Gerald Benischke
LightNews LightNews
banner
beny23.github.io
Gerald Benischke
@beny23.github.io
3K followers 890 following 1K posts
Maker, breaker and fixer of software. Adventures in #appsec and #agile: beny23.github.io he/him
Posts Replies Media Videos
Reposted by Gerald Benischke
rahaeli.bsky.social
I genuinely cannot believe the degree to which we are pissing away this generational breakthrough, even given the fuckmuppets who are involved www.nbcnews.com/health/healt...
FDA declines to review Moderna's mRNA flu shot
Under Health Secretary Robert F. Kennedy Jr., the Food and Drug Administration has taken an aggressive stance against mRNA technology.
www.nbcnews.com
February 10, 2026 at 11:32 PM
beny23.github.io
This week, we're having a bit of a wild west theme to the GenAI related links. There's continuing hype around OpenClaw - though it looks more like a hangover than a party. And we'll end up with a cryptic warning from a siren. #WeaklyLink beny23.github.io/posts/weakly...
Weakly Link 26/06
This week, we’re having a bit of a wild west theme to the GenAI related links. There’s continuing hype around OpenClaw - though it looks more like a hangover than a party. We’ve also got some interest...
beny23.github.io
February 10, 2026 at 2:51 AM
beny23.github.io
This week it's about autonomous AI bots going crazy: Moltbook is so hot it leaves behind molten agents. Of course, there’s a decent sprinkling of security issues where once again the usual suspects prove that security vendors are bad at securing software. #WeaklyLink beny23.github.io/posts/weakly...
Weakly Link 26/05
This was the week when the autonomous AI bots went a bit crazy and decided to burn tokens on social media. Moltbook is so hot it leaves behind molten agents. Well, no, stop there Gerald, people will s...
beny23.github.io
February 3, 2026 at 12:22 AM
beny23.github.io
LinkedIn, the social network where even dead monarchs reach out to you.
Screenshot of LinkedIn notification: George V. followed you.
February 2, 2026 at 5:42 PM
beny23.github.io
Now that iOS is on 26.2 it should be safe to update. Apple: hold my beer.
Screenshot of completely messed up iOS lock screen with time unreadable because it overlays lots of different time.
January 28, 2026 at 12:23 PM
beny23.github.io
It’s been a busy week, hasn’t it? Fascism is on the rise and AI too. But it’s not all bad news… We’re looking at how magic strings and parameter injection can be bad, how mad AI coding is and how optimism is doomed. Did I say not all bad? #weaklylink

beny23.github.io/posts/weakly...
Weakly Link 26/04
It’s been a busy week, hasn’t it. Fascism is on the rise and AI too. But it’s not all bad news… (touches earpiece) I’m receiving new information. Aaaanyway. This week we’re looking at mad and bad. We’...
beny23.github.io
January 27, 2026 at 12:50 AM
beny23.github.io
Share photographs of maintains you’ve taken.
Snow capped mountain in background over plain of grasses
January 22, 2026 at 11:15 PM
beny23.github.io
“I no longer feel an obligation to think purely of peace.”
Image of Scorpius a high ranking “peacekeeper” commander in Farscape
January 19, 2026 at 7:00 PM
beny23.github.io
This week’s installment of my LinkBlog covers old tech that is new, operational tech that is secure, observability that is not expensive and a series of vulnerabilities for us to snigger at, then take a breath and take seriously. #WeaklyLink

beny23.github.io/posts/weakly...
Weakly Link 26/03
This week’s installment of my LinkBlog covers old tech that is new, operational tech that is secure, observability that is not expensive and a series of vulnerabilities for us to snigger at, then take...
beny23.github.io
January 18, 2026 at 1:31 PM
beny23.github.io
The wiz kids have done it again - very entertaining writeup: www.wiz.io/blog/wiz-res...
CodeBreach: Supply Chain Vuln & AWS CodeBuild Misconfig | Wiz Blog
Wiz Research discovered CodeBreach, a critical vulnerability that risked the AWS Console supply chain. Learn how to secure your AWS CodeBuild pipelines.
www.wiz.io
January 15, 2026 at 8:40 PM
beny23.github.io
Love to see this kind of transparency from Agile on the Beach about their CFP: agileonthebeach.com/aotb-2026-ca...
AOTB 2026 Call For Proposals Report | Agile on the Beach
agileonthebeach.com
January 15, 2026 at 9:51 AM
beny23.github.io
In this edition, we hear about how to break US tech dominance, how your mate's phone can infect your TV when they pop round and some more AI insecurities. #weaklylink

beny23.github.io/posts/weakly...
Weakly Link 26/02
My post is a little late this week as I went away with the scouts. Everyone else was in the bunkhouse, I was in a tent. Something about ratios. And I brought the summer sleeping bag. Freezing. Alone. ...
beny23.github.io
January 12, 2026 at 1:04 AM
beny23.github.io
Needing to throttle Pro and Business while Pro+ and Enterprise is fine? Sounds like a cost saving incident to me ;-)
GitHub status page: Some models missing in Copilot Subscribe Update - We continue to investigate. We'll post another update by 19:50 UTC. Jan 07, 2026 - 19:29 UTC Update - Correction - Copilot Pro and Business users are impacted. Copilot Pro+ and Enterprise users are not impacted. Jan 07, 2026 - 19:10 UTC Update - We continue to investigate this problem and have confirmed only Copilot Business users are impacted. We'll post another update by 19:30 UTC. Jan 07, 2026 - 19:06 UTC Update - We are currently investigating reports of some Copilot Pro premium models including Opus and GPT 5.2 being unavailable in Copilot products. We'll post another update by 19:08 UTC. Jan 07, 2026 - 18:44 UTC Update - We have received reports that some expected models are missing from VSCode and other products using Copilot. We are investigating the cause of this to restore access. Jan 07, 2026 - 18:33 UTC Xkcd excuse comic modified to THE #I EVERYONE EXCUSE FOR LEGITIMATELY SLACKING OFF: "YOU'RE ABSOLUTELY RIGHT." HEY! GET BACK TO WORK! MODELS DOWN! OH. CARRY ON.
January 7, 2026 at 7:42 PM
beny23.github.io
Learning from history has never been humanities strong point ;-)

No GenAI doesn’t solve the coding bottleneck.

