Brash: Chromium Browser DoS Attack via document.title Exploitation

Brash is a critical vulnerability in Blink, the rendering engine that powers Google's Chromium-based browsers. It allows any Chromium browser to collapse in 15-60 seconds by exploiting an architectural flaw in how certain DOM operations are managed.

😬 https://brash.run

#chromium #webbrowser #dosattack #blink #attack #dos #websecurity #brash #web #poc #documenttitle #websecurity #itsec #itsecurity #browser #google

»Crash, Boom, Bang—Offene Sicherheitslücke lässt fast alle aktuellen Browser abstürzen:
Das Problem betrifft sämtliche Chromium-basierten Browser und zeigt damit, wie weit die Monokultur in diesem Bereich vorangeschritten ist«

Vorher hatte ich oben den original Link getootet. Hier noch ein deutscher Artikel erklärend darüber.

😬 https://www.derstandard.at/story/3000000294355/offene-sicherheitsluecke-laesst-fast-alle-aktuellen-browser-abstuerzen

#chromium #webbrowser #dosattack #blink #attack #dos #websecurity #brash #web #poc #documenttitle #websecurity #itsec #browser #google #chrome

Brash: Chromium Browser DoS Attack via document.title Exploitation

Brash is a critical vulnerability in Blink, the rendering engine that powers Google's Chromium-based browsers. It allows any Chromium browser to collapse in 15-60 seconds by exploiting an architectural flaw in how certain DOM operations are managed.

😬 https://brash.run

#chromium #webbrowser #dosattack #blink #attack #dos #websecurity #brash #web #poc #documenttitle #websecurity #itsec #itsecurity #browser #google

“GlassWorm isn't just another supply chain attack. It's using stealth techniques we've never seen before - invisible Unicode characters that make malicious code literally disappear from code editors. Combine that with blockchain-based C2 infra that can't be taken down, Google Calendar as a backup command server, and a full remote access trojan that turns every infected dev into a criminal proxy node.”

#technology #attack #security #cybersecurity #malware #vscode

https://www.koi.ai/blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace

“GlassWorm isn't just another supply chain attack. It's using stealth techniques we've never seen before - invisible Unicode characters that make malicious code literally disappear from code editors. Combine that with blockchain-based C2 infra that can't be taken down, Google Calendar as a backup command server, and a full remote access trojan that turns every infected dev into a criminal proxy node.”

#technology #attack #security #cybersecurity #malware #vscode

https://www.koi.ai/blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace

Where The Wild Things Are: Brute-Force SSH Attacks In The Wild And How To Stop Them

This document was shared here by @ricci I've not gotten to study the document in detail. JUst saw it again in my download dir of my now defunct miniPC by gigabyte

Of course I will link you to his page so you can download the paper yourself. THe research covers 4 years and 500+ (512?) servers

Go to his post here read and learn.
You can learn a LOT from this research

#ssh#BFA #brute #force #attack #stop #cyberattack

https://discuss.systems/@ricci/112247553557306560

Where The Wild Things Are: Brute-Force SSH Attacks In The Wild And How To Stop Them

This document was shared here by @ricci I've not gotten to study the document in detail. JUst saw it again in my download dir of my now defunct miniPC by gigabyte

Of course I will link you to his page so you can download the paper yourself. THe research covers 4 years and 500+ (512?) servers

Go to his post here read and learn.
You can learn a LOT from this research

#ssh#BFA #brute #force #attack #stop #cyberattack

https://discuss.systems/@ricci/112247553557306560

North Shore Counter-Info: McElhanney trucks burned in Smithers, BC

https://north-shore.info/2025/08/27/mcelhanney-trucks-burned-in-smithers-bc/

From BC COUNTER INFO On August 10th at around 4am two trucks belonging to McElhanney were burned in Smithers, BC. McElhanney provides consulting services to the PRGT project. You can read more about their involvement in Against Extractivism: PRGT and its Actor and Arson attack in Terrace BC

#NewsandAnalysis#Attack#BC#PRGT

Puget Sound Anarchists: McElhanney trucks burned in Smithers (BC)

https://pugetsoundanarchists.org/mcelhanney-trucks-burned-in-smithers-bc/

originally posted on BC Counter InfoOn August 10th at around 4am two trucks belonging to McElhanney were burned in Smithers, BC. McElhanney provides…

