There are lots of different scenarios you can conjure up. Another could be that Israel assassinated him after he refused to support their nuclear program OR to silence him.
First thing that came to mind is that he might have been secretly working for Israel's nuclear program but this is all very speculative. It does feel plausible though given that Israel has already assassinated plenty of Iranian nuclear scientists; so there is some precedent for it.
> As part of our ongoing work to protect customers using React against a critical vulnerability, CVE-2025-55182, we started rolling out an increase to our buffer size to 1MB, the default limit allowed by Next.js applications.
Why would increasing the buffer size help with that security vulnerability? Is it just a performance optimization?
I've seen lots of weird tricks malware authors use, people are creative. My favorite is that they'd load up a text file with a modified base64 table from Dropbox which points to the URL to exfiltrate to. When you report it to Dropbox, they typically ignore the report because it just seems like random nonsense instead of being actually malicious.
Huh, my image viewer claimed it's HEIC specifically. My camera also seems to conflate HEIC and HEIF in the settings. It provides HEIF as a format option, when I guess it should be specifying which codec is actually being used. I had no idea HEIF isn't tied to just HEIC though.
That JiaT75 account is also suspended, if you check https://github.com/Larhzu?tab=following you'll see that they're suspended as well. It's pretty weird that it's that hard to find out whether a user is suspended.
I don't think that's what they meant. The idea is to find information about their personal life, not OSS contributions. Something that proves they're a real person.
It's not ironic, this change is really sinister IMO. They want you to waste more time after you've submitted the security report and maximize the amount of back and forth. Basically the hope is that they'd be able to pester you with requests for more info/details in order to "resolve the issue" which would give them more time to exploit their targets.
It's actually not an advantage. The reason why the exploit wasn't included is because the attacker specifically decided to only inject x86_64 Debian and RHEL to reduce the chances of this getting detected.
I think the reason is pretty obvious. They want you to waste more time after you've submitted the security report and maximize the amount of back and forth. Basically the hope is that they'd be able to pester you with requests for more info/details in order to "resolve the issue" which would give them more time to exploit their targets.