惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
The Last Watchdog
The Last Watchdog
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
T
Troy Hunt's Blog
L
LINUX DO - 最新话题
C
Check Point Blog
T
Threat Research - Cisco Blogs
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
罗磊的独立博客
V
Vulnerabilities – Threatpost
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
J
Java Code Geeks
Apple Machine Learning Research
Apple Machine Learning Research
大猫的无限游戏
大猫的无限游戏
S
Security @ Cisco Blogs
IT之家
IT之家
T
The Exploit Database - CXSecurity.com
The GitHub Blog
The GitHub Blog
D
Docker
Engineering at Meta
Engineering at Meta
AWS News Blog
AWS News Blog
S
Security Affairs
U
Unit 42
P
Palo Alto Networks Blog
V
Visual Studio Blog
Y
Y Combinator Blog
D
DataBreaches.Net
Forbes - Security
Forbes - Security
阮一峰的网络日志
阮一峰的网络日志
美团技术团队
Security Latest
Security Latest
aimingoo的专栏
aimingoo的专栏
Simon Willison's Weblog
Simon Willison's Weblog
A
Arctic Wolf
博客园_首页
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
H
Hacker News: Front Page
博客园 - 司徒正美
博客园 - Franky
宝玉的分享
宝玉的分享
TaoSecurity Blog
TaoSecurity Blog
Latest news
Latest news
Scott Helme
Scott Helme
MongoDB | Blog
MongoDB | Blog
量子位
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
C
Cisco Blogs
P
Privacy International News Feed
Application and Cybersecurity Blog
Application and Cybersecurity Blog

Bboysoul's Blog

聊聊 -XX:MaxRAMPercentage=75% 20260715的胡言乱语 Random Thoughts - 20260715 20260714的胡言乱语 Random Thoughts - 20260714 20260708的胡言乱语 Random Thoughts - 20260702 20260702的胡言乱语 20260622的胡言乱语 Random Thoughts - 20260622 20260616的胡言乱语 Random Thoughts - 20260616 20260605的胡言乱语 Random Thoughts - 20260605 About My Car 关于我的车 Bought a Quote/0 买了Quote/0 20260520的胡言乱语 20260519的胡言乱语 20260509的胡言乱语 20260403的胡言乱语 20260327的胡言乱语 20260317的胡言乱语 Vibe Coding with GitHub Copilot 使用GitHub-Copilot进行Vibe-Coding 20260316的胡言乱语 20260313的胡言乱语 I Bought an iPhone 17 买了一个iPhone17 20260205的胡言乱语 Random Thoughts - 20260205 20260129的胡言乱语 Random Thoughts - 20260129 20260120的胡言乱语 Random Thoughts - 20260120 How I Learn 我是怎么学习的 20260114的胡言乱语 Random Thoughts - 20260114 20260109的胡言乱语 20260528的胡言乱语 Random Thoughts - 20260528
Random Thoughts - 20260708
2026-07-08 · via Bboysoul's Blog

Introduction

Welcome to follow my channel, where I occasionally share random messages

https://t.me/bboyapp

Or follow me on Twitter

https://twitter.com/bboysoulcn

  1. A backdoor in a LinkedIn job offer

A recruiter on LinkedIn sent a GitHub repo for “code review,” but the npm prepare script hid a backdoor that executed remote code on npm install. The author used a read-only AI agent to spot the payload hidden in a test file within seconds, and discovered both the recruiter’s identity and the GitHub contributor’s identity were stolen from real people.

https://roman.pt/posts/linkedin-backdoor/

  1. I Stored a Website in a Favicon

The author encoded an entire HTML page byte-by-byte into the RGB pixels of a PNG favicon. The result: a 9×9 pixel icon carrying a full website, decoded at runtime by reading the favicon’s pixels via the Canvas API — a creative exploration of storage boundaries disguised as a browser icon.

https://www.timwehrle.de/blog/i-stored-a-website-in-a-favicon/

  1. TownSquare

TownSquare is an open-source tool that adds a shared presence layer to any website with a single <script> tag. Visitors can see each other, move around, and chat — no accounts, no algorithms. It has 275 registered sites and over 330,000 messages exchanged.

https://townsquare.cauenapier.com/

  1. .gitignore Isn’t the Only Way To Ignore Files in Git

Git offers three levels of file ignoring: .gitignore (shared, checked in), .git/info/exclude (per-repo, local-only), and ~/.config/git/ignore (global, machine-wide). The post also demonstrates using git check-ignore -v to trace which rule is responsible for ignoring a specific file.

https://nelson.cloud/.gitignore-isnt-the-only-way-to-ignore-files-in-git/

  1. Nginx as a Reverse Proxy

A comprehensive guide to using Nginx as a reverse proxy, covering server/location blocks, the proxy_pass trailing slash pitfall, real client IP header forwarding, WebSocket upgrades, buffering and timeout tuning, HTTP/2, rate limiting, and a production-ready configuration example.

https://sanyamserver.online/posts/nginx-reverse-proxy/

  1. I build a 10 inch mini rack from aluminium extrusions

A detailed build log of a 10-inch mini rack made from 20mm aluminium extrusions and custom-cut aluminium sheets, housing six 1L mini PCs with dual-network (1G + 2.5G) connectivity, cooling, and power distribution — all at a total cost of approximately €313.

https://louwrentius.com/i-build-a-10-inch-mini-rack-from-aluminium-extrusions.html

  1. What happened after 2,000 people tried to hack my AI assistant

The author opened his AI assistant Fiu to the public for a prompt injection challenge. Over 6,000 emails and 2,000+ attackers later, the secrets file was never leaked and no unauthorized replies were sent. Claude Opus 4.6 with a few lines of security rules proved remarkably resilient against social engineering and injection attacks.

https://www.fernandoi.cl/posts/hackmyclaw/

  1. dnspick

dnspick is a cross-platform DNS benchmarking CLI tool written in Go that concurrently tests DNS servers over UDP, DoT, DoH, and DoH3, then scores them by average latency and success rate to recommend the optimal DNS for your network.

https://github.com/palemoky/dnspick

  1. Choosing a Public DNS Resolver: Compare 30 Global Services

An interactive comparison guide covering 30 global public DNS resolvers including AdGuard, Cloudflare, Quad9, and NextDNS. Filter and rank by privacy policy, encrypted transport (DoH/DoT/DoQ), filtering features (ads/malware/adult content), jurisdiction, and operator type.

https://evilbit.de/dns-resolver-guide.html

  1. You Can Detect if Code Is Being Run Inside a Terminal

Demonstrates how to detect terminal execution using sys.stdout.isatty() in Python, process.stdout.isTTY in Node.js, $stdout.tty? in Ruby, and [ -t 1 ] in Bash — and explains why this is the mechanism behind color output being suppressed in CI/CD pipelines.

https://nelson.cloud/you-can-detect-if-code-is-being-run-inside-a-terminal/

Feel free to follow my blog at www.bboy.app

Have Fun


Tags: