Making headlines everywhere is the CopyFail Linux kernel vulnerability, which allows local privilege escalation (LPE) from any user to root privileges on most kernels and distributions. Local privileges escalations are never good, but typically are not “Internet-melters”: they are significantly less dangerous than remote vulnerabilities, but are often combined with a remote vulnerability to gain complete access to a […]
Isn’t there some claim events come in threes? After the extremely rare leak of the iOS Coruna exploit chain recently, now we have details from Google on a second significant exploit in the wild, dubbed Darksword. Like Coruna, Darksword appears to have followed the path of government security contractors, to different government actors, to crypto stealer. It […]
You might not have noticed, but we here at Hackaday are pretty big fans of Open Source — software, hardware, you name it. We’ve also spilled our fair share of electronic ink on things people are doing with AI. So naturally when [Jeff Greerling] declares on his blog (and in a video embedded below) that […]
Anthropic has had an eventful couple weeks, and we have two separate write-ups to cover. The first is a vulnerability in the Antropic MCP Inspector, CVE-2025-49596. We’ve talked a bit about the Module Context Protocol (MCP), the framework that provides a structure for AI agents to discover and make use of software tools. MCP Inspector […]
If you’re a regular GitHub user you’ll be familiar with the website’s graphical calendar display of activity as a grid. For some of you it will show a hive of activity, while for others it will be a bit spotty. If you’re proud of your graph though, you’ll want to show it off to the […]
What’s the GitHub repository you have created that you think is of most note? Which one do you think of as your magnum opus, the one that you will be remembered by? Was it the CAD files and schematics of a device for ending world hunger, or perhaps it was software designed to end poverty? […]
We know a bit more about the GitHub Actions supply chain attack from last month. Palo Alto’s Unit 42 has been leading the charge on untangling this attack, and they’ve just released an update to their coverage. The conclusion is that Coinbase was the initial target of the attack, with the open source agentkit package […]
GitHub is an incredibly powerful tool for sharing source code, and its value to the modern hacker can’t be overstated. But there’s at least one downside to effortlessly sharing your source: it’s now much easier for the whole world to find out when you screw up. Back in the day, if you accidentally left a […]
[W8BH] attended a talk by another ham, [W8TEE] that showed a microcontroller sending and receiving Morse code. He decided to build his own, and documented his results in an 8 part tutorial. He’s using the Blue Pill board and the resulting device sends code with paddles, sends canned text, provides an LCD with a rotary […]
Humans seem to have a need to do things that aren’t practical. Make the biggest ball of twine. Engrave the Declaration of Independence on a grain of rice. We want to make things bigger, smaller, faster, or whatever. That might explain why [nanochess] put out bootBASIC. The 8088 (or later) assembly code gives you a […]