RE: https://infosec.exchange/@wr/116027230398223842

Down the rabbit hole… https://github.com/Smerity/bitflipped
I’ll definitely give it a try next time I travel by plane.
#space #electronics

RE: https://infosec.exchange/@isotopp/116018308301580721

Insightful thread on running electronics in space. Spoiler alert, GPUs do not work up there. Dear journalists, please read this 7 times before relaying information about datacentres in orbit.
#space

RE: https://mastodon.social/@pinkflawd/116012947707463493

Also this training will be supported by Luxembourg House of Cybersecurity, anyone attending may eligible for travel and hotel financial support! Please reach out to us on info@bsides.lu.

@circl

Folks, we're proud to announce that Corelight has chosen to sponsor
#BSidesLuxembourg2026 and they're our SILVER sponsor!!

We are proud to have a company, supporting us through the years!

Go community! Thanks to Corelight, you are amazing!

Save the date! @blackhoodie is coming to Luxembourg! On May 6th we're partnering with #BSidesLuxembourg for a day of binary fun and joy 🥳🥳🥳

Folks, we're proud to announce that Sysdig again has chosen to sponsor
#BSidesLuxembourg2026 as a gold sponsor!!

Sysdig delivers real-time threat detection across workloads, identities, cloud services, and third-party apps by combining drift control, machine learning, and Falco rules curated by the Sysdig Threat Research Team.

If you'd like to have a nice 🤦-y day like me, go ahead, search your internal code repository for the following:

curl -k
wget --no-check-certificate
verify=false
InsecureSkipVerify: true
ssl_verify_mode: 0
TrustSelfSignedStrategy
rejectUnauthorized: false
strict-ssl = false
http.sslVerify = false
--no-verify-ssl
--insecure*
verify_hostname: 0

It'll be great.

@jschauma may I add setDisableCNCheck(true) ?

Well, well, well, looks like it's #OpenBSD story time again!

All you've ever wanted to know about BSD on Silicon Graphics systems (and a bit of Linux, too), without daring to ask. As this is a very long story, it will span six installments, with a new part released every wednesday.

http://miod.online.fr/software/openbsd/stories/sgi.html

Folks, we're proud to announce that SOC Prime has chosen to sponsor #BSidesLuxembourg2026 and they're our first ever PLATINUM sponsor!!

We are proud to have an Ukrainian multinational company with us!

Go community! Thanks to SOC Prime!

We are glad to announce Vulnerability-Lookup 3.0.0. Our second release of 2026 is a major milestone, featuring GCVE-BCP-07 support.Now, every Vulnerability-Lookup instance can publish its own KEV catalog while integrating KEV feeds from CISA and ENISA.

Let’s take a look at all the notable changes.

What's New

GCVE-BCP-07: Known Exploited Vulnerabilities (KEV) Catalogs Integration

This release implements support for GCVE-BCP-07, enabling seamless integration with multiple Known Exploited Vulnerabilities (KEV) catalogs from different Global Numbering Authorities (GNAs).PR #310

Out of the box, any Vulnerability-Lookup instance can publish its own GCVE-BCP-07–compliant KEV catalog and consume KEV catalogs from ENISA and CISA.Conversion and synchronization are performed using the following tool:https://github.com/gcve-eu/gcve-eu-kev

A huge thank you to CISA and ENISA for their continuous work and for making KEV data available. Their catalogs are key building blocks for effective vulnerability prioritization, and it’s great to see them fit naturally into a GCVE-aligned workflow.

New and updated tools

• CISA KEV and ENISA CNW EUVD to GCVE-BCP-07 Converter: https://github.com/gcve-eu/gcve-eu-kev

  $ gcve-from-cisa --push$ gcve-from-enisa --push

• BCP Validator: https://github.com/gcve-eu/bcp-validator

  $ python gcve_bcp05_validate.py --url https://vulnerability.circl.lu/api/vulnerability?source=gna-1OK: https://vulnerability.circl.lu/api/vulnerability/recent?source=gna-1

