Internet Discoveries between 9 March and 16 March

  • đź”­ The Einstein AI model
  • Sign in as anyone: Bypassing SAML SSO authentication with parser differentials
  • giacomo-b/rust-stakeholder
  • đź‘‹ Hello, This is Nash
  • Harden-Runner detection: tj-actions/changed-files action is compromised
  • https://x.com/Baidu_Inc/status/1901089355890036897
  • Lynx is the oldest web browser still being maintained

Interesting details

🔭 The Einstein AI model - The “compressed 21st century” comes from Dario’s “Machine of Loving Grace” and if you haven’t read it, you probably should, it’s a noteworthy essay.

Sign in as anyone: Bypassing SAML SSO authentication with parser differentials - Critical authentication bypass vulnerabilities (CVE-2025-25291 + CVE-2025-25292) were discovered in ruby-saml up to version 1.17.0.

giacomo-b/rust-stakeholder - Why learn actual skills when you can just look impressive instead? Introducing rust-stakeholder - a CLI tool that generates absolutely meaningless but impressive-looking terminal output to convince everyone you’re a coding genius without writing a single line of useful code.

đź‘‹ Hello, This is Nash - Nash is a standalone note as HTML. Nash does not require any other software or services.

Harden-Runner detection: tj-actions/changed-files action is compromised - We are actively investigating a critical security incident involving the tj-actions/changed-files GitHub Action. While our investigation is ongoing, we want to alert users so they can take immediate corrective actions. We will keep this post updated as we learn more.

https://x.com/Baidu_Inc/status/1901089355890036897 -

Lynx is the oldest web browser still being maintained - 5 points by 32 minutes ago hide past   discuss Kudos to the folks keeping it running. https://en.m.wikipedia.

All this was saved to my GetPocket over the week