Lightnews — Scholar-powered news

Reposted by pumpkin spice katerina 🏳️‍⚧️

Katie Tightpussy, Editor-In-Chief

@katie.bzky.team

you ever notice how trans women love strawberries?

November 15, 2025 at 2:48 AM

Reposted by pumpkin spice katerina 🏳️‍⚧️

Phil Eaton

@eatonphil.bsky.social

Turns out you can communicate across containers via 63-bits of available space in a shared lock you acquire on /proc/self/ns/time that all processes have access to.

No networking required. The post has a demo of a chat app communicating across unprivileged containers.

h4x0r.org/funreliable/

November 12, 2025 at 2:35 PM

Reposted by pumpkin spice katerina 🏳️‍⚧️

Colin Spacetwinks

@spacetwinks.bsky.social

jc denton: paul. i'm gonna have the last grapefruit seltzer.

paul denton: don't do it, jc. you haven't eaten all day and will give yourself an upset stomach.

jc: you underestimate what i'm capable of.

30 MINUTES LATER

jc: paul.

paul: what is it?

jc: my tummy hurts.

November 15, 2025 at 1:16 AM

Reposted by pumpkin spice katerina 🏳️‍⚧️

stellz

@piss.beauty

damn MTA woke and transsexual?

Prepare for the F/M Swap

YouTube video by mtainfo

www.youtube.com

November 13, 2025 at 10:20 PM

Reposted by pumpkin spice katerina 🏳️‍⚧️

CVE Alerts

@cve.skyfleet.blue

CVE-2025-64511 - MaxKB has SSRF in sandbox
CVE ID : CVE-2025-64511

Published : Nov. 13, 2025, 4:15 p.m. | 27 minutes ago

Description : MaxKB is an open-source AI assistant for enterprise. In versions prior to 2.3.1, a user can access internal network services such as dat...

CVE-2025-64511 - MaxKB has SSRF in sandbox

MaxKB is an open-source AI assistant for enterprise. In versions prior to 2.3.1, a user can access internal network services such as databases through Python code in the tool module, although the process runs in a sandbox. Version 2.3.1 fixes the issue.

cvefeed.io

November 13, 2025 at 5:43 PM

Reposted by pumpkin spice katerina 🏳️‍⚧️

Zoe Tunnell

@zoewithasword.bsky.social

November 13, 2025 at 3:47 AM

Reposted by pumpkin spice katerina 🏳️‍⚧️

mel "only death is extant" lastname

@mel.bzky.team

dont offer a 2 for the price of 1 promo if you dont want people to buy the fucking product

November 13, 2025 at 3:17 AM

Reposted by pumpkin spice katerina 🏳️‍⚧️

mel "only death is extant" lastname

@mel.bzky.team

"well if you come for our guy then democrats will go down too" bro i have the most amazing news

November 13, 2025 at 3:16 AM

Reposted by pumpkin spice katerina 🏳️‍⚧️

Penett

@penett.bsky.social

쿄코만 남았다

November 11, 2025 at 8:44 PM

Reposted by pumpkin spice katerina 🏳️‍⚧️

Yumykon ⭐

@yumykon.com

Girfailure Miku 💤
#pixelart #hatsunemiku #ドット絵

November 8, 2025 at 5:41 AM

Reposted by pumpkin spice katerina 🏳️‍⚧️

Dustrial

@dustrial.net

LS Bodysuits

November 8, 2025 at 3:08 AM

Reposted by pumpkin spice katerina 🏳️‍⚧️

Dustrial

@dustrial.net

workspace

November 7, 2025 at 4:10 AM

Reposted by pumpkin spice katerina 🏳️‍⚧️

Katra Ariello, Golden Apple Audio Narrator 🏳️‍⚧️

@katrafiy.bsky.social

November 5, 2025 at 3:26 PM

Reposted by pumpkin spice katerina 🏳️‍⚧️

leon

@leyawn.bsky.social

image of andrew cuomo at his nyc mayoral election watch party with disco elysium ui text overlay that reads:

Suggestion [Challenging: Failure] - You thought you did everything right. You had the money, the power, and the fame. Where did it all go wrong? Why couldn't those sniveling little city dwellers see that you were meant to lead them? You're now a twice certified loser from a family of winners. Your father's name is on a bridge. Your name is next to a Wikipedia entry that says "sexual harassment allegations."

November 5, 2025 at 4:50 PM

pumpkin spice katerina 🏳️‍⚧️

@autumnrain.cc

Two words:

New Woke City

November 5, 2025 at 6:55 AM

Reposted by pumpkin spice katerina 🏳️‍⚧️

Themperor Kennedy🐸🏳️‍🌈

@kennedytcooper.bsky.social

curious!

Picture of Dick Cheney with caption "claims to be pro-life"

November 4, 2025 at 12:47 PM

pumpkin spice katerina 🏳️‍⚧️

@autumnrain.cc

Jean-Baptiste Emanuel Zorg has just endorsed Andrew Cuomo

Gary Oldman as Zorg smoking a cigarette and looking into the camera

November 4, 2025 at 5:34 AM

Reposted by pumpkin spice katerina 🏳️‍⚧️

Dustrial

@dustrial.net

I worked on 100 of these patterns over the last six months. All using the same base elements as some of the Mech Designs already in the shop. I wanted to resample them into more complicated designs similar to what Lassigue Bendthaus 'Cloned' and Meat Beats 'Storm the Studio' did with audio

November 4, 2025 at 4:39 AM

pumpkin spice katerina 🏳️‍⚧️

@autumnrain.cc

screaming

Perry Areolar @perryodontal.bsky.social · 12d

the password to the louvre surveillance server was "louvre"

www.thesocialpost.it/2025/11/02/f...

according to the liberation newspaper, documents dating back to a 2014 inspection by the French National Agency for the Security of Computer Systems reported a staggering detail: "the password of the louvre's video surveillance server was simply " louvre. "

November 4, 2025 at 2:05 AM

Reposted by pumpkin spice katerina 🏳️‍⚧️

Mitt Ramune

@saskrotch.com

BRO WHAT

DEPRESSION STUDY ADVERTISEMENT ON THE BUS FEATURING SHINJI IN A CHAIR FEELING GUILTY ABOUT JERKIN IT TO A GIRL IN A COMA I THINK

November 1, 2025 at 10:23 PM

Reposted by pumpkin spice katerina 🏳️‍⚧️

CVE Alerts

@cve.skyfleet.blue

CVE-2025-34287 - Nagios XI
CVE ID : CVE-2025-34287

Published : Oct. 30, 2025, 10:15 p.m. | 1 hour, 10 minutes ago

Description : Nagios XI versions prior to 2024R2 contain an improperly owned script, process_perfdata.pl, which is executed periodically as the nagios user b...

CVE-2025-34287 - Nagios XI < 2024R2 Privilege Escalation via process_perfdata.pl

Nagios XI versions prior to 2024R2 contain an improperly owned script, process_perfdata.pl, which is executed periodically as the nagios user but owned by www-data. Because the file was writable by www-data, an attacker with web server privileges could modify its contents, leading to arbitrary code execution as the nagios user …

cvefeed.io

October 30, 2025 at 11:54 PM