Hackers' Pub

Hackers’ Pub

Syntax	Description	Examples
`"` keyword `"`	Finds the string within quotes, including spaces. Case-insensitive. (Escape quotes inside with `\"`)	`"Hackers' Pub"`
`from:` handle	Finds content written by the specified user.	`from:hongminhee` `from:hongminhee@hollo.social`
`lang:` ISO 639-1	Finds content written in the specified language.	`lang:en`
`#` tag	Finds content with the specified tag. Case-insensitive.	`#HackersPub`
condition condition	Finds content that satisfies both conditions on either side of the space (logical AND).	`"Hackers' Pub" lang:en`
condition `OR` condition	Finds content that satisfies at least one of the conditions on either side of the OR operator (logical OR).	`#HackersPub OR "Hackers' Pub" lang:en`
`(` condition `)`	Combines the operators within the parentheses first.	`(#HackersPub OR "Hackers' Pub" OR "Hackers Pub") lang:en`

新山祐介 (Yusuke Shinyama) @mootastic@mstdn.social

5/17/2025, 2:30:03 AM

Public

ソースコードやCIスクリプト中のドメイン名に使われている文字をよく似たUnicode文字に置き換えるサプライチェーン攻撃 (たとえば英語のgとアルメニア語のアルファベットցなど)。人間の目は当然のこと、CIもこの違いは検出できない。

https://daniel.haxx.se/blog/2025/05/16/detecting-malicious-unicode/

Detecting malicious Unicode

In a recent educational trick, curl contributor James Fuller submitted a pull-request to the project in which he suggested a larger cleanup of a set of scripts. In a later presentation, he could show us how not a single human reviewer in the team nor any CI job had spotted or remarked on one of … Continue reading Detecting malicious Unicode →

daniel.haxx.se · daniel.haxx.se

If you have a fediverse account, you can quote this note from your own instance. Search https://mstdn.social/users/mootastic/statuses/114520817894402491 on your instance and quote it. (Note that quoting is not supported in Mastodon.)