#Action#Attack#Ecodefense #PipelineResistance#Arson#BC#Canada#Ecosabotage

Puget Sound Anarchists: Flame and Stone Against ICE (Yakima)

https://pugetsoundanarchists.org/flame-and-stone-against-ice-yakima/

submitted anonymously In the chaos of a fire, a rock found its way into the window of an U.S. Immigration and Customs Enforcement…

#Action#Attack#Immigration#ICE#Washington#Yakima

Philly Anti-Capitalist: Anti-Border Demonstration Report

https://phlanticap.noblogs.org/anti-border-demonstration-report/

Submission On the night of July 22 autonomous actors gathered in Center City to express their rage against borders. They took the streets. They marched for many blocks. Then they dispersed. Propaganda was distributed, trash got thrown onto the floor, some walls got themselves painted, and a police cruiser got itself vandalized. No arrests were…

#Attack#Demo

Philly Anti-Capitalist: poster/pasteup: butlerian jihad against ai

https://phlanticap.noblogs.org/poster-pasteup-butlerian-jihad-against-ai/

Submission [PDF]

#Attack#Media#Technology

Puget Sound Anarchists: Arson against drone manufacturer, Boeing subsidiary

https://pugetsoundanarchists.org/arson-against-drone-manufacturer-boeing-subsidiary/

submitted anonymouslyIn the early morning hours of July 23rd, an Insitu van was set ablaze while it sat in an empty lot across…

#Attack#Uncategorized#Action#Arson#Boeing#Borders#Drones#Hoodriver#Palestine#Surveillance

Philly Anti-Capitalist: Cameras Painted in Malcolm X Park

https://phlanticap.noblogs.org/cameras-painted-in-malcolm-x-park/

Submission Coasting off our excitement about autonomous self-organization, on the night of July 22nd we painted over all four cameras at Malcolm X Park. We want the park to stay the kind of place where people can meet and hang out without being surveilled, that’s why we took the game of Camover there. We’re holding…

#Attack#Immigration#Police#Technology

Attention server admins! Yesterday I've read a post by @simon_brooke how nasty AI scraper bots are attacking his self-hosted @forgejo instance. Soon after I'm seeing unusual, periodic traffic spikes on mine and again - dominated by OpenAI, but some other freeloaders too:

20.171.207.41 GPTBot/1.2

85.208.96.211 SemrushBot/7~bl

54.36.148.64 AhrefsBot/7.0

114.119.139.53 PetalBot

With GPTBot and SemrushBot attacking hardest

They've been hammering my little server periodically today as well, slowing down my instance dramatically as if I was experiencing malicious DDoS attack Well, in a sense it is one

Watch out - it seems corporate AI techbros learned to scrape content and starts doing it on a massive scale Remember when @Codeberg was (and repeatedly is) hit?

For now blocked IP ranges and User-Agent combinations, not sure for how long that will be enough

Please boost for visibility and be prepared!

#forgejo #developerlife #coding #attack #techbros #aislop #openai #bots #ddos

Attention server admins! Yesterday I've read a post by @simon_brooke how nasty AI scraper bots are attacking his self-hosted @forgejo instance. Soon after I'm seeing unusual, periodic traffic spikes on mine and again - dominated by OpenAI, but some other freeloaders too:

20.171.207.41 GPTBot/1.2

85.208.96.211 SemrushBot/7~bl

54.36.148.64 AhrefsBot/7.0

114.119.139.53 PetalBot

With GPTBot and SemrushBot attacking hardest

They've been hammering my little server periodically today as well, slowing down my instance dramatically as if I was experiencing malicious DDoS attack Well, in a sense it is one

Watch out - it seems corporate AI techbros learned to scrape content and starts doing it on a massive scale Remember when @Codeberg was (and repeatedly is) hit?

For now blocked IP ranges and User-Agent combinations, not sure for how long that will be enough

Please boost for visibility and be prepared!

#forgejo #developerlife #coding #attack #techbros #aislop #openai #bots #ddos