This media is not supported in your browser
VIEW IN TELEGRAM
Xbox to introduce age verification in the UK.
You know it's getting pretty bad, when the government, starts to fully want verification of your ID to play a video game....
This is purely wanted for surveillance and analyzing the information used while people are chatting with friends. So if you try to use other ways of communication, you're linked to your government ID. No anonymity.
https://news.xbox.com/en-us/2025/07/28/xbox-age-verification-uk/
You know it's getting pretty bad, when the government, starts to fully want verification of your ID to play a video game....
This is purely wanted for surveillance and analyzing the information used while people are chatting with friends. So if you try to use other ways of communication, you're linked to your government ID. No anonymity.
https://news.xbox.com/en-us/2025/07/28/xbox-age-verification-uk/
Forwarded from The Hacker News
🚨 Akira ransomware is hitting SonicWall SSL VPNs—some fully patched.
Researchers suspect a zero-day or credential abuse. Attacks surged in late July.
Org? Disable SSL VPN until further notice.
Full details ↓ https://thehackernews.com/2025/08/akira-ransomware-exploits-sonicwall.html
Researchers suspect a zero-day or credential abuse. Attacks surged in late July.
Org? Disable SSL VPN until further notice.
Full details ↓ https://thehackernews.com/2025/08/akira-ransomware-exploits-sonicwall.html
https://linuxmint.hu/hir/2025/08/ujabb-rosszindulatu-program-az-arch-aur-ban
Another Malware Found in Arch AUR
Another Malware Found in Arch AUR: Another Malicious Code Found in the Popular Package Repository
Just ten days after the previous incident, another malicious software was found among the Arch Linux AUR packages. This time, the attackers hid a Remote Access Trojan (RAT) in a seemingly harmless package disguised as a browser.
What exactly happened?
The AUR (Arch User Repository) is a collection of software created by the Arch Linux community and maintained by users, which many consider to be one of the greatest advantages of Arch, almost a “hidden treasure”. However, due to its completely open upload system, it can also become a target for malware.
After the previous incident ten days ago, a Remote Access Trojan (RAT) has now been added to the package repository. This time, the malicious code was hidden in a package called google-chrome-stable. The package not only installed the Google Chrome browser, but also used a Python script to download and run an external resource containing the malicious code every time it was started.
This type of malware can give attackers full access to the infected machine, allowing them to steal data, install additional malicious software, or even spy on it.
How did the package get uploaded?
The problematic package was uploaded by a newly registered user under the username “forsenontop”. In the PKGBUILD file, an install script (google-chrome-bin.install) called a launcher script (google-chrome-stable.sh) that ran a Python command with the -c option before Chrome was launched. This command pulled in an external resource on every launch, which downloaded the malware.
The good news is that the package was only available in the AUR for a few hours before it was detected and immediately removed by administrators. However, it still received a few upvotes, suggesting that several users may have already installed it.
What should affected users do?
If someone has installed the malicious package, they should immediately remove it and run a full security scan on their system. However, experts in the Arch community say that the safest solution is a full system reinstall (OS preinstall) to rule out any backdoors or hidden malicious code.
What’s the lesson?
This incident once again highlights that while the AUR is an extremely useful resource, the security of packages is not the responsibility of the official Arch Linux developers, but rather the community.
The incident clearly demonstrates how easy it is to upload a legitimate-looking package using a fake account. That’s why it’s important for users to always check the history of a package:
Check how long the package has been around.
Check the uploader’s reputation and the contents of the PKGBUILD file.
Avoid freshly uploaded packages with no history, even if the name seems official.
Browsers, as in the previous incident, are a particularly attractive target for attackers, as they are among the most widely used software.
Strengthen your future protection
Always check the PKGBUILD contents before installing:
yay -G packagename cd packagename less PKGBUILD
Avoid newly uploaded packages. If the AUR package has no history or reviews, it is not recommended to install it.
Another Malware Found in Arch AUR
Another Malware Found in Arch AUR: Another Malicious Code Found in the Popular Package Repository
Just ten days after the previous incident, another malicious software was found among the Arch Linux AUR packages. This time, the attackers hid a Remote Access Trojan (RAT) in a seemingly harmless package disguised as a browser.
What exactly happened?
The AUR (Arch User Repository) is a collection of software created by the Arch Linux community and maintained by users, which many consider to be one of the greatest advantages of Arch, almost a “hidden treasure”. However, due to its completely open upload system, it can also become a target for malware.
After the previous incident ten days ago, a Remote Access Trojan (RAT) has now been added to the package repository. This time, the malicious code was hidden in a package called google-chrome-stable. The package not only installed the Google Chrome browser, but also used a Python script to download and run an external resource containing the malicious code every time it was started.
