilla Firefox, AI hallucinations... https://bugzilla.mozilla.org/show_bug.cgi?id=2021766

There is a bug in this 3rd party API that declares a payload to fail their validation checks in a false positive way BUT ALSO fails to report what the alleged validation errors are.
And of course, there are none, so I've now spent days in a logical lockpicking manner, brute force trial and error to rule out various possibilities.
And, just now, I got it. 🎉 It's a workaround, but it'll do. I've reported the bug and they acknowledge it, but no timetable for a fix. …

Here we go again! Tripped over it when short-living cron job was unable to connect to the database.
https://github.com/k3s-io/k3s/issues/947

Network policy enforcement is delayed · Issue #947 · k3s-io/k3s
Version: k3s version v0.10.0 (f9888ca3) Describe the bug There appears to be period of time (<1 minute) after a pod is started during which applicable network policies are not enforced. To Reproduc...

Ooo. The plot thickens.
What does printf("%c", '\0') do?
Answer: output a character of value 0.
What should printf("%lc", (wint_t)L'\0') do?
Answer: output nothing.
That's because %lc is *defined* to be equivalent to %ls with a two-element wchar_t array, the first holding the wint_t parameter (cast to a wchar_t) and the second a null wide character. If I'm right, then glibc has a bug here.

Many years ago I was working with a friend to find a bug in a Makefile generator. We had a megabyte or so of Makefile we needed to examine. He was an emacs user. It took him minutes just to open the file. I was using sam. It took about a second for sam to load, and I found the problem before he'd even finished loading the file.
The speed of tools matters, and big files are common nowadays. Things should stay fast as their workload grows. That goes double for interactive tools.
By the way, it still takes me 30 seconds to log in to my bank. I wonder how long it will take when it's an LLM-generated landing page.
https://phanpy.social/#/hachyderm.io/s/115891592999188880

The codeberg.org homepage (for logged out users) appears in English, no matter which language is selected #bug @…

The Linux Foundation announces $12.5M in total grants from Google and others to help FOSS maintainers cope with the influx of AI-generated security findings (Simon Sharwood/The Register)
https://www.theregister.com/2026/03/18/linux_foundation_ai_slop_defense/

Linux Foundation kicks off effort to shield FOSS maintainers from AI slop bug reports
: Big Tech donates $12.5 million to get things rolling

Nuke bug of the day: Nuke's color pipeline breaks with completely nonsensical errors whenever you add the keyword "default_view_transform:" to your OCIO configuration. That's really weird because it doesn't really do anything color-related except define which value the viewer should be set to initially.
#Nuke

apparently Tailscale fixed a bug that I considered a feature

@… @… excellent!
A fix for single user mode with csh/tcsh would be nice:
<https:/…

🇺🇦 Auf radioeins läuft...
Fontaines D.C.:
🎵 Bug
#NowPlaying #FontainesDC
https://holdoholdoholdo.bandcamp.com/track/fontaines-d-c-bug-holdo-remix
https://open.spotify.com/track/0MXmiqd7zoXxv6Gqn9ahhQ

I think I found a Node.js bug! https://github.com/nodejs/node/issues/61385

In the end, the Guide concluded that Sol-3 was another datapoint in resolving the Fermi Paradox, revising the Drake Equation L down further.
Ford's notes read "mostly harmless" but Arthur found a Dick's Burgers napkin in a glovebox, with a scribbled note saying "the self-fulfilling DFPC is a particularly nasty bug."
"What's DFPC?", Arthur asked.
"Dark Forest Pareidolaic Collapse", said Zaphod.
"We see faces in t…

“Time and energy that is completely wasted while also hampering our will to live.”
I can relate.
https://daniel.haxx.se/blog/2026/01/26/the-end-of-the-curl-bug-bounty/

