From the Zed Blog: Less wrestling with settings.json == more coding.

Get all your live rugby needs sorted with the Rugby Live Data API. We cover all major leagues and are adding leagues all the time. Don't see a league you want covered? Shoot us a mail and we'll see what we can do.

Introduction

GUI design can be a tedious job, requiring the use of specialist design tools and finding a suitable library that fits your use case. If you’re looking for a lightweight solution, though, you…

It's a small planet, but someone's gotta make the deliveries.

Kairos is an open-source Linux-based operating system designed for securely running Kubernetes at the edge. It provides immutable, declarative infrastructure with features like P2P clustering, trusted boot, and A/B upgrades.

An extortion group calling itself the Crimson Collective claims to have breached Red Hat's private GitHub repositories, stealing nearly 570GB of compressed data across 28,000 internal projects.

SSH3: faster and rich secure shell using HTTP/3, checkout our article here: https://arxiv.org/abs/2312.08396 and our Internet-Draft: https://datatracker.ietf.org/doc/draft-michel-ssh3/ - francoismichel/ssh3

The web browser made for people, with love. Best privacy by default, unbiased ad-blocking, no bloat and no noise. Fully open source.

: Foundations say billions of downloads rely on registries running on fumes – and someone's gotta pay the bills

“Hello! I am a developer. Here is my relevant experience: I code in Hoobijag and sometimes jabbernocks and of course ABCDE++++ (but never ABCDE+/^+ are you kidding? ha!)  and I like working with Shoobababoo and occasionally kleptomitrons. I’ve gotten to work for Company1 doing Shoobaboo-ing code things and that’s what led me to the Snarfus. So, let’s dive in!

Ever wanted to play the worlds second most popular videogame without actually playing it? Well, I will guide you through it! First of all, what do I mean by 'Pl

While preparing for my Black Hat and DEF CON talks in July of this year, I found the most impactful Entra ID vulnerability that I will probably ever find. One that could have allowed me to compromise every Entra ID tenant in the world (except probably those in national cloud deployments). If you are an Entra ID admin reading this, yes that means complete access to your tenant. The vulnerability consisted of two components: undocumented impersonation tokens that Microsoft uses in their backend for service-to-service (S2S) communication, called “Actor tokens”, and a critical vulnerability in the (legacy) Azure AD Graph API that did not properly validate the originating tenant, allowing these tokens to be used for cross-tenant access.

In my last post I talked about how I spent a week heads down using AI to work on a greenfield engineering metrics tool. As I built it, I’d often navigate the web app and spot things that needed to be fleshed out. Sometimes it was a small typo; other times it was a bigger […]

A hilarious macOS app that plays fart sounds as you open and close your MacBook lid - iannuttall/fartscroll-lid

Scroll to survive. How far can you DOOMscroll?

That NPM attack could have been so much worse.

Agent Builder and Runtime by Docker Engineering. Contribute to docker/cagent development by creating an account on GitHub.

Engineers prove their technique is effective even with the lowest-cost WiFi devices

Unauthorized TLS certificates were issued for 1.1.1.1 by a Certification Authority without permission from Cloudflare. These rogue certificates have now been revoked. Read our blog to see how this could affect you.