What is the “strange platypus-like creature” referenced in abberant mind’s origins?

I don’t recall any “strange platypus-like” creature in D&D, let alone one appropriate for the Aberrant Mind. I can only think of Perry the Platypus from the Phineas and Ferb cartoon. Nevertheless the Abberant Mind’s origins describes such a creature:

As a child, you had an imaginary friend that looked like a flumph or a strange platypus-like creature. One day, it gifted you with psionic powers, which have ended up being not so imaginary.

The Flumph is name checked, and I’m aware of that creature. What is the other one?

[ Politics ] Open Question : Why does BLM base their origins on something that didn’t happen?

BLM started when it was reported that Michael Brown was shot even though he was just standing there with his hands up. Eventually the truth came out. The DOJ investigated and learned that Brown charged the officer before he was shot. That happened under Obama and even Obama admitted that the police were justified in their actions (shooting Brown). In essence, BLM is based on a lie and still chant “Hands up, don’t shoot” at “protests”. If they were honest, shouldn’t they abandon that phrase? “The movement became nationally recognized for street demonstrations following the 2014 deaths of two African Americans: Michael Brown …and Eric Garner” https://en.wikipedia.org/wiki/Black_Lives_Matter

What are the 5E origins of the Mind Flayers?

The 3rd Edition D&D sourcebook Lords of Madness says the illithid species originated in the distant future and somehow traveled to the distant past to avoid extinction. A trilogy of 2nd Edition modules says they came from another plane known as Penumbra without the time travel. Has the origin of these creatures been rewritten for 5th Edition, and if so, as how?

How to calculate the transformation such that two points with different position, orientation and origins line up?

Let’s say you have two different 3D Objects which both contain a node that is off center (not at the origin) and have an orientation. How do you calculate the transform for one of the object so that both of these nodes line up? As in both nodes end up at the same position in space and the same orientation?

In gaming terms, both 3D objects have “snap” points and I’d like to calculate how to transform one of them so that they snap together at that specific node.

for illustration purposes The cubes are the 3D objects, the X/Y/Z axis represent the origin of each of these objects, and the arrow is the node. The goal would be in this case both arrows overlap and thus the cubes end up at the exact same place. Note the origin is NOT at the same spot for both objects.

Why image resources loaded from different origins triggers HTTP authentication dialogs would be harmful?

From https://developer.mozilla.org/en-US/docs/Web/HTTP/Authentication, it says:

A potential security hole that has recently been fixed by browsers is authentication of cross-site images. From Firefox 59 onwards, image resources loaded from different origins to the current document are no longer able to trigger HTTP authentication dialogs (bug 1423146), preventing user credentials being stolen if attackers were able to embed an arbitrary image into a third-party page.

“User credentials could be stolen if attackers were able to embed an arbitrary image into a third-party page. ” How? The authentication happens between the user and the image source website, while the “third-party page” website is not involved.

Exploitability of allowed wildcard (*) CORS Origins with Bearer Token Authorization

I’m looking at the following setup. A web application uses a REST API to communicate with the server. All API responses include Origin: *. For authorization Authorization: Bearer <token> is used. Access-Control-Allow-Headers: Authorization is also included for appropriate preflight requests.

As Origin: * is configured, modern browsers will not send authorization data, such as the bearer token.

This makes it impossible to use API requests across domains, which require authorization (https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#Requests_with_credentials).

I’m struggling to justify, why this should be considered a vulnerability. It is bad practice to allow any origin. It could lead to data leakage, but not in this scenario.

Could this be exploited in another way, I’m not seeing right now, or is this in fact just bad practice and does not pose an actual threat?