The end of the curl bug-bounty
tldr: an attempt to reduce the terror reporting. There is no longer a curl bug-bounty program. It officially stops on January 31, 2026. After having had a few half-baked previous takes, in April 2019 we kicked off the first real curl bug-bounty with the help of Hackerone, and while it stumbled a bit at first … Continue reading The end of the curl bug-bounty →

Hey @… can I request attention towards:
https://bugs.kde.org/show_bug.cgi?id=515271
I like

Yes siree, never a shortage of critical cybersecurity news, so check out today's Metacurity for the most important developments you should know, including
--Anthropic case puts courts at center of fight over AI supply chain authority,
--Iran officials tied to cyber ops killed in airstrikes,
--Bennett and Brassard win Turing Award,
--Japan to allow offensive operations starting Oct. 1,
--Tech giants pledge to help open source with AI bug surge,
--Apple p…

Anthropic case puts courts at center of fight over AI supply chain authority
Iran officials tied to cyber ops killed in airstrikes, Bennett and Brassard win Turing Award, Japan to allow offensive operations starting Oct. 1, Tech giants pledge to help open source with AI bug surge, Apple patches WebKit flaw, Chinese hacker group steals $7m posing as a cyber firm, much more

bug fixes and improvements

#Steady-#Klimacrew
#Datenanalyse von #Stromspeicher​n: Warum tauchten manche #Pumpspeicherkraftwerke

Stromspeicher: Das Rätsel um die Pumpspeicherdaten
Fehlerhafte Stromspeicher-Daten im Marktstammdatenregister? So wurde der Bug bei Pumpspeicherkraftwerken entdeckt und behoben.

I couldn't find a corresponding bug report. And in case its relevant, my photoprism runs on a Synology NAS (Build 251130-b3068414c)
@…

@… Spannend wird es auf jeden Fall. Deine Erfahrungen mit dem Millennium Bug sind sehr wertvoll. Wird sicher auch ein Thema werden.

Git gurus: suppose I have a complex repository structure containing multiple levels of submodules.
We get frequent support tickets on github from users who failed to update one or more submodules when pulling the latest changes from the parent repo and get build issues or just don't incorporate the bug fix they're trying to test.
Is there a good way to fix/detect this in the build system? Like recursively follow .gitmodules and complain if the commit the parent wants isn&…

@… We wanted to wait for those that actually fixed the bug to announce, i.e. the Chrome team. They have done so now:
https://chromereleases.googleblog.com/…

<james> abuse me. I'm so lame I sent a bug report to
debian-devel-changes

I do love it when I come across people online who I've not seen in AGES - reporting a bug and it getting fixed by someone you used to work with decades ago, in an unrelated job.

Found a really odd #indiekit bug, the indiekit-endpoint-posts, which manages posts in the backend via micropub can only edit posts up to 40 posts back in time, so i forked it and fixed it: now it queries the database directly by MongoDB _id, which is efficient and works regardless of how many posts exist.

Ricardo Mendes
6 February 2026 indiekit Found a really odd #indiekit bug, the indiekit-endpoint-posts, which manages posts in the backend via micropub can only edit posts up to 40 posts back in time, so i forked it...

Not all heroes wear capes; some just wear ∀s and ⊃s.
https://forum.cspaper.org/topic/191/iclr-i-can-locate-reviewer-how-an-api-bug-turned-blind-review-into-a-data-apocalypse

I heard from a colleague that a system was just identified with a y2k bug.
Wait, how is that possible?!
A system was using 2 digits to store and transmit the year. To resolve the initial y2k problem, the system employed the date window technique, where that window ended with 2025.
https://en.wikipedia.org/wiki/Da…

The codeberg.org homepage (for logged out users) appears in English, no matter which language is selected #bug @…

🇺🇦 Auf radioeins läuft...
Fontaines D.C.:
🎵 Bug
#NowPlaying #FontainesDC
https://holdoholdoholdo.bandcamp.com/track/fontaines-d-c-bug-holdo-remix
https://open.spotify.com/track/0MXmiqd7zoXxv6Gqn9ahhQ

