alp1n3 🌲

Defuddle now has a website!

This means you can use Defuddle anywhere to get the main content of a page in Markdown format.

You can simply add "defuddle.md" before any URL, use it via curl, Skills, CLI, or add it to your app via NPM.

Cross-Site Scripting (XSS) via Email HTML Rendering ## Impact A stored cross-site scripting (XSS) vulnerability was identified in the email rendering feature of AliasVault Web Client versions 0.25.3 and lower. When viewing received emails on an ali...

XSS on a password manager, about the scariest impact you can have...
github.com/aliasvault/a...
Luckily it was fixed super quick! Here's a simple script you can use to send raw HTML in emails. I think a lot more clients will benifit from sanitizer testing.
gist.github.com/JorianWoltje...

Dropped a piece of command strip tape on the ground and mine gobbled it up 🫠

Luckily after a day or two of random dry coughing all symptoms stopped.

Love these little guys but man do they make you worry sometimes!

The writing was always the cheap part Last December, quite unrealistically, I took a solemn oath: I would not write again about AI for at least another year. I was growing tired with the incessant noise, the lack of stability, and the sel...

Inspired by one of @simonwillison.net 's reflections, I wrote a piece on the real cost of technical writing and documentation.

passo.uno/real-cost-of...

I worked really hard for this meme

GitHub - spaceraccoon/vulnerability-spoiler-alert-action: GitHub Action to alert on security patches before the CVE drops. GitHub Action to alert on security patches before the CVE drops. - spaceraccoon/vulnerability-spoiler-alert-action

Vulnerability Spoiler Alert Action by @spaceraccoonsec

It monitors repositories and uses Claude to detect patching of security vulns. This early warning can give security teams more time to patch before the CVE drops.

GitHub repo👇

The Missing Semester of your CS education [MIT IAP 2026] - https://missing.csail.mit.edu

In January, @anishathalye.bsky.social, @josejg.bsky.social, and I returned to @csail.mit.edu to teach Missing Semester, a class on topics we miss from most CS programs—tools and techniques that everyone should know, like Bash, Git, CI, and AI tools. Today, we’re releasing the course for free online!

Paged Out! #8 is out! pagedout.institute @pagedout.bsky.social

In "An AWKward Modem" (p. 28), I show how to write a tiny modem in 5 lines of AWK and shift it into the near-ultrasonic range. 🔊

Cline CLI npm Package Compromised via Suspected Cache Poison... A compromised npm publish token was used to push a malicious postinstall script in cline@2.3.0, affecting the popular AI coding agent CLI with 90k wee...

A compromised npm token was used to push an unauthorized postinstall script in cline@2.3.0, a popular AI coding agent CLI with 90k weekly downloads.

Big shoutout to @adnanthekhan.bsky.social whose research sniffed out the cache poisoning vulnerability! 💪

Details → socket.dev/blog/cline-c...

“I want it to just work” is the main requirement for 99% of people.

I totally get why too.

The Discord situation is going to produce a lot more people that hate Matrix.
They will still use Discord but they will now also hate Matrix

Go 1.26 has a lot to love, including significant performance improvements that are completely transparent to Go developers. Just upgrade and your Go programs run faster -- no other changes required!

OpenClaw Skill Marketplace Emerges as Active Malware Vector ... Security researchers report widespread abuse of OpenClaw skills to deliver info-stealing malware, exposing a new supply chain risk as agent ecosystems...

☠️🤖 We’re entering a new era of malicious workflows.

OpenClaw skills show how easily agent workflows can be abused once they’re trusted to execute.

A closer look at this emerging class of supply chain attack:
socket.dev/blog/opencla...

Security - OpenClaw

Openclaw (Clawdbot) is cool and all but it’s also risky.

Make sure you get your bot audited with some better security practices 👇 

https://auth0.com/blog/five-step-guide-securing-moltbot-ai-agent/

The Scam Ad Machine Nearly one in three Meta ads found to point to a scam, phishing or malware

Dear f***ing lord!

Nearly one every three Meta ads showed in the EU and UK over 23 days pointed to online scams

This should be the easiest layup for govt agencies in the history of enforcements

www.gendigital.com/blog/insight...

