Reposted by Luca Bertozzi
There's no functor like Hom
September 2, 2025 at 10:14 AM
There's no functor like Hom
Update for the blue sky world. In the time passed since my last Skeets I have:
- Found a job as a #C++ developer. The codebase is dogshit but me and another colleague are trying to improve it bit by bit
- Haven't done much cyber security related
- Started learning #Haskell and having a lot of fun
- Found a job as a #C++ developer. The codebase is dogshit but me and another colleague are trying to improve it bit by bit
- Haven't done much cyber security related
- Started learning #Haskell and having a lot of fun
September 2, 2025 at 5:56 PM
Reposted by Luca Bertozzi
(please re-post for reach - thank you!)
Learned a cool new Linux trick? Know an interesting quirk in a network protocol? Or have something else to share?
Write a 1-page article for the #6 issue of Paged Out! :)
pagedout.institute?page=cfp.php
Soft deadline is Feb 1st.
Learned a cool new Linux trick? Know an interesting quirk in a network protocol? Or have something else to share?
Write a 1-page article for the #6 issue of Paged Out! :)
pagedout.institute?page=cfp.php
Soft deadline is Feb 1st.
January 7, 2025 at 7:41 AM
(please re-post for reach - thank you!)
Learned a cool new Linux trick? Know an interesting quirk in a network protocol? Or have something else to share?
Write a 1-page article for the #6 issue of Paged Out! :)
pagedout.institute?page=cfp.php
Soft deadline is Feb 1st.
Learned a cool new Linux trick? Know an interesting quirk in a network protocol? Or have something else to share?
Write a 1-page article for the #6 issue of Paged Out! :)
pagedout.institute?page=cfp.php
Soft deadline is Feb 1st.
You go all the way to infect a popular npm package and then deploy xmrig
#Rspack: a popular alternative to webpack - a JavaScript bundler written in Rust - #npm package with 300,000+ downloads/week version 1.1.7 compromised with attackers injecting cryptocurrency mining malware:
#SoftwareSupplyChainSecurity
👇
thehackernews.com/2024/12/rspa...
#SoftwareSupplyChainSecurity
👇
thehackernews.com/2024/12/rspa...
Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack
Compromised Rspack npm packages exposed 445,000 users weekly to IP tracking and XMRig malware.
thehackernews.com
December 20, 2024 at 1:35 PM
You go all the way to infect a popular npm package and then deploy xmrig
Reposted by Luca Bertozzi
#Rspack: a popular alternative to webpack - a JavaScript bundler written in Rust - #npm package with 300,000+ downloads/week version 1.1.7 compromised with attackers injecting cryptocurrency mining malware:
#SoftwareSupplyChainSecurity
👇
thehackernews.com/2024/12/rspa...
#SoftwareSupplyChainSecurity
👇
thehackernews.com/2024/12/rspa...
Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack
Compromised Rspack npm packages exposed 445,000 users weekly to IP tracking and XMRig malware.
thehackernews.com
December 20, 2024 at 11:01 AM
#Rspack: a popular alternative to webpack - a JavaScript bundler written in Rust - #npm package with 300,000+ downloads/week version 1.1.7 compromised with attackers injecting cryptocurrency mining malware:
#SoftwareSupplyChainSecurity
👇
thehackernews.com/2024/12/rspa...
#SoftwareSupplyChainSecurity
👇
thehackernews.com/2024/12/rspa...
my blog now has a dark mode so at night you dont hurt your eyes anymore
December 5, 2024 at 1:17 PM
my blog now has a dark mode so at night you dont hurt your eyes anymore
found that 44 percent of the top 100 most-followed accounts on Bluesky had at least one “doppelganger,”
That isn't how statistics works, you don't take 100 accounts and see that 44 of them follow some property and then say 44 percent
That isn't how statistics works, you don't take 100 accounts and see that 44 of them follow some property and then say 44 percent
November 30, 2024 at 2:41 PM
found that 44 percent of the top 100 most-followed accounts on Bluesky had at least one “doppelganger,”
That isn't how statistics works, you don't take 100 accounts and see that 44 of them follow some property and then say 44 percent
That isn't how statistics works, you don't take 100 accounts and see that 44 of them follow some property and then say 44 percent
Reposted by Luca Bertozzi
My latest blog post is live! nastystereo.com/security/cro...