FYI: If your #Mastodon #domainverification doesn't work, check if you do have upper case letters in your URL as this won't work as of this #bug report from 2022:

Why keyboard shortcuts so complicated 😅
Bug: https://github.com/cheeaun/phanpy/issues/1465
Possible fix on react-hotkeys-hook, but reverted because it causes bug for other keys:

Anthropic debuts a Code Review feature for Claude Code, which uses agents working in teams to check pull requests for bugs, available in research preview (David Gewirtz/ZDNET)
https://www.zdnet.com/article/claude-code-review-ai-agents-pull-request-bug-d…

This new Claude Code Review tool uses AI agents to check your pull requests for bugs - here's how
Each pull request can cost up to $25. Here's why companies might still pay to prevent catastrophic bugs.

Update 26.3.1 für visionOS behebt Fehler
Knapp zwei Wochen nach visionOS 26.3 legt Apple eine kleinere Aktualisierung vor. Sie behebt einen kürzlich ermittelten Bug, der recht speziell ist.
https://www.

Hot take: TDD is easier with LLM-assist dev. You can tell the computer "write a failing test for XYZ" which is super helpful when you see a bug in the wild that doesn't have a test for it yet because if it did your bug wouldn't have made it past CI.
Discuss (I've done the above).

This scroll-jump-when trying to bookmark a post bug in Mona 7 is really making the app unusable. Hold off on upgrading until there’s a fix.
@…
#mona #mona7

On Website Technicals (2024-04) - Tech updates: ORCID, RSS work storage, podcast images, transcripts, Apache 2.4 ETag bug, 406 and more 429, less AMP, cacheing tweaks. - https://m.earth.org.uk/note-on-site-technicals-83.html

On Website Technicals (2024-04)
Tech updates: ORCID, RSS work storage, podcast images, transcripts, Apache 2.4 ETag bug, 406 and more 429, less AMP, cacheing tweaks.

🇺🇦 #NowPlaying on #BBC6Music's #NickGrimshaw
Sudan Archives:
🎵 A BUG'S LIFE
#SudanArchives
https://sudanarchives.bandcamp.com/track/a-bugs-life
https://open.spotify.com/track/1D7qrNAEbZ0G4oR6YZTvFK
Please 🔁 BOOST to share what you like
- your followers don't see if you ⭐ favourite a post

ok, so I set out to fix a small bug in roundl for 80-bit x86 floats. The final tally is four toolchain bugs (two already mentioned here, one bitfield bug on arc and a clang crash on arm because it didn't like the way I wrote a function), transitioning to a new Zephyr SDK and new Arm Toolchain for Embedded compilers. Thirty commits later, I've managed to get things working again. Phew.

Maybe this is interesting regarding AI-features, translations, Mozilla Firefox, AI hallucinations... https://bugzilla.mozilla.org/show_bug.cgi?id=2021766

Unser Urteil zum Pariser Y2K38-Fall – kurz zusammengefasst:
- Y2K38 ist ein versteckter Mangel mit realen Folgen.
- Obsoleszenz wird nicht toleriert.
- Das Problem ist real und teuer – schon heute.
Kritische Infrastrukturen sind betroffen.
- Es geht um Architektur, Haftung und grosse Kosten.
- Open Source ist Teil der Lösung.
👉 Die vollständige Analyse und Einordnung findet ihr im Blog.

Federal agencies ordered to patch Microsoft Desktop Windows Manager bug https://therecord.media/desktop-windows-manager-vulnerability-added-to-cisa-list

Overrun with AI slop, cURL scraps bug bounties to ensure "intact mental health"
The onslaught includes LLMs finding bogus vulnerabilities and code that won’t compile. The project developer for one of the Internet’s most popular networking tools is scrapping its vulnerability reward program after being overrun by a spike in the submission of low-quality reports, much of it AI-generated slop.
🤖

Overrun with AI slop, cURL scraps bug bounties to ensure "intact mental health"
The onslaught includes LLMs finding bogus vulnerabilities and code that won't compile.