HTB: Bamboo Bamboo offers a Squid HTTP proxy through which I’ll access a PaperCut NG instance. I’ll use Spose to scan through the proxy and discover the print management application. I’ll exploit an authentication bypass vulnerability in PaperCut and use application access to enabling print scripting to get code execution. For privilege escalation, I’ll abuse a root process that runs a script from the papercut user’s home directory.

Bamboo from HackTheBox and VulnLab features Squid proxy enumeration, CVE-2023-27350 authentication bypass to RCE in PaperCut NG, and binary hijacking of a root-executed script for privilege escalation.

Our pentesting agent found a 1-click ATO to RCE in @moltbot Gateway Control UI in under 2 hours.

Local instances can also be exploited with one click.

Patched in main, update now.

Watch the exploit 👇

What Developers Need to Know About JWTs Dan Moore will show you what JWTs are, how they work and everything you need to know to use them properly in your applications

I've given this talk 20+ times, but still enjoy the topic. What developers need to know about JWTs

HTB: Imagery Imagery hosts a Flask-based image gallery application. I’ll exploit a stored XSS vulnerability in the bug report feature to steal an admin cookie. From the admin panel, I’ll use directory traversal to read the application source code, finding a command injection vulnerability in the image crop feature that requires access as a test user. After reading the database and cracking the test user’s password hash, I’ll exploit the command injection to get a shell. I’ll find an encrypted backup file and brute-force the pyAesCrypt password, getting access to an older backup with additional hashes. After cracking another user’s hash, I’ll pivot to a user that can run a custom backup utility as root via sudo. I’ll show two ways to abuse this. In Beyond Root, I’ll show why SSH is broken and how to get around it.

Imagery from HackTheBox features XSS to steal cookies, directory traversal for source code access, and command injection for rce. Pivots include pyAesCrypt brute-forcing and abusing a sudo backup utility exploited multiple ways.

Got the final piece beautifully rendered and ready to be sent off for the 10qty SLM print…

But then I ran across the mass-market cut ones from China for $1.00/pc 😭 Why do they have to be so insanely cheap.

Cyata Research: Breaking Anthropic's Official MCP Server - Cyata | The Control Plane for Agentic Identity How We Found Code Execution in Anthropic’s Official Git MCP Server TL;DR What happened: Cyata discovered three security vulnerabilities in mcp-server-git, the official Git MCP server maintained by Anthropic. These flaws can be exploited through prompt injection, meaning an attacker who can influence what an AI assistant reads (a malicious README, a poisoned issue description, […]

Oh look, another MCP vuln (or 3) from failure to sanitize input.

You and I both know how these are getting written. You and I both know the training material is not vetted for secure code. This will not stop and will only get worse.

CVE-2026-23993: JWT authentication bypass in HarbourJwt via “unknown alg” I didn't know Harbour even existed as a language when I found this bug. The fun part is that I also ...

🔥 CVE-2026-23993: HarbourJwt JWT auth bypass via unknown alg.

Not just alg=none: unsupported alg => empty signature, so forged token header.payload. passes.

Write-up + fix: pentesterlab.com/blog/cve-202...

🗞️ cURL stopped HackerOne bug bounty program due to excessive slop reports

🔗 https://github.com/curl/curl/pull/20312

🗞️ Research Worth Reading Week 03/2026

🔗 https://pentesterlab.com/blog/research-worth-reading-week03-2026

HTB: HackNet HackNet hosts a social media site for hackers built with Django. I’ll find an HTML injection in the username field that, combined with how the likes page renders usernames, leads to server-side template injection. While Django templates are restrictive, I’ll use the SSTI to dump user data including plaintext passwords, finding one user whose email reveals their Linux username. After SSHing in, I’ll discover Django’s FileBasedCache uses pickle serialization with a world-writable cache directory. By replacing cache files with a malicious pickle payload, I’ll get a shell as the web user. From there, I’ll crack a GPG key password to decrypt database backups, finding a password shared in messages that works for root.

HackNet from HackTheBox features SSTI in Django templates to leak user credentials, pickle deserialization via FileBasedCache with world-writable directory, and GPG key cracking to recover database backups containing the root password.

🗞️ New Vulnerability in n8n – CVE-2026-21858

🔗 https://www.schneier.com/blog/archives/2026/01/new-vulnerability-in-n8n.html

🗞️ $250K+ XSS in Meta Conversion API Leading to Zero-Click Account Takeover

🔗 https://ysamm.com/uncategorized/2025/01/13/capig-xss.html