Author | Lightnews

Reposted by Freddy

FluxFingers @fluxfingers.net · 15d

Hej!

We are thrilled to announce Hack.lu CTF 2025 starts on Friday, October 17.

Top teams can win prizes from our sponsors: OffensiveCon, Zellic, PortSwigger, Binary Ninja, and HackTheBox.

All information on flu.xxx

3 4

Freddy @freddyb.bsky.social · 27d

Eine riesige Verbesserung der Lebensqualität. Vielen Dank für Ihren Einsatz! An wen schreibe ich einen höflichen Brief, dass die Ladebereiche vielleicht einen abgesenkten Bordstein für einfacheres Entladen bekommen könnten? InfraVelo oder Bezirksamt? Oder reicht hier? ;-)

1 1

Reposted by Freddy

John Schanck @susurrusus.bsky.social · Aug 19

CRLite: Fast, private, and comprehensive certificate revocation checking in Firefox – Mozilla Hacks - the Web developer blog

Firefox is now the first and the only browser to deploy fast and comprehensive certificate revocation checking that does not reveal your browsing activity to anyone (not even to Mozilla). ...

hacks.mozilla.org

2 2

Reposted by Freddy

Lesley Carhart @hacks4pancakes.com · Aug 1

I'm in a phenomenal talk on gender inequality in cybersecurity this morrning and this is such a great cheat sheet for intersectional fair employment.

5 60 180

Reposted by Freddy

David Buchanan @retr0.id · Jul 25

firefox container tabs are lowkey goated when $11/year VPS in dublin w/ socks5 over ssh is the vibe

David Buchanan @retr0.id · Jul 25

happy VPN configuration day to all who celebrate

6 7 150

Reposted by Freddy

Sune Marcher @me.snemarch.dk · Jul 25

Wait, container tabs support individual proxy settings?

1 2 4

Freddy @freddyb.bsky.social · Jul 2

We just opened the Call-for-Papers for the German OWASP Day 2025. The event will be held November 25th-26th in Düsseldorf.

god.owasp.de/2025/cfp.html

We're looking for all sorts of presentations about web security and beyond for an audience of builders, breakers and defenders.

German OWASP Day 2025

god.owasp.de

1 2

Reposted by Freddy

David Buchanan @retr0.id · May 31

cut my heap into pieces, this is my crash report:
allocation, no alignment
don't give a fuck if it faults on assignment
this is fatal abort()

6 77 440

Reposted by Freddy

Corey “🎃Managed NAT Gateway👻” Quinn @quinnypig.com · May 31

CUT MY LIST IN TWO PIECES

THAT’S HOW YOU START QUICKSORT

14 250 1.3K

Freddy @freddyb.bsky.social · May 31

Closed the 6th floor. 3&4 are still going. Berlin and Toronto are the last offices.

1

Freddy @freddyb.bsky.social · May 28

it's still the mozilla office 👋

1 1

Freddy @freddyb.bsky.social · May 26

Echt Hammer, wie schön die Radwege sind. Aber wieso sind diese Fahrrad-Symbole so erhaben. Hätte man die nicht auch in glatt hingekriegt? Frage als absoluter Laie :)

1

Freddy @freddyb.bsky.social · May 25

Just watched the talk video. well explained! So sad, that there are so many findings. Would you say most DOM-based XSS is mostly `innerHTML =` or what do people usually do?

1 1

Freddy @freddyb.bsky.social · May 25

thank you!

1 1

Freddy @freddyb.bsky.social · May 24

Do you intend to write it up as a blog post? Unfortunately, it’s not self-explanatory with slides? I am curious:) ps: Reminds me of frederikbraun.de/xss-digital-....

XSS in The Digital #ClimateStrike Widget

frederikbraun.de

1 3

Reposted by Freddy

potch @potch.me · May 22

end of an era 💔 blog.glitch.com/post/changes...

I know Glitch is working on project export but if you're git-capable, I built a tool that will mass-git-clone your public glitch projects: github.com/potch/glitch...

Important changes are coming to Glitch

We’ve got an important update for the Glitch community today: We’ll be ending web hosting for your apps on Glitch.

blog.glitch.com

1 3 16

Freddy @freddyb.bsky.social · May 22

This is a complaint about the default. Defaults matter. You should know that.

1 2

Freddy @freddyb.bsky.social · May 21

Pfff, you're four days late. We fixed this already on Saturday 😘

1

Freddy @freddyb.bsky.social · May 17

Uh, pwn2own was...today? And we're shipping a bugfix release also today? Cool.

Update your Firefoxes, please :D

blog.mozilla.org/security/202...

Firefox Security Response to pwn2own 2025 – Mozilla Security Blog

At Mozilla, we consider security to be a paramount aspect of the web. This is why not only does Firefox have a long running bug bounty program but also mature ...

blog.mozilla.org

1 8

Reposted by Freddy

Dan Veditz @dveditz.bsky.social · May 17

We just published @firefox.com updates to fix the exploits used at the Pwn2Own contest yesterday and today. Both contestants achieved RCE in our content process but did not escape the sandbox.
blog.mozilla.org/security/202...

Firefox Security Response to pwn2own 2025 – Mozilla Security Blog

At Mozilla, we consider security to be a paramount aspect of the web. This is why not only does Firefox have a long running bug bounty program but also mature ...

blog.mozilla.org

3 8 24

Reposted by Freddy

Web Engines Hackfest @webengineshackfest.org · May 16

We have an initial plan for talks and breakout sessions at the Web Engines Hackfest 2025: github.com/Igalia/weben...
• Monday: 9 talks and the W3C Web Apps WG F2F
• Tuesday & Wednesday: 23 breakout sessions in 3 parallel tracks
There might be still small changes, but it gives a good overall picture.

Home

Web Engines Hackfest. Contribute to Igalia/webengineshackfest development by creating an account on GitHub.

github.com

9 13

Freddy @freddyb.bsky.social · May 14

The blue & white diamonds are the flag of Bavaria, which is very much not Berlin 😉 en.wikipedia.org/wiki/Bavaria

Bavaria - Wikipedia

en.wikipedia.org

3 2

Reposted by Freddy

Matthew Green @matthewdgreen.bsky.social · May 10

I made this diagram for a talk on encrypted messaging I recently gave, and I didn’t get to use it in the talk. I figured I’d share it here because I think it tells a story.

11 30 94

Freddy @freddyb.bsky.social · Apr 10

New blog post: With Carrots & Sticks - Can the browser handle web security? https://frederikbraun.de/madweb-keynote-2025.html - This is the blog version of my keynote from MADWeb 2025 earlier this year. It's about how web security could become the browser's responsibility.

1

Freddy @freddyb.bsky.social · Apr 2

Blog post about the road to HTTPS-First in Firefox.

Early reports show an uptick in encrypted traffic by at least 1.5% for our global users. 😎

attackanddefense.dev/2025/03/31/h...

The Evolution of HTTPS Adoption in Firefox

We at Mozilla believe that people deserve privacy and one of the most important pieces of web privacy is provided through ubiquitous encryption. Because of this, we shipped HTTPS-First by default as o...

attackanddefense.dev

2