Trending
Pouncing Dragon's Avatar

Pouncing Dragon

@pouncingdragon

Finder of unintended features, collector of hobbies.

56
Followers 140
Following 8
Posts 14.11.2024
Joined
Posts Following

Latest posts by Pouncing Dragon @pouncingdragon

Plus one for the barge contact cement for foam, cloth, rubber, and other bendy things. Thin coat on both surfaces, wait until nearly dry, and press firmly together. Nice solid bond that can take a bit of abuse.

12.03.2026 02:06 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging

Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging

15.02.2026 15:22 πŸ‘ 2 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
oss-sec: GNU InetUtils Security Advisory: remote authentication by-pass in telnetd

Days since somebody dropped a huge 0-day on the oss-security mailing list: 0

seclists.org/oss-sec/2026...

20.01.2026 20:41 πŸ‘ 5 πŸ” 2 πŸ’¬ 1 πŸ“Œ 0

That's very sad to hear. This is the only year that I completely lost interest in the event after the first couple puzzles. Guess that explains why everything seemed disconnected and shallow. I hope they return to form next year.

31.12.2025 17:07 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

I've gotta say.. playing SANS Holiday Hack Challenge (#hhc) this year and seeing that the entire thing was AI generated was so disappointing.. when I worked there, the human touch was the most important part. Now it's 100% slop.

I guess capitalism comes for everything eventually..

31.12.2025 16:47 πŸ‘ 17 πŸ” 6 πŸ’¬ 4 πŸ“Œ 0
SVG Filters - Clickjacking 2.0 A novel and powerful twist on an old classic.

Developer attempts to replicate "Liquid Glass" in CSS, and once finished realizes what she'd actually created is an exploit for a fundamental, previously unknown, and rather serious browser vulnerability

lyra.horse/blog/2025/12...

"CSS hack accidentally becomes regular hack"

05.12.2025 02:03 πŸ‘ 2038 πŸ” 580 πŸ’¬ 24 πŸ“Œ 37
mckitterick (ADE.............- Yesterday 601 irritatingly, the list of Al settings in Firefox has grown. to kill them all as of today (Nov 20, 2026), go into about:config and set all of these to false (yes, you'll have to copy and paste them one by one): browser.ml.enable browser.ml.chat.enabled browser.ml.chat.menu browser.ml.chat.page β€’ browser.ml.chat.page.footerBadge β€’ browser.ml.chat.page.menuBadge browser.ml.link Preview.enabled browser.ml.pageAssist.enabled browser.tabs.groups.smart.enabled browser.tabs.groups.smart.userEnabled extensions.ml.enabled browser.search.visualSearch.featureGate in addition to nuking Al, it'll also speed up your browsing

mckitterick (ADE.............- Yesterday 601 irritatingly, the list of Al settings in Firefox has grown. to kill them all as of today (Nov 20, 2026), go into about:config and set all of these to false (yes, you'll have to copy and paste them one by one): browser.ml.enable browser.ml.chat.enabled browser.ml.chat.menu browser.ml.chat.page β€’ browser.ml.chat.page.footerBadge β€’ browser.ml.chat.page.menuBadge browser.ml.link Preview.enabled browser.ml.pageAssist.enabled browser.tabs.groups.smart.enabled browser.tabs.groups.smart.userEnabled extensions.ml.enabled browser.search.visualSearch.featureGate in addition to nuking Al, it'll also speed up your browsing

here's an updated guide on how to remove all of the AI from Firefox

22.11.2025 20:53 πŸ‘ 918 πŸ” 582 πŸ’¬ 24 πŸ“Œ 23
Post image

There is zero chance I can terminate a LAN cable in under two minutes, let alone 52 seconds. @saintcon.bsky.social

24.10.2025 18:37 πŸ‘ 24 πŸ” 2 πŸ’¬ 4 πŸ“Œ 0
Preview
Amazon brain drain finally caught up with AWS column: When your best engineers log off for good, don’t be surprised when the cloud forgets how DNS works

Scathing, but all too obviously accurate, take on the AWS outage by @quinnypig.com.

You're engaging in professional malpractice if you don't share this with your stakeholders. Corey may be an engineer, but he communicates about the issues in an accessible manner.
www.theregister.com/2025/10/20/a...

22.10.2025 05:47 πŸ‘ 72 πŸ” 21 πŸ’¬ 2 πŸ“Œ 5
Post image

Klaus and Glen are ridin' into Wild West Hackin' Fest - Deadwood 2025 with their talk "Dungeons & Dragons: The Security Tool You Didn’t Know You Needed Klaus and Glen" Don't ya go missin' it, virtual con and virtual training tickets are still available! wildwesthackinfest.com/register-for...

29.09.2025 12:37 πŸ‘ 2 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
When a SSRF is enough: Full Docker Escape on Windows Docker Desktop (CVE-2025-9074) August 21, 2025 - Vulnerability Write-up

When a SSRF is enough: Full Docker Escape on Windows Docker Desktop (CVE-2025-9074) blog.qwertysecurity.com/Articles/blo...

