Collaborate Disseminate
Researchers discovered a malicious package on the npm package registry that resembles a library for Ethereum smart contract vulnerabilities but actually drops an open-source remote access trojan called Quasar RAT onto developer systems. Continue reading NPM Package Disguised as an Ethereum Tool Deploys Quasar RAT
More than half-a-dozen VPN apps, including Cloudflare’s widely-used 1.1.1.1, have been pulled from India’s Apple App Store and Google Play Store following intervention from government authorities, TechCrunch reported Friday. From the report: The Indian… Continue reading Cloudflare’s VPN App Among Half-Dozen Pulled From Indian App Stores
Unlike Siri, OpenAI Advanced Voice uses your phone’s camera to understand your surroundings. If you have one of these iPhone models, here’s how to get started. Continue reading How to program your iPhone’s Action Button to summon ChatGPT’s voice assistant
Xiaomi has further restricted bootloader unlocking to just one device per user per year, significantly hindering custom ROM development and reinforcing user dependence on its proprietary HyperOS ecosystem. Android Police reports: Roughly a year ago, Xi… Continue reading Drastically Reduced Xiaomi Bootloader Unlock Policy Raises Questions Over Device Ownership
While modern gaming systems deliver ever more realistic experiences, there’s still something to be said for the consoles and handhelds of the 80s and 90s. For many, the appeal is …read more Continue reading Pico Pal Puts RP2350 Into Game Boy Color Shell
A proof-of-concept (PoC) exploit has been released for a now-patched security flaw impacting Windows Lightweight Directory Access Protocol (LDAP) that could trigger a denial-of-service (DoS) condition.
The out-of-bounds reads vulnerability is tracked a… Continue reading LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers
ZipNada shares a report from Phys.org: In a paper published today in Nature, a team led by Columbia Engineering researchers and collaborators report that they have invented new nanoscale sensors of force. They are luminescent nanocrystals that can chan… Continue reading New ‘All-Optical’ Nanoscale Sensors of Force Access Previously Unreachable Environments
Microsoft has announced that it’s making an “unexpected change” to the way .NET installers and archives are distributed, requiring developers to update their production and DevOps infrastructure.
“We expect that most users will not be directly affected… Continue reading Critical Deadline: Update Old .NET Domains Before January 7, 2025 to Avoid Service Disruption
We entered a new year, but attack scenarios have not changed (yet). I found a Python script with an interesting behavior[1] and a low Virustotal score (7/61). It targets Microsoft Windows hosts because it starts by loading all libraries required to call Microsoft API Calls and manipulate payloads:
Continue reading SwaetRAT Delivery Through Python, (Fri, Jan 3rd)
TotalAV combines a simple VPN with antivirus software, while Surfshark offers a standalone VPN with better features and faster speeds. Continue reading TotalAV VPN vs Surfshark: Which VPN Should You Choose?