What are your favorite hardware and open source software for #security#cams, #video#surveillance, #ring#doorbells, #motion detection, #homeassistant...?
What #alternatives do we have?
🛑 ALERT: Google uncovered an #iPhone exploit kit called Coruna containing 23 iOS exploits targeting versions 13–17.2.1.
The framework fingerprints devices and automatically loads the matching WebKit exploit chain. Researchers say it moved from #surveillance vendors to nation-state operators and later cybercrime groups.
🔗 Exploit chains, campaigns, and malware payload details → https://thehackernews.com/2026/03/coruna-ios-exploit-kit-uses-23-exploits.html
http://lucumr.pocoo.org/2016/12/29/careful-with-str-format/
#security
This should have been obvious to me for a longer time, but until earlier today I did not really realize the severity of the issues caused by str.format on untrusted user input. It came up as a way to bypass the Jinja2 Sandbox in a way that would permit retrieving information that you should not have access to which is why I just pushed out a security release for it.
However I think the general issue is quite severe and needs to be a discussed because most people are most likely not aware of how easy it is to exploit.