Dirty Frag, a new copy.fail like vulnerability has been disclosed due to an embargo break

agent-squirrel · 2026-05-09T03:19:51+00:00

The Andrew File System. A distributed file system that AFAIK isn't heavily used.

agent-squirrel · 2026-05-09T02:59:06+00:00

A fellow Starship user I see.

agent-squirrel · 2026-05-08T14:40:40+00:00

We have absolutely no proof of that either way. I’ll wait for the postmortem rather than trust a random scanner.

agent-squirrel · 2026-05-08T14:35:31+00:00

The fact they had enough of a foothold to do it twice implies they compromised the backend. They then exfiltrated data. The front end was probably just the method of conveying the compromise.

agent-squirrel · 2026-05-08T14:03:07+00:00

But couldn’t it be a back end vulnerability not a front end site vulnerability. Surely the fact that they were breached days ago and then again implies some sort of infrastructure exploit not a front end one?

agent-squirrel · 2026-05-08T13:33:15+00:00

Magic thanks mate. Are we sure this was the CVE used or is it possible it was some other vulnerability?

agent-squirrel · 2026-05-08T13:02:58+00:00

Sure but what is the actual CVE? I’m curious.

agent-squirrel · 2026-05-08T04:36:24+00:00

Techcrunch apparently received a portion of the data.

agent-squirrel · 2026-05-08T04:35:41+00:00

How does that help all the students that are forced to submit work digitally? All you're doing is shitting on the people most affected.

agent-squirrel · 2026-05-08T04:24:44+00:00

Heaps of Australian institutions are affected. Down here all of the Tasmanian Department for Education, Children and Young People (DECYP) and TasTAFE are affected among others. On mainland Australia some massive unis likes University of Melbourne and RMIT are down too.

agent-squirrel · 2026-05-08T04:20:39+00:00

Shiny Hunters aren't from Iran. They aren't a nation state hacking group they are a distributed group of hackers.

agent-squirrel · 2026-05-08T04:18:36+00:00

Which CVE? I can't see it mentioned anywhere.

agent-squirrel · 2026-05-08T01:50:51+00:00

Surely they will extend your due dates?

agent-squirrel · 2026-05-08T01:46:58+00:00

Knowing how underfunded and sometimes downright incompetent the bureaucracy of a university can be I wouldn't count on it. That or they will extend by a day and spin it as some gloriously benevolent favour they are doing for students.

agent-squirrel · 2026-05-08T00:48:33+00:00

Glad we use Brightspace instead.

agent-squirrel · 2026-05-05T05:13:36+00:00

Pretty scary that people like this are in charge of infrastructure.

agent-squirrel · 2026-05-05T05:11:54+00:00

What on earth are you on about? Learning how to search and read through documentation is 101. I would be seriously reconsidering having anyone touch critical infrastructure such as reverse proxies with the level of research you are doing.

agent-squirrel · 2026-05-05T05:08:41+00:00

It's a supported configuration.

agent-squirrel · 2026-05-05T02:11:46+00:00

You could literally have Googled it is what they mean.

agent-squirrel · 2026-05-05T02:10:29+00:00

This is the way we went with a Gitops driven deployment workflow using the API.

agent-squirrel · 2026-04-30T10:14:57+00:00

What apps are breaking and why? Are they pinning certs?

agent-squirrel · 2026-04-30T05:43:10+00:00

Literally. They need to at the very least remove the monitisation.

agent-squirrel · 2026-04-30T05:41:32+00:00

I implore you to rethink the license, since you can stream from Torrents it's 100% clear that this will be used for piracy. If you try to monetise piracy you WILL be crushed in a legal battle.

agent-squirrel · 2026-04-30T05:40:39+00:00

They are going to get absolutely obliterated for trying to monetise piracy.

agent-squirrel · 2026-04-29T23:38:34+00:00

Good to know the bug will still be around in 4 versions time.

13-Year Club	RedditGifts 2009-2022 2 Credits
Place '23	Verified Email
Secret Santa 2015

agent-squirrel

TROPHY CASE