Very enjoyable piece by Rob! Might just have to print it out and roll up. Would make a good stick to beat people with… (in a non-aggressive way of course)
robbowley.net Rob Bowley @robbowley.net · Jan 6
Even in the punchcard and batch era, coding was not the main bottleneck with software delivery.

You may have read 1st version of this already - I've significantly updated/re-written, going back to the 1940s.

Full timeline below 👇

blog.robbowley.net/2026/01/05/c...
Coding has never been the bottleneck | Rob Bowley
blog.robbowley.net
January 7, 2026 at 12:06 PM
Reposted by Gerald Benischke
paultassi.bsky.social
greetings from hell
January 4, 2026 at 7:11 PM
beny23.github.io
Like any blog post at New Year’s, we’ll be looking to the future. We’ll also check our assumptions and we’ve got some security content before looking at a website to destroy all websites.

beny23.github.io/posts/weakly...

#weaklylink #linkblog
Weakly Link 26/01
Like any blog post at New Year’s, we’ll be looking to the future. We’ll also check our assumptions and we’ve got some security content before looking at a website to destroy all websites. I did like t...
beny23.github.io
January 3, 2026 at 12:51 PM
beny23.github.io
Smash the social media oligopoly!
strange.website henry ✷ @strange.website · Jan 1
you’re right! it feels mostly awful to Go Online™, these days. the internet in a sad state, for reason after reason after reason. but there is a way to fix it; to trade the voidful howling for a quiet & joyful song.

here’s how to win the war for the soul of the internet, and build the Web We Want.
A Website To End All Websites | Henry From Online
How to win the war for the soul of the internet, and build the Web We Want.
henry.codes
January 2, 2026 at 12:07 AM
beny23.github.io
“The oxygen of publicity this year has mostly been consumed by our two-lettered friend, AI. There's no reason to think this will change in 2026. [..] here's a world where that's not true, a world where other things are happening that will shape the future. We like to call it the real world...”

🤣👏
theregister.com The Register @theregister.com · Dec 30
Imagine there's no AI. It's easy if you try www.theregister.com/2025/12/29/f... - four completely non-AI-related trends from 2025 that will shape the future
Imagine there's no AI. It's easy if you try
: Four completely non-AI-related trends that will shape the future
www.theregister.com
December 30, 2025 at 6:42 PM
beny23.github.io
In this festive edition we do what we usually do during the holidays: focus on the latest vulnerabilities that ruin our Christmas and some advice on slowing things down. Enjoy!

beny23.github.io/posts/weakly...
Weakly Link 25/52
To those who celebrate the festivals either end of the last 7 days of the year: Happy <insert here>! This time round, there’s not one, but two bleeding fails in security, some interesting protections,...
beny23.github.io
December 28, 2025 at 10:54 AM
Reposted by Gerald Benischke
filippo.abyssdomain.expert
At the gpg.fail talk and omg #39c3

You can just put a \0 in the Hash: header and then newlines and inject text in a cleartext message.

Won’t even blame PGP here. C is unsafe at any speed.

gpg has not fixed it yet.
December 27, 2025 at 4:31 PM
Reposted by Gerald Benischke
ollieatnowhere.bsky.social
Weekly summary is out...

ctoatncsc.substack.com/p/cto-at-ncs...
CTO at NCSC Summary: week ending December 28th
Addressing fundamentals move dials - be it architectures (cross-domain, privileged access workstations etc), approaches (external attack surface management, deception), or solutions (passkeys).
ctoatncsc.substack.com
December 27, 2025 at 8:26 AM
Reposted by Gerald Benischke
doublepulsar.com
patch ye MongoDB, there's an exploit for a vuln which has been in the product for over a decade that allows the remote, unauth read of any memory - which includes plaintext creds.

Somebody posted an exploit on Christmas Day, Merry Christmas!

doublepulsar.com/merry-christ...
Merry Christmas Day! Have a MongoDB security incident.
Somebody from Elastic Security decided to post an exploit for CVE-2025–14847 on Christmas Day.
doublepulsar.com
December 26, 2025 at 10:57 PM
beny23.github.io
The American anus horribilis, wonder who that refers to ;-)
princess-vimentin.bsky.social Princess Vimentin PhD | Cancer Biologist @princess-vimentin.bsky.social · Dec 23
2025 is definitely the American annus horribilis.

The WH website spreads misinformation about the origins of Covid. The CDC denies real data about vaccines/autism. ACIP does not support Hep B vaccines for babies. Measles/pertussis outbreaks. #NIH is politicized.
🧪 www.thelancet.com/journals/lan...
2025: an annus horribilis for health in the USA
The US Advisory Committee on Immunization Practices vote on Dec 5 to no longer recommend the hepatitis B vaccine birth dose, which had ensured that babies exposed to hepatitis B would not later develo...
www.thelancet.com
December 23, 2025 at 5:35 PM
Reposted by Gerald Benischke
saraghargh.bsky.social
Let's play Who Said It, AI Hyper or The Borg?

"Embrace the inevitable."

"Knowledge is irrelevant unless shared."

"We are the future."

"This is the next stage of evolution."

"Your resources will be repurposed."

"We are the sum of all species."

"Your technology is obsolete."
December 21, 2025 at 4:07 PM