This type of malware can give attackers full access to the infected machine, allowing them to steal data, install additional malicious software, or even spy on it.
How did the package get uploaded?
The problematic package was uploaded by a newly registered user under the username “forsenontop”. In the PKGBUILD file, an install script (google-chrome-bin.install) called a launcher script (google-chrome-stable.sh) that ran a Python command with the -c option before Chrome was launched. This command pulled in an external resource on every launch, which downloaded the malware.
The good news is that the package was only available in the AUR for a few hours before it was detected and immediately removed by administrators. However, it still received a few upvotes, suggesting that several users may have already installed it.
What should affected users do?
If someone has installed the malicious package, they should immediately remove it and run a full security scan on their system. However, experts in the Arch community say that the safest solution is a full system reinstall (OS preinstall) to rule out any backdoors or hidden malicious code.
What’s the lesson?
This incident once again highlights that while the AUR is an extremely useful resource, the security of packages is not the responsibility of the official Arch Linux developers, but rather the community.
The incident clearly demonstrates how easy it is to upload a legitimate-looking package using a fake account. That’s why it’s important for users to always check the history of a package:
Check how long the package has been around.
Check the uploader’s reputation and the contents of the PKGBUILD file.
Avoid freshly uploaded packages with no history, even if the name seems official.
Browsers, as in the previous incident, are a particularly attractive target for attackers, as they are among the most widely used software.
Strengthen your future protection
Always check the PKGBUILD contents before installing:
yay -G packagename cd packagename less PKGBUILD
Avoid newly uploaded packages. If the AUR package has no history or reviews, it is not recommended to install it.
Forwarded from GSMArena (IFTTT)
Deals: Xiaomi 15 Ultra and Honor Magic7 Pro get price cuts, whole Poco F7 series gets discounted
https://ift.tt/Jm8t5XD
https://ift.tt/Jm8t5XD
GSMArena.com
Deals: Xiaomi 15 Ultra and Honor Magic7 Pro get price cuts, whole Poco F7 series gets discounted
Snapdragon 8 Elite powered flagships with impressive camera hardware or Snapdragon 8 chips on the cheap. This week we have some camera titans from Xiaomi...
This media is not supported in your browser
VIEW IN TELEGRAM
Forwarded from Tech & Leaks Zone
The AndroidFileHost was abandoned in 2023 and went offline a few weeks ago due to that a lot of Android development history, custom ROMs, kernels, gapps, etc. has been lost.
So, a reddit user has created AFHArchive, a site dedicated to preserving the files that were once hosted on AndroidFileHost. While uploading large files, just include as much info as you can, and after a review by the admins, they’ll be published for everyone to access again.
NOTE: AFHArchive is dedicated to preserving files that were previously hosted on AndroidFileHost.
• Only upload files that were once on AFH
• Provide original AFH links when possible
• Include device information & XDA threads
• All uploads require admin approval
• New builds or custom ROMs will not be approved
Follow @TechLeaksZone
So, a reddit user has created AFHArchive, a site dedicated to preserving the files that were once hosted on AndroidFileHost. While uploading large files, just include as much info as you can, and after a review by the admins, they’ll be published for everyone to access again.
NOTE: AFHArchive is dedicated to preserving files that were previously hosted on AndroidFileHost.
• Only upload files that were once on AFH
• Provide original AFH links when possible
• Include device information & XDA threads
• All uploads require admin approval
• New builds or custom ROMs will not be approved
Follow @TechLeaksZone
Reddit
From the androidroot community on Reddit
Explore this post and more from the androidroot community
Forwarded from GSMArena (IFTTT)
This is the Oukitel WP210 rugged smartphone with a 108MP camera, 8,800 mAh battery, and IP69K rating
https://ift.tt/193wUVe
https://ift.tt/193wUVe
GSMArena.com
This is the Oukitel WP210 rugged smartphone with a 108MP camera, 8,800 mAh battery, and IP69K rating
It will be available starting mid-August through Oukitel's website. Rugged smartphone maker Oukitel will introduce the Oukitel WP210 soon. The brand hasn't...
Forwarded from Bones' Tech Garage
For the moment avoid the AUR if you are on Arch based distros.
https://linuxiac.com/arch-aur-under-fire-once-more-as-malware-resurfaces/
https://linuxiac.com/arch-aur-under-fire-once-more-as-malware-resurfaces/
Linuxiac
Arch AUR Under Fire Once More as Malware Resurfaces
Just ten days after a previous incident, malware with a Remote Access Trojan has once again been discovered in Arch Linux AUR packages.