Youssef Hesham iossefy

hi, i'm daniel. i'm a 15-year-old high school junior. in my free time, i hack billion dollar companies and build cool stuff.

3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.

I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:

Cloudflare

By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

Update: I've disabled comments as of 2025-01-26 to avoid everyone having notifications for something a year on if someone wants to suggest a correction. Folks are free to email to suggest corrections still, of course.

Background

Here's a list of mildly interesting things about the C language that I learned mostly by consuming Clang's ASTs. Although surprises are getting sparser, I might continue to update this document over time.

There are many more mildly interesting features of C++, but the language is literally known for being weird, whereas C is usually considered smaller and simpler, so this is (almost) only about C.

1. Combined type and variable/field declaration, inside a struct scope [https://godbolt.org/g/Rh94Go]

struct foo {
   struct bar {
 int x;

Arch Linux Installation Guide

This guide will show step-by-step how to Install Arch Linux on UEFI mode.

Common Options

-#, --progress-bar Make curl display a simple progress bar instead of the more informational standard meter.

-b, --cookie <name=data> Supply cookie with request. If no =, then specifies the cookie file to use (see -c).

-c, --cookie-jar <file name> File to save response cookies to.

	#pragma once

	#define DYN_ARR_OF(type) struct { \
	type *data; \
	type *endptr; \
	uint32_t capacity; \
	}

	#if !defined(__cplusplus)
	#define decltype(x) void*

	<?xml version="1.0" encoding="UTF-8"?>

	<opml version="1.0">
	<head>
	<title>Information Security Blog Feed List Compiled by @decalresponds</title>
	</head>
	<outline text="Infosec" title="Information Security">
	<outline type="rss" text="Signal Chaos" title="Signal Chaos" xmlUrl="http://s1gnalcha0s.github.io/feed.xml" htmlUrl="http://s1gnalcha0s.github.io/"/>
	<outline type="rss" text="Secrutiny" title="Secrutiny" xmlUrl="https://secrutiny.com/feed/" htmlUrl="https://secrutiny.com"/>
	<outline type="rss" text="Ero Carrera's blog" title="Ero Carrera's blog" xmlUrl="http://blog.dkbza.org/rss.xml" htmlUrl="http://blog.dkbza.org/"/>

	# INSTALL INSTRUCTIONS: save as ~/.gdbinit
	#
	# DESCRIPTION: A user-friendly gdb configuration file.
	#
	# REVISION : 7.3 (16/04/2010)
	#
	# CONTRIBUTORS: mammon_, elaine, pusillus, mong, zhang le, l0kit,
	# truthix the cyberpunk, fG!, gln
	#
	# FEEDBACK: https://www.reverse-engineering.net