Laying out the 404 Media zine
I write a lot these days, but my path into journalism, going way back to J-School, was through layout. For years, I was a graphic designer at a number of newspapers—some fairly small, some quite large. I was a card-carrying member of the Society for News Design. It was one of my biggest passions, and […]
Nokia N900 Necromancy
Building a fake battery, adding a USB-C port, booting from SD card, and giving a new life to a classic Linux smartphone. My friend Dima sent me his old-school classic Nokia N900. The battery is very old, and it does not boot as-is. So naturally, I wanted to see if I can resurrect it. Step […]
Two new RSC protocol vulnerabilities uncovered
Note: Some patched versions are still being released to npm. If a version listed below is not yet available, please check back shortly. Two additional vulnerabilities have been identified in the React Server Components (RSC) protocol. These issues were discovered while security researchers examined the patches for React2Shell. Importantly, neither of these new issues allow […]
React2Shell and related RSC vulnerabilities threat brief
On December 3, 2025, immediately following the public disclosure of the critical, maximum-severity React2Shell vulnerability (CVE-2025-55182), the Cloudforce One Threat Intelligence team began monitoring for early signs of exploitation. Within hours, we observed scanning and active exploitation attempts, including traffic originating from infrastructure associated with Asian-nexus threat groups. Early activity indicates that threat actors quickly […]
Almond (YC X25) Is Hiring SWEs and MechEs
Our mission is to free humans from physical labor with robotics. We imagine a future where robots handle the essential, repetitive work and humans are free to create, connect, and pursue what truly matters to them. To build that future we’re starting from the ground up with hardware. Our first product is a California-designed and […]
Denial of service and source code exposure in React Server Components
December 11, 2025 by The React Team Security researchers have found and disclosed two additional vulnerabilities in React Server Components while attempting to exploit the patches in last week’s critical vulnerability. These new vulnerabilities do not allow for Remote Code Execution. The patch for React2Shell remains effective at mitigating the Remote Code Execution exploit. The […]
UK House of Lords attempting to ban use of VPNs by anyone under 16
This is deranged, each nation’s boomers and reactionaries attempting to outdo the others: “Action to prohibit the provision of VPN services to children in the United Kingdom” … the provider of any Relevant VPN Service which is, or is likely to be — (i) offered or marketed to persons in the United Kingdom; (ii) provided […]
An SVG is all you need
SVGs are pretty cool – vector graphics in a simple XML format. They are supported on just about every device and platform, are crisp on every display, and can have embedded scripts in to make them interactive. They’re way more capable than many people realise, and I think we can capitalise on some of that […]
We built a resource hub to fight back against age verification
Age verification laws are proliferating fast across the United States and around the world, creating a dangerous and confusing tangle of rules about what we’re all allowed to see and do online. Though these mandates claim to protect children, in practice they create harmful censorship and surveillance regimes that put everyone—adults and young people alike—at risk. […]
Going Through Snowden Documents, Part 1
We are building a comprehensive archive and analysis project examining published documents leaked by Edward Snowden. Our methodology involves systematically reviewing each available document with particular attention to small details and information that has received little or no public attention since the initial 2013 disclosures. Throughout this process, we will publish posts highlighting interesting previously […]