30.08.2025 16:17 πŸ‘ 2 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Video thumbnail

SpaceFromSpace now features over 500 declassified Cold War era spy satellite images from all over the world! Each one fully browsable, interactive, and free for anyone to view.

spacefromspace.com/declassified...

13.08.2025 11:42 πŸ‘ 48 πŸ” 10 πŸ’¬ 1 πŸ“Œ 3
Gerrymandering: when data science meets moral bankruptcy.

Gerrymandering: when data science meets moral bankruptcy.

Gerrymandering: the art of mathematically disproving majority rule.

30.07.2025 12:54 πŸ‘ 2618 πŸ” 1336 πŸ’¬ 130 πŸ“Œ 84
a decorative elaborate wall display of five swords

a decorative elaborate wall display of five swords

a denuded wall where only hooks are

a denuded wall where only hooks are

so someone broke into my apartment at night and stole all of my swords and im kind of. in shock

31.07.2025 13:25 πŸ‘ 5096 πŸ” 604 πŸ’¬ 658 πŸ“Œ 219
The Art Of Poison-Pilling Music Files
The Art Of Poison-Pilling Music Files YouTube video by Benn Jordan

why did it take me so long to find out about @bennjordan.bsky.social these videos are so good
youtu.be/xMYm2d9bmEA

30.07.2025 17:32 πŸ‘ 184 πŸ” 15 πŸ’¬ 11 πŸ“Œ 1
Preview
North Korean hackers ran US-based β€œlaptop farm” from Arizona woman’s home North Korea made millions from the scheme.
25.07.2025 21:40 πŸ‘ 83 πŸ” 38 πŸ’¬ 6 πŸ“Œ 2

Definitely not just you. Unfortunately it seems like a lot of the old guard are tired of screaming into the void, and a lot of the newer recruits think that security is just some out of the box vendor alerts with an AI company logo stamped in the corner.

02.07.2025 23:54 πŸ‘ 2 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

yep, this is the way.

28.06.2025 00:49 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Protect Yourself From Meta’s Latest Attack on Privacy Researchers recently caught Meta using an egregious new tracking technique to spy on you. Exploiting a technical loophole, the company was able to have their apps snoop on users’ web browsing. This tr...

Meta’s track record on privacy was already spotty, but the newest web-to-app trick is particularly brazen. Here’s what to do next.

20.06.2025 18:02 πŸ‘ 150 πŸ” 62 πŸ’¬ 2 πŸ“Œ 10
Preview
Malware and Memory Forensics Training - Memory Analysis Malware and memory forensics training courses offered by the Memory Analysis Team.

Our highly popular and technical training, "Malware and Memory Forensics with Volatility", has been fully converted to @volatilityfoundation.org 3 and significantly updated, including many new sections and 8 new, in-depth labs. Available online & in VA in October

memoryanalysis.net/courses-malw...

11.06.2025 16:36 πŸ‘ 7 πŸ” 4 πŸ’¬ 0 πŸ“Œ 1
Preview
Flock’s Newest Police Tool Sparks Data Controversy Flock Safety, a license plate reading tech firm that recently bought a drone company, is taking heat over the data sources for its new platform. It’s not the only law enforcement technology attracting...

β€œIf the reports about Flock Nova are true, this is precisely the kind of dystopian panopticon we’ve warned about,” EFF’s @mguariglia.bsky.social told Government Technology News.

28.05.2025 17:06 πŸ‘ 88 πŸ” 30 πŸ’¬ 0 πŸ“Œ 2

A very appropriate description of email these days.

29.04.2025 03:54 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Exposing the Honey Influencer Scam
Exposing the Honey Influencer Scam YouTube video by MegaLag

Y'know, I've never taken any sponsorships, I'm very skeptical at the best of times and no sponsorship I've ever been approached about has ever passed my sniff test, so I thought I knew where this was going, but this is bigger scam than I'd expected.

www.youtube.com/watch?v=vc4y...

27.12.2024 13:09 πŸ‘ 527 πŸ” 124 πŸ’¬ 31 πŸ“Œ 6
Preview
Intercept SSM Communications - Hacking The Cloud With access to an EC2 instance you can intercept, modify, and spoof SSM communications.

Nick Frichette’s research shows how gaining EC2 access can let you intercept and modify AWS SSM communications. By spoofing the SSM Agent, it’s possible to manipulate EC2 messages or sessions. Check out the tools and techniques explored in this fascinating deep dive:

05.12.2024 15:00 πŸ‘ 11 πŸ” 6 πŸ’¬ 1 πŸ“Œ 1

You're supposed to hold onto them. Eventually there will be enough companies represented in that stack that they'll be able to file a class action lawsuit against you. Do you have any idea how much YOUR data escaping has cost them?! /s

04.12.2024 17:51 πŸ‘ 3 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Still have mine as well, with a couple old tokens still
in it. Lots of great memories.

04.12.2024 17:19 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Nice work! Looks like that was a fun project.

15.11.2024 03:18 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0