• GCVE Python client: https://github.com/gcve-eu/gcve

  $ gcve references --list{ "kev": [ { "uuid": "405284c2-e461-4670-8979-7fd2c9755a60", "short_name": "CISA KEV", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "automation_url": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json", "description": "For the benefit of the cybersecurity community and network defenders\u2014and to help every organization better manage vulnerabilities and keep pace with threat activity\u2014CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework." }, { "uuid": "1a89b78e-f703-45f3-bb86-59eb712668bd", "short_name": "CIRCL", "gcve_gna_id": 1, "description": "CIRCL provides a known-exploited vulnerability and supporting the different status_reason described in GCVE BCP-07." }, { "uuid": "cce329bf-df49-4c6e-a027-80be2e6483bd", "short_name": "EUVD KEV", "gcve_gna_id": 2, "automation_url": "https://github.com/enisaeu/CNW/raw/refs/heads/main/kev.csv", "description": "ENISA via the CSIRTs network provides list of known-exploited seen in the CSIRTs network." } ]}

New Vulnerability Sources

• new: [feeders] OSV importer for Drupal security advisories. Imports vulnerabilities from the Drupal security team's OSV feed.14177ab

• new: [feeders] OSV importer for CleanStart security advisories. Imports vulnerabilities from CleanStart's OSV feed.14177ab

• new: [feeders] Bitnami Vulnerability Database importer. Imports vulnerabilities from Bitnami's OSV-formatted vulnerability database, covering their application catalog.165e99d

Changes

• chg: [gcve] Updated GCVE Python client with improved type hints and bug fixes.78dbfc15ddf74d

• chg: [gcve] KEV catalog menu now handles production instances that have their own GNA ID. When a local instance (e.g., CIRCL - GNA-1) exists in the GCVE KEV catalog list, it's marked as local without creating duplicates.2bba2d8

• chg: [api] Extended x_gcve injection to all vulnerability list endpoints: VulnerabilitiesList, Recent, Last, and LastLegacy. This ensures consistent GCVE integration across all API endpoints.227da00

• Various graphical improvements.

Fixes

• fix: [gcve] Resolved circular import in gcve_utils module.e7aa364

• 'Ghost CVEs' toggle is wonky#303

• Fix CVSS 4.0 parsing crash in web filters#304

• Fix blacklist bypass vulnerability in username validation#314

• Support YYYYMMDD date format in API since parameter#315

Changelog

For the full list of changes, check the GitHub release: v3.0.0 Release Notes

Thank you to all our contributors and testers!

---

Feedback and Support

If you encounter any issues or have suggestions, please open a ticket on our GitHub repository: GitHub Issues

Follow Us on the Fediverse

Stay updated on security advisories in real-time by following us on Mastodon: @vulnerability_lookup

Hey #fosdem followers! @BSidesLuxembourg CFP is still open for a whole month! https://pretalx.com/bsidesluxembourg-2026/cfp
Early bird tickets for attendees are also still on sale https://pretix.eu/BSidesLux/2026/
#bsides #bsidesluxembourg2026

TIL:

$ git init --object-format=sha256

#ForgeJo supports SHA-256 as does #git proper, but a lot of the infra doesn't, e.g. #github

SHA-256 support has been in #git since 2020

@elricofmelnibone some have been creative in the past :) https://blog.mozilla.org/press/2004/12/mozilla-foundation-places-two-page-advocacy-ad-in-the-new-york-times/

@madewulf being on the orga side for @BSidesLuxembourg, I know this is time consuming and requires you to be "persistent". But for something as impactful and long lasting as the FOSDEM, I would have expected media coverage of this event to gain some momentum over the years

@elricofmelnibone you're right, actually, the crowd is the reason why I've not been on site for nearly 20 years.
My point is that general public needs to hear that FOSS is not the side show it was before. Free and Open Source Software is the main stage now and for long.

History repeats itself... not a single pre-event mention of #FOSDEM 2026 in the Belgian mainstream media.
Wake-up Belgium! You're hosting the largest Free Software and OpenSource related conference in the f#####g World!

If you're a fan of BSides and 3 days of #Infosec #CyberSecurity content for 30 euros, please send the early bird ticket link to everyone you know who might want to go: https://pretix.eu/BSidesLux/2026/

Or boost/share this post. #BSides #BSidesLuxembourg2026

@bagder we would be happy to reserve a room for you during @BSidesLuxembourg May 6-8

Its unbelievably exciting to us and we hope it will be for you as well!

The FIRST round of acceptance emails are going out for talks, workshops and villages!

We'll also open the ticket sales any day now!