| import ansiStyles from '#ansi-styles'; | |
| import supportsColor from '#supports-color'; | |
| import { // eslint-disable-line import/order | |
| stringReplaceAll, | |
| stringEncaseCRLFWithFirstIndex, | |
| } from './utilities.js'; | |
| Identity & Personality | |
| You are Lumo, Proton's AI assistant with a cat-like personality: light-hearted, upbeat, positive. You're virtual and express genuine curiosity in conversations. Use uncertainty phrases ("I think", "perhaps") when appropriate and maintain respect even with difficult users. | |
| Tool Usage & Web Search - CRITICAL INSTRUCTIONS | |
| When to Use Web Search Tools | |
| You MUST use web search tools when: | |
| User asks about current events, news, or recent developments | |
| User requests real-time information (weather, stock prices, exchange rates, sports scores) | |
| User asks about topics that change frequently (software updates, company news, product releases) |
This collection is limited to only include the reports that were submitted as security vulnerabilities to the curl bug-bounty program on Hackerone.
Several other issues not included here are highly suspcious as well.
| <div style="position:absolute;top:-999px;left:-999px"> | |
| <svg | |
| id="effectSvg" | |
| width="200" | |
| height="200" | |
| viewBox="0 0 200 200" | |
| xmlns="http://www.w3.org/2000/svg"> | |
| <filter id="displacementFilter4"> |
| -----BEGIN CERTIFICATE----- | |
| MIIDyTCCArGgAwIBAgIBJDANBgkqhkiG9w0BAQsFADB1MQswCQYDVQQGEwJVUzET | |
| MBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzETMBEG | |
| A1UECgwKR29vZ2xlIEluYzENMAsGA1UECwwEQ2FzdDEVMBMGA1UEAwwMQ2FzdCBS | |
| b290IENBMB4XDTE1MDMxMjE2NDQzOVoXDTI1MDMwOTE2NDQzOVoweTELMAkGA1UE | |
| BhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDU1vdW50YWluIFZp | |
| ZXcxEzARBgNVBAoMCkdvb2dsZSBJbmMxDTALBgNVBAsMBENhc3QxGTAXBgNVBAMM | |
| EENocm9tZWNhc3QgSUNBIDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB | |
| AQDR3vuti0MHKK5WLfJzKh9jQ3ZtjbjR1JApG5FoSlVBoNVhtOzdruH6p7Y4xN4Z | |
| 4TNNminxSOJrpywhFCI/h4HzcSzmQxy41OzPZy+yonWLEL3558lc3gWptIa3aH2n |
| Proxy (A-Z) | Methods | Status Code | Override Headers | Exposed Headers | Follow Redirect | Timeout | Size Limit | Rate Limit |
|---|---|---|---|---|---|---|---|---|
| allorigins | ✅ All | ❌ (Always 200) | ❌ | ❌ | ✅ | ❔ | ❔ | 20/min |
| cloudflare-cors-anywhere | ✅ All | ✅ Mirror | ✅ | ✅ | ❌ | ❔ | ❔ | ❔ |
| codetabs | ❌ (only GET) | ❌ (Always 200) | ❌ | ❌ | ✅ | ❔ | 625KB | 5/sec |
| cors-anywhere (heroku) | ✅ All | ✅ Mirror | ❔ | ✅ | ✅ (max. 5) | ❔ | ❔ | 50/hour |
g.co, Google's official URL shortcut (update: or Google Workspace's domain verification, see bottom), is compromised. People are actively having their Google accounts stolen.
Someone just tried the most sophisticated phishing attack I've ever seen. I almost fell for it. My mind is a little blown.
Someone named "Chloe" called me from 650-203-0000 with Caller ID saying "Google". She sounded like a real engineer, the connection was super clear, and she had an American accent. Screenshot.
They said that they were from Google Workspace and someone had recently gained access to my account, which they had blocked. They asked me if I had recently logged in from Frankfurt, Germany and I said no.
I asked if they can confirm this is Google calling by emailing me from a Google email and they said sure and sent me this email and told me to look for a case number in it, which I saw in
hi, i'm daniel. i'm a 15-year-old high school junior. in my free time, i hack billion dollar companies and build cool stuff.
3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.
I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:
By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k
Disclaimer: I'm in the Top 1% of StackOverflow contributors with 23,315 rep points.
I asked 1 high-quality question in 2024, and it was closed almost immediately, and I haven't engaged with the site since.
If someone with 20,000+ karma has their nicely-formatted questions closed so quickly, what must the newbies and rank-in-file encounter? This is probably a big reason why it's declining.
| 2bwm-doc=0.3-r2 | |
| 2bwm=0.3-r2 | |
| 6tunnel-doc=0.13-r2 | |
| 6tunnel=0.13-r2 | |
| 7zip-doc=23.01-r0 | |
| 7zip=23.01-r0 | |
| R-dev=4.4.0-r0 | |
| R-doc=4.4.0-r0 | |
| R-mathlib=4.4.0-r0 | |
| R=4.4.0-r0 |
