A critical vulnerability (CVE-2024-50623) in Cleo's file transfer software is under active, widespread exploitation—affecting fully patched systems.

The flaw allows unauthenticated remote code execution through unrestricted file uploads, enabling attackers to execute arbitrary code.

Over 4,200 organizations use Cleo software globally—this is a major security concern for logistics, consumer products, and more.

Get critical insights: https://thehackernews.com/2024/12/cleo-file-transfer-vulnerability-under.html

🤖 Traditional pentesting is falling behind. Cyberattacks happen daily—automation ensures your defenses are always ready, not just once a year.

Automated pentesting delivers frequent, accurate, and cost-efficient assessments, ensuring real-time visibility into your vulnerabilities.

Discover how automation is changing the game: https://thehackernews.com/2024/12/the-future-of-network-security.html

Real ID and/or Digital ID is the next immediate battlefront. Don't fall for the convenience.

https://www.makeuseof.com/adding-us-passport-google-wallet/

The World’s First 5G 30,000mAh Rugged Tablet with 400lm Camping Light– Blackview Active 10 Pro
https://www.gizchina.com/2024/12/10/the-worlds-first-5g-30000mah-rugged-tablet-with-400lm-camping-light-blackview-active-10-pro/

U.S. continues to target Huawei: Proposes new bill to tighten chip purchase
https://www.gizchina.com/2024/12/10/huawei-chip-ban-us-bill/

RSAF

RSAF is an Android document provider for the wonderful rclone. It allows any app that supports Android's Storage Access Framework (SAF) to access remote files via rclone's backends. RSAF is not itself a file manager, but any file manager supporting SAF, including the one built into Android (Settings -> Storage -> Documents), can make use of it.

🔗 Links:
- Download
- Screenshots
- Features
Developer: Andrew Gunnerson
Thanks to Ouxyl for recommendation

🏷️ Tags: #Android #Tools

Sapio

Sapio, an anagram of "Open Source API," provides a compatibility matrix showing how well Android apps work on deGoogled AOSP devices, with or without microG. Community-driven evaluations within Sapio can also be used as a lobbying tool, shared on social media to encourage developers to prioritize user privacy.

🔗 Links:
- Download
- Screenshots
- Info
- Source code
Developer: Jonathan Klee

🏷️ Tags: #Android #Tools

p0ntus Mail

p0ntus Mail is an open-source email and password manager (with Vaultwarden). it features 4GB (more available by request for free) of storage, and unlimited password storage with Vaultwarden. IMAP/SMTP enabled (sends restricted to 5/hr, ask for more if needed) and webmail (w/ support for other clients). It will always be free of charge, only accepting donations. It's frontend is fully open sourced and developed in-house with open source software in the backend.

🔗 Links:
- Website (Register Here)
- Donate
- GitHub Repo
Developer: Aidan

🏷️ Tags: #Online #Services

Mozilla Firefox Removes "Do Not Track" Feature Support
Article, Comments

BareMetal OS
Article, Comments

The Depths of Wikipedians
Article, Comments

The Google Willow Thing
Article, Comments

Google says AI weather model masters 15-day forecast
Article, Comments

https://lists.archlinux.org/archives/list/arch-dev-public@lists.archlinux.org/thread/MZLH43574GGP7QQ7RKAAIRFT5LJPCEB4/ The developers of Arch Linux distribution announced that they have received an investment of 562 thousand euros from the STF (Sovereign Tech Fund), a fund established in Germany to stimulate the development of open digital infrastructure and open source ecosystems. The fund was established with funding from the German Ministry of Economic Affairs and Climate Protection and is overseen by the Federal Agency for Disruptive Innovation SPRIND. The funding has been allocated to work on modernising the ALPM (Arch Linux Package Management) toolkit, which develops specifications, utilities and libraries for tasks such as creating and using packages and managing repositories.

The project attempts to structure interfaces related to package management and provide utilities and pipelining written in the Rust programming language. The specifications and utilities developed by the project are based on Pacman functionality. The reason for switching to Rust after using C in Pacman is to reduce the likelihood of committing memory errors.

German Ministry of Economic Affairs and Climate Protection and is overseen by the Federal Agency for Disruptive Innovation SPRIND

🤡Written in the Rust programming language🤡

let's see, capacity is 'the limit of growth' ... but it looks like sending brain signals into the cloud is just another fairy tale. for the moment.

https://www.tomshardware.com/tech-industry/full-scan-of-1-cubic-millimeter-of-brain-tissue-took-14-petabytes-of-data-equivalent-to-14000-full-length-4k-movies

JUST IN - Microsoft shareholders reject Bitcoin investment proposal.

https://www.disclose.tv/id/x0t7bzhwb1/

@disclosetv

AMD’s trusted execution environment blown wide open by new BadRAM attack
https://arstechnica.com/information-technology/2024/12/new-badram-attack-neuters-security-assurances-in-amd-epyc-processors/

Attack bypasses AMD protection promising security, even when a server is compromised.