This might explain why I keep thinking "I could have sworn I took more pictures than that" when I'm trying to take a lot of pictures to document a build in order to create illustrated instructions. 😦
https://www.androidcentral.com/phones/goog

Just a few months ago, AI coding was described as an overblown “auto-complete”, auto-complete has been around for functions and classes and what not since…I don’t know, years ? imagine if PR were rejected because the developed had used auto-complete to help him/her write a piece of code, or worst, a bug fix? I fully understand that no humans should be tasked to review spam PR & spam automated “contributions” but if a contribution is “generated” by Cla…

🇺🇦 #NowPlaying on #BBC6Music's #NewMusicFix
Wax Head:
🎵 Bug Doctor
#WaxHead
https://waxhead1.bandcamp.com/track/bug-doctor
https://open.spotify.com/track/50lVuRoIw1cmIQRRpFErRw

Thinking about future release plans for ngscopeclient.
There have been massive performance improvements and some significant bug fixes since v0.1.1 and the ThunderScope dev edition units are going to manufacture so we'll be getting a lot of additional users in ~2 months.
But there's also a lot of ongoing backend refactoring and changes to filter graph blocks that won't be strictly backwards compatible (old filter graphs will need updating) and while I freely break sof…

Mysterious bug from hell: I noticed that a Docker container running an Apache web server was sometimes shutting down for no apparent reason, but rarely enough that it was difficult to reproduce. After adding some debugging (given this shuts down the container there was no way to access the logs afterwards easily) and waiting for the issue to show up again.
🧵

🇺🇦 #NowPlaying on KEXP's #VarietyMix
The Bug Club:
🎵 Quality Pints
#TheBugClub
https://thebugclub.bandcamp.com/track/quality-pints
https://open.spotify.com/track/4BPwhKpHKpEjQh9HCCV0EP

OK, wth do I start wondering where this bug is - dragging a URL on google and it's upside down?! Google? Firefox? graphics? wtf?

I remember one of my jobs where we had a company building an internal system for us and I kept sending emails to the team telling them ways I could break their software...
And they got annoyed...
And my boss told me to cool it, and "give them a chance!"
But my thought was since they gave (some of) us a system to test, should they not be informed of all the ways it could break?
(And no, there was no bug reporting system.)

Although we didn’t make it into the final article, we appreciate being referenced in the sources. The article of @… on #Y2k38 is well worth reading:

Not proud or satisfied about this bug fix as I had to use ChatGPT in the end.
https://github.com/shanmukhateja/gitraven/pull/1
The fix was computing `objFullPath` over each iteration and then use it when computing absolute path for a tree node.

Filed Chromium bug #483413444: Invalid `aria-level` values incorrectly default to 1
https://issues.chromium.org/issues/483413444
Which addresses the regressions I found yesterday:

@… any overlap with UEFI-specific boot bug 293663?
<https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=293663>

🇺🇦 Auf radioeins läuft...
Golden Bug feat. The Limiñanas & Vega Voga:
🎵 Hi No Tori
#NowPlaying #GoldenBug #TheLimiñanas #VegaVoga
https://goldenbug.bandcamp.com/album/hi-no-tori-feat-vega-voga

Advice if you build websites: Use the W3C HTML *and* CSS validator. Not because I want to tell you that "you're bad if your HTML isn't valid", but because it'll help you find trivial bugs that can make your life hard.
Especially also use the CSS validator. I found 3 issues that made things not work as they should in recent days. I had a bug where it took me a while to figure out why it didn't work til I found some stackoverflow post, and the css validator would…

US, Australia say ‘MongoBleed’ bug being exploited https://therecord.media/us-australia-bug-exploitation

A Google bug report apparently leaks the planned Android desktop interface, showing a taller status bar, a new mouse cursor, Chrome extensions, and more (Abner Li/9to5Google)
https://9to5google.com/2026/01/27/android-desktop-leak/

Android’s full desktop interface leaks: New status bar, Chrome Extensions, more [Video]
A Google bug report on the Chromium Issue Tracker today has inadvertently leaked the Android desktop interface for the first time.

