Hacker Newsnew | past | comments | ask | show | jobs | submit | chillax's commentslogin

You could se if it helps with https://betterexplained.com/calculus/lesson-1/ or https://youtu.be/WUvTyaaNkzM

reply


Related: Someone Knows Bash Far Too Well, And We Love It (Ivanti EPMM Pre-Auth RCEs CVE-2026-1281 & CVE-2026-1340) https://labs.watchtowr.com/someone-knows-bash-far-too-well-a...


I think there is an easier substitution attack since there is shell expansion occuring. I will toy with it later today.


The array indexing thing is a special case in [[...]] which is otherwise more-or-less secure (no expansion occurs under typical unquoted variable access). https://news.ycombinator.com/item?id=46631811


Some are testing viability

https://www.luftfartstilsynet.no/en/about-us/news/news-2025/...


Considering the sheer number of commercial flight routes and travel demand worldwide, that actually sounds pretty promising.


According to Aikido Security the attack has now targeted 180+ packages: https://www.aikido.dev/blog/s1ngularity-nx-attackers-strike-...


Possible the UK version of this? https://vat-one-stop-shop.ec.europa.eu/index_en


Probably refering to CRA - Cyber Resilience Act

https://schjodt.com/news/the-cyber-resilience-act-enters-int...

https://digital-strategy.ec.europa.eu/en/policies/cyber-resi...

https://ec.europa.eu/commission/presscorner/detail/en/qanda_...


A better link would be the dedicated site for it, also contains introduction which describes what NHI are: https://owasp.org/www-project-non-human-identities-top-10/20...


Ok, we've changed to that from https://owasp.org/www-project-non-human-identities-top-10/. Thanks!


Here is how OWASP define it:

> Non-human identities (NHIs) are used to provide authorization to software entities such as applications, APIs, bots, and automated systems to access secured resources. Unlike human identities, NHIs are not controlled or directly owned by a human. Their identity object and authentication often work differently to human, and common human user security measures do not apply to them.

https://owasp.org/www-project-non-human-identities-top-10/20...


Sonatype response: https://www.sonatype.com/sonatypes-ongoing-commitment-to-mav...


Not Google, but there is one over at Cloudflare - https://blog.cloudflare.com/technical-breakdown-http2-rapid-...


Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: