Hackers' Pub is a place for software engineers to share their knowledge and experience with each other. It's also an ActivityPub-enabled social network, so you can follow your favorite hackers in the fediverse and get their latest posts in your feed.
もっと稼いでMisskey支援したい
おそろしいほど集中力がない侍
Another #React2Shell Update: Fastly saw a 2,775% increase in attack activity across our global network between the peak we reported yesterday (Dec. 4th) and 20:00 UTC today (Dec. 5th).
⚠️ This in-the-wild evidence suggests attackers are relentlessly probing for vulnerable applications at scale. ⚠️
It is worth your time to verify, not just trust, that you have zero exposure, and then drop everything to patch.
After the POC publicly dropped around 21:04 UTC yesterday (Dec. 4th), 
@fastlydevs detected what appeared, at the time, like a sharp escalation in attack activity.
In the 24 hours since then, the number of requests triggering our NGWAF signals for React2Shell exploded by 2,775% (as shown in the graph).
🌎 Fastly's Security Research team verified that select public PoCs grant attackers the single-step ability to execute commands, exfiltrate data, and gain write access on vulnerable servers.
This means cybercriminals and nation state actors alike face an alluring ROI, which is likely to motivate them to invest in weaponizing and operationalizing this at scale.
We are sharing this intelligence not to sow fear, but to reinforce the undeniable, urgent necessity of patching at this point. We also have a few updates for our customers:
🛡️ Fastly's teams expanded our Virtual Patch for CVE-2025-55182 to detect scan/probe activity and attempts to circumvent our NGWAF protections.
🛠️ We discovered the built-in "Attack Tooling" signal in our NGWAF already detects scanners that emerged in the past 24h to probe for vulnerable apps; we suggest customers investigate any requests that triggered this signal, as it may indicate React2Shell activity.
🤖 Fortuitously, Fastly's Bot Management product flagged some react2shell attack tooling as a "Suspected Bad Bot," offering organizations another layer of defense here.
At this time, Fastly's goal is to provide our customers with breathing room to patch.
The best available fix at this time is to update your apps to the applicable patched versions. We are at the point where it is no longer "if," or possibly even "when," but "how often"?
We will continue monitoring global attack activity, investing in additional mitigations for our customers, and sharing intel with the public community.
From PyCons to local meetups, #Python events bring people together to learn and connect- a true reflection that Python is for everyone 🌍🐍
The PSF Grants Program is paused currently, but your support moves us one step closer to reopening.
💝 Donate today: https://donate.python.org/
Electronic Dice Built The Old Fashioned Way
https://hackaday.com/2025/12/06/electronic-dice-built-the-old-fashioned-way/
しゅいろちゃん
Happy caturday
兼業は脳のコンテキストスイッチが必要になるから大変そう
Use Google Chrome! って言われて悲しかった
I’m pleased to announce that Mona 7 is now available for pre-order on iPhone, iPad, and Mac, and will launch on December 16. https://getmona.app
村上パパMisskeyHQ一本にさせるのが夢
しゅいろママにスクール水着1年分プレゼントしたい(もちろnスパッツタイプです)
They said Fizz Buzz using CSS (and HTML), but what about a pure CSS version with no HTML? It's possible!
https://css-tip.com/fizz-buzz/
A fun CSS-only experiment using modern features.
Christmas Kitty 🐈 🎁🎄
#Caturday
しゅいろママの水飲み干す
有識者の意見が必要
So much for Lucy Powell's election marking a course change for Labour away from terfism. They've gone full GOP.
I wonder how many trans lives they'll manage to ruin before the next general election wipes them out.
https://mstdn.social/users/JeniParsons/statuses/115671992036614982水道水が水着に見えた、寝ます
茶碗蒸し食べるの下手くそ選手権、優勝・・・
個人的になんとなく、冬は富士山のイメージ
1、2月のどこかで暇ができたらまた走りに行こうかな
画像のドライブ整理してたら操作うけつけなくなった
しゅいろさんはぴば
という訳で人にお話すると当たらなくなると
いういわく付きの
宝くじ
ヨドバシ通販は「高還元率で偽物リスク低い」──コレが“脱Amazon”した人の本音か(1/2 ページ) - ITmedia Mobile
ヨドバシは多要素認証非対応なのと、置き配の指定が中々厳しいのと、課題が無いわけではないので結局の所使い分けが一番だと思ってる
しゅいろハウスの水道からくんだやつを渡します
しゅいろママ麦茶事件ほんとうにすき
麦茶1年分
しゅいろママには誕プレで水道水1日分をプレゼント
イッヒ
前にも書いたが、維新の大好きな「身を切る改革」がしたいならば議員定数を1割減らすのではなく、歳費を1割減らせば、節約という意味では同じことなので、そうすべきなのである。
歳費x(議員定数x0.9)は
(歳費x0.9)x議員定数と等しい。
しゅいろママには誕プレで水道水1日分をプレゼント
NIKKOR Z 400mm f/2.8 TC VR S買って
So much for Lucy Powell's election marking a course change for Labour away from terfism. They've gone full GOP.
