Tootfinder

»Over 600 Laravel Apps Exposed to Remote Code Execution Due to Leaked APP_KEYs on GitHub:
Cybersecurity researchers have discovered a serious security issue that allows leaked Laravel APP_KEY's to be weaponized to gain remote code execution capabilities on hundreds of applications.«
Never store your access keys in Git, especially not in the code – do programmers need to be taught this?!??
🔓

Over 600 Laravel Apps Exposed to Remote Code Execution Due to Leaked APP_KEYs on GitHub
GitGuardian uncovers 260,000 leaked Laravel APP_KEYs on GitHub, exposing over 600 apps to remote code execution.

Shopify partners with Coinbase to enable USDC payments for its merchants through Coinbase's Base layer-2 network, starting with a limited group of merchants (CoinDesk)
https://www.coindesk.com/business/2025/06/

Coinbase (COIN), Shopify (SHOP) Partner to Enable USDC Payments on Base for Merchants Worldwide
The integration is set to roll out on June 12 to a limited group of early access merchants, with wider availability expected later in the year.

Les enfants issus d'OKC ont grandi dans le domaine isolé du Château des Soleils, dans les Alpes-de-Haute-Provence. Plusieurs d'entre eux racontent y avoir subi brimades, violences et viols. Malgré les plaintes déposées et une condamnation en Belgique, l'accusé coule des jours tranquilles en Espagne.

Wait. What? Did Kepler poison Brahe?? I kinda expect he'd know how, the thing with his mom's 'tinctures' and all, and we know he "just happened" to gain access after, but what use would 'witches' (herbalists?) have to do with mercury?
#mysteryandintrigue
The Astronomers Tycho Brahe and Johannes Kepler (pdf)
https://chandra.harvard.edu/edu/formal/icecore/The_Astronomers_Tycho_Brahe_and_Johannes_Kepler.pdf

Akaike information criterion for segmented regression models
Kazuki Nakajima, Yoshiyuki Ninomiya
https://arxiv.org/abs/2506.08760 https://

Akaike information criterion for segmented regression models
In segmented regression, when the regression function is continuous at the change-points that are the boundaries of the segments, it is also called joinpoint regression, and the analysis package developed by \cite{KimFFM00} has become a standard tool for analyzing trends in longitudinal data in the field of epidemiology. In addition, it is sometimes natural to expect the regression function to be discontinuous at the change-points, and in the field of epidemiology, this model is used in \cite{J…

Je viens de poser Cometa d’Elie Huault, après l’avoir lu pour la seconde fois en moins d’une heure, tellement l’univers représenté dans cet ovni graphique — qualificatif donné Š cet ouvrage par Métal Hurlant et qui lui sied Š merveille — m’a fasciné.
🌊 Lire la suite sur le Sillon https://sillon-fictionnel.club/post…

Securing Open RAN: A Survey of Cryptographic Challenges and Emerging Solutions for 5G
Ryan Barker, Fatemeh Afghah
https://arxiv.org/abs/2506.09418 https://…

Securing Open RAN: A Survey of Cryptographic Challenges and Emerging Solutions for 5G
The advent of Open Radio Access Networks (O-RAN) introduces modularity and flexibility into 5G deployments but also surfaces novel security challenges across disaggregated interfaces. This literature review synthesizes recent research across thirteen academic and industry sources, examining vulnerabilities such as cipher bidding-down attacks, partial encryption exposure on control/user planes, and performance trade-offs in securing O-RAN interfaces like E2 and O1. The paper surveys key cryptogr…

Il plugin #Docusaurus gist aggiungeva una pagina all'istanza di Docusaurus, mostrando tutti i gist pubblici degli utenti GitHub che lo usano
Le versioni di docusaurus-plugin-content-gists precedenti alla 4.0.0 sono vulnerabili all'esposizione dei token di accesso personale GitHub negli artefatti di build di produzione quando vengono passati attraverso le opzioni di configuraz…

Stratification-based Instrumental Variable Analysis Framework for Nonlinear Effect Analysis
Haodong Tian, Ashish Patel, Stephen Burgess
https://arxiv.org/abs/2507.07349

Stratification-based Instrumental Variable Analysis Framework for Nonlinear Effect Analysis
Nonlinear causal effects are prevalent in many research scenarios involving continuous exposures, and instrumental variables (IVs) can be employed to investigate such effects, particularly in the presence of unmeasured confounders. However, common IV methods for nonlinear effect analysis, such as IV regression or the control-function method, have inherent limitations, leading to either low statistical power or potentially misleading conclusions. In this work, we propose an alternative IV framew…

Stealix: Model Stealing via Prompt Evolution
Zhixiong Zhuang, Hui-Po Wang, Maria-Irina Nicolae, Mario Fritz
https://arxiv.org/abs/2506.05867 https://

Stealix: Model Stealing via Prompt Evolution
Model stealing poses a significant security risk in machine learning by enabling attackers to replicate a black-box model without access to its training data, thus jeopardizing intellectual property and exposing sensitive information. Recent methods that use pre-trained diffusion models for data synthesis improve efficiency and performance but rely heavily on manually crafted prompts, limiting automation and scalability, especially for attackers with little expertise. To assess the risks posed …