🇺🇦 Auf radioeins läuft...
Fontaines D.C.:
🎵 Bug
#NowPlaying #FontainesDC
https://holdoholdoholdo.bandcamp.com/track/fontaines-d-c-bug-holdo-remix
https://open.spotify.com/track/0MXmiqd7zoXxv6Gqn9ahhQ

🇺🇦 #NowPlaying on KEXP's #Audioasis
Amy Beth and Thee Creeps:
🎵 I'm a Bug
#AmyBethandTheeCreeps
https://chaputarecords.bandcamp.com/track/im-a-bug-2
https://open.spotify.com/track/0S9VBQvt9yF3ielRxsERZP

@… I usually have my butler attend to such things. White cotton gloves, and all that.
I procured a touch screen display especially for FreshPorts. Still, he tells me, this has not facilitated destruction of the bug. Is there a driver issue?

Despite all the reports, Instagram denies it has experienced a breach.
https://www.bleepingcomputer.com/news/security/instagram-denies-breach-amid-claims-of-17-million-account-data-leak/

Instagram denies breach amid claims of 17 million account data leak
Instagram says it fixed a bug that allowed threat actors to mass-request password reset emails, amid claims that data from more than 17 million Instagram accounts was scraped and leaked online.

@… It's already a security vulnerability. (CVE-2025-0101) (CVE-2025-1235)(CVE-2025-55068)
And quite expensive for Alstom for example https://y2k38.ch/herstellerhaftung-j…

I found an odd shell bug & I'm not entirely sure who's at fault. Some interaction between screen, ANSI colors & grep seems to make a char disappear.
Reproducer: run this in screen on a terminal with 80 chars width:
echo -e 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx12345'|grep 234
The "4" disappears mysteriously... Seems to be caused by escape code '[K' from grep. I'd appreciate explanations whethe…

Cisco warns of critical SD-WAN bug that was actively exploited in zero-day attacks since 2023, as CISA and international partners issue emergency directives (Lawrence Abrams/BleepingComputer)
https://www.bleepingcomputer.com/news/secu

🇺🇦 #NowPlaying on KEXP's #Audioasis
Amy Beth and Thee Creeps:
🎵 I'm a Bug
#AmyBethandTheeCreeps
https://chaputarecords.bandcamp.com/track/im-a-bug-2
https://open.spotify.com/track/0S9VBQvt9yF3ielRxsERZP
Please 🔁 BOOST to share what you like
- your followers don't see if you ⭐ favourite a post

@… true, however I'm certain that in reality: the beginning of the page is terribly outdated … and when the first sentence of a page is wrong, it doesn't inspire confidence in the rest of the page.
Whilst <

@… @… Bei einem "normalen" Bug gebe ich dir recht. Bei Y2K38 liegt der Fall anderes. Das hat auch das Gericht festgestellt. 2017 hätte Alstom neben der eigentlichen Applikation den Linux Kernel und wahrscheinlich die Stand…

@… confirmed:
– the bug is reproducible without the desktop script.
#FreeBSD #bug

The curl project plans to end its HackerOne bug bounty program at the end of January, citing a surge in low-quality AI-generated vulnerability reports (Lawrence Abrams/BleepingComputer)
https://www.bleepingcomputer.com/news/securi…

@… thanks.
Not directly related, a review of <https://bugs.kde.org/show_bug.cgi?id=484259> may be timely:
― Auto login behaviour has X11 session s…

@…
<https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=234238#c1>
@…

@… FYI
285957 – lang/python312 as default python — <https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=285957>
292105 – lang…