I wonder how many trans lives they'll manage to ruin before the next general election wipes them out.
https://mstdn.social/users/JeniParsons/statuses/115671992036614982さっきはइंदिरा गांधी अंतरराष्ट्रीय हवाई अड्डाに飛ばされてしまった
わたくし!牛乳大好き!!!!!!!!!
うちの子ミケツさん
えすけだまって喋るのかしら
アニカビのワドルドゥ隊長がワドルディに話してる時みたいにワニャワニャ言いそうだけど
AI 의사 못 믿겠네…심각한 오류 4건 중 3건이 '진단 누락' n.news.naver.com/article/092/...
"최고 성능 AI는 의사보다 약 10% 더 안전했습니다. 하지만 그래도 11~12건의 사례를 다룰 때마다 1건에서는 심각한 실수를 합니다."
믿겠냐고... 언어모델은 지능/지성/전문성의 증명이 아님.
AI 의사 못 믿겠네…심각한 오류 4건 중 3건이 '진...
I'm ready for 2025 to be over but I'm not ready for it to be 2026 if you know what I mean
に魂売ってるしこれに乗り換えるのもありだなぁという気持ちにもなってる
https://x.com/riku720720/status/1997226284704014624?s=20
엠비씨 유튜브 영상 제목짓는 사람은 제대로 된 직업훈련과 교육이 필요합니다. 개인 유튜브가 사용해도 재수가 없는데 참교육을 저렇게 사용하지 맙시다.
🤣Timely!
MKBHD just reviewed a Xiaomi SU7.
Don't hear it from me. Take it from a known Tesla fan.
And in the question 'Are "we" cooked?' who is "we?" More than 99% of US citizens would benefit from cheaper EVs. And the whole planet would be less "cooked" if we accelerate phasing out fossil fuels.
https://m.youtube.com/watch?v=Mb6H7trzMfI
And in terms of "Doesn't have mind blowing features that US cars don't have..." That's true for the Xiaomi.
But BYD has a car that lets you press a button on the screen that will launch an integrated drone while you are driving. The drone will follow your car.
You're basically an aircraft carrier.
https://m.youtube.com/watch?v=AK7VwXGjGWo
Do you need a drone that will follow your car? Do you need 1,500 horsepower? Do you need 25 speakers in your car?
I'm not sure that the answer to any of these questions is yes.
But if you take these features out, you can sell EVs for under $18K. That's the magic price point for mass adoption.
@mekkaokerekemekka okereke 
Yeah, Australians have been able to buy Chinese made EVs for a few years now. Not only are they very good cars, very popular, but they've brought down the prices for electric cars overall, which has speeded up uptake.
Don't want to leave this enabled, thank you very much.
雨衣コン!2025 〜楽曲&イラストコンテスト〜
えーコンセントやってるんだ。
なお、雨衣ちゃん未開封ですね...。
まずい
もう少しでSuper New Userでなくなってしまう
Best description of my introversion
It kinda tells you everything you need to know that no one at Apple ever verbally came out in support of Alan Dye, but as soon as Steve Lemay is announced to be in charge, former and current Apple designers have verbally expressed excitement, relief, and support.
밥을 ㅅㅂ 무슨 2시간을 먹어
夕焼けススキ散歩しました
事実上の減反政策を法定化へ 農水省方針 「需要に応じた生産」推進
https://mainichi.jp/articles/20251204/k00/00m/020/419000c
あのさあ、コイツらのどこのどのへんが「保守」なん????
어둠사자
Cat 🐈🥗 (D.Burch) 
しゅいろ
Jan Lehnardt 
ぺこん
SparklingOutlaw🍉
Jeff Atwood
robb
とるねど
🕊️