Read how to send a cross-site POST without including a Content-Type header (without CORS). It even works with navigator.sendBeacon
Read how to send a cross-site POST without including a Content-Type header (without CORS). It even works with navigator.sendBeacon
November 27, 2024 at 9:10 AM
My latest blog post is live! nastystereo.com/security/cro...
Read how to send a cross-site POST without including a Content-Type header (without CORS). It even works with navigator.sendBeacon
Read how to send a cross-site POST without including a Content-Type header (without CORS). It even works with navigator.sendBeacon
i added a skeet button to my blog to allow people to easily share content on Bluesky. See it for example here lucabtz.com/blog/pwning-...
Pwning the Chip8 Emulator with Blind Format Strings
Continuation of the previous post. I use the built arbitrary call primitive using some blind format string exploitation techniques to achieve RCE.
lucabtz.com
November 28, 2024 at 9:59 AM
i added a skeet button to my blog to allow people to easily share content on Bluesky. See it for example here lucabtz.com/blog/pwning-...
Someone needs to make an app to make it easy to follow people you follow on X also on bluesky. Or if it exists already I would like to know the name
November 27, 2024 at 12:56 PM
Someone needs to make an app to make it easy to follow people you follow on X also on bluesky. Or if it exists already I would like to know the name
turns out BlueSky is pretty good: it is similar to what Twitter used to be before becoming X.
X sadly became a MAGA place, my For You page is unusable, filled with posts of Musk and other MAGA accounts which I don't care to read.
X sadly became a MAGA place, my For You page is unusable, filled with posts of Musk and other MAGA accounts which I don't care to read.
November 24, 2024 at 6:00 AM
turns out BlueSky is pretty good: it is similar to what Twitter used to be before becoming X.
X sadly became a MAGA place, my For You page is unusable, filled with posts of Musk and other MAGA accounts which I don't care to read.
X sadly became a MAGA place, my For You page is unusable, filled with posts of Musk and other MAGA accounts which I don't care to read.
I wish my mutuals and the accounts I follow there would move here
finally a reasonable take
November 24, 2024 at 5:55 AM
I wish my mutuals and the accounts I follow there would move here
Reposted by Luca Bertozzi
finally a reasonable take
November 23, 2024 at 6:50 PM
finally a reasonable take
Reposted by Luca Bertozzi
Optimist: the cup is half full
Pessimist: The cup is half empty
Topologist: the cup is a donut
Pessimist: The cup is half empty
Topologist: the cup is a donut
Optimist: The cup is half full
Pessimist: The cup is half empty
Physics professor: The only way to know for sure is to kill a cat
Pessimist: The cup is half empty
Physics professor: The only way to know for sure is to kill a cat
Optimist: The cup is half full
Pessimist: The cup is half empty
Criminal law professor: The liquid contains contraband and the cup is facing a minimum of 5 years in prison
Pessimist: The cup is half empty
Criminal law professor: The liquid contains contraband and the cup is facing a minimum of 5 years in prison
November 23, 2024 at 8:49 PM
Optimist: the cup is half full
Pessimist: The cup is half empty
Topologist: the cup is a donut
Pessimist: The cup is half empty
Topologist: the cup is a donut
Why on earth did I decide to attempt a pwnable.tw challenge with only 29 solves. Been reversing for a while and cant really see the bug. Various parts of the code look fishy, but then they also seem safe
Pwnable.tw
Pwnable.tw is a wargame site for hackers to test and expand their exploiting skills.
pwnable.tw
November 23, 2024 at 5:30 AM
Why on earth did I decide to attempt a pwnable.tw challenge with only 29 solves. Been reversing for a while and cant really see the bug. Various parts of the code look fishy, but then they also seem safe
Hello I'm new to Blue Sky, I'm a theoretical physics master who is switching to cyber security because I've always been passionate about computers. I blog monthly here lucabtz.com about any projects I'm onto.
Looking to connect with some people to make my feed more interesting.
Looking to connect with some people to make my feed more interesting.
Home
Join me, Luca Bertozzi, a Theoretical Physics graduate turned cybersecurity enthusiast, as I explore cybersecurity topics and occasionally delve into Computer Science and Physics.
lucabtz.com
November 23, 2024 at 2:10 AM
Hello I'm new to Blue Sky, I'm a theoretical physics master who is switching to cyber security because I've always been passionate about computers. I blog monthly here lucabtz.com about any projects I'm onto.
Looking to connect with some people to make my feed more interesting.
Looking to connect with some people to make my feed more interesting.