hackermondev

hi, i'm daniel. i'm a 15-year-old high school junior. in my free time, i hack billion dollar companies and build cool stuff.

3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.

I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:

Cloudflare

By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k

chamlis

2bwm-doc=0.3-r2
2bwm=0.3-r2
6tunnel-doc=0.13-r2
6tunnel=0.13-r2
7zip-doc=23.01-r0
7zip=23.01-r0
R-dev=4.4.0-r0
R-doc=4.4.0-r0
R-mathlib=4.4.0-r0
R=4.4.0-r0

tekknolagi

#!/usr/bin/env python

import multiprocessing
import random
import time


class Logger:
    def __init__(self, num_lines, last_output_per_process, terminal_lock):
        self.num_lines = num_lines

TomIsLoading

import React from "react";
import {
  FiBell,
  FiDownload,
  FiEdit,
  FiSave,
  FiSettings,
  FiUser,
} from "react-icons/fi";
import { SiAirbnb } from "react-icons/si";

hyperupcall

// I'm tired of extensions that automatically:
// - show welcome pages / walkthroughs
// - show release notes
// - send telemetry
// - recommend things
//
// This disables all of that stuff.
// If you have more config, leave a comment so I can add it!!

{

jab3z

import inspect
import logging
from functools import wraps
from typing import Callable


def log_io(log_input=False, log_output=False) -> Callable:
    """
    Logs the input/output of the decorated method.
    Must be explicitly called with input=True and/or output=True

ramkumarvenkat

Dreamland is a new age AI+metaverse company and has a concept of games, where every user can play these games with AI agents and win DREAM tokens multiple times a day. A user can win upto 5 DREAM tokens on a single day.

DREAM tokens are a virtual currency and have a real monetary value. At the end of every hour, the tokens won by the user are converted to USD by calling a third-party API that provides the rate (for the assignment, we can hardcode to 15 cents per token).

Every time a user is issued a token and it gets converted to USD, there will be fees which we need to keep track of (the user will not bear the fees, but Dreamland will)

In the backend, there are double-entry accounting ledgers that keep track of a user's tokens, the current USD value and the fees.

Imagine you are building APIs for Dreamland:

huytd

How to use:

./wordle.sh

Or try the unlimit mode:

sindresorhus

Pure ESM package

The package that linked you here is now pure ESM. It cannot be require()'d from CommonJS.

This means you have the following choices:

1. Use ESM yourself. (preferred)
   Use import foo from 'foo' instead of const foo = require('foo') to import the package. You also need to put "type": "module" in your package.json and more. Follow the below guide.
2. If the package is used in an async context, you could use await import(…) from CommonJS instead of require(…).
3. Stay on the existing version of the package until you can move to ESM.

geek-at

#!/bin/bash

while :; do

    verf=$(cat /dev/urandom | tr -dc '0-9' | fold -w 8 | head -n 1)
    pin=$(cat /dev/urandom | tr -dc '0-9' | fold -w 5 | head -n 1)

    ip=$(printf "%d.%d.%d.%d\n" "$((RANDOM % 256))" "$((RANDOM % 256))" "$((RANDOM % 256))" "$((RANDOM % 256))")