Qubes-OS has a neat feature where you convert a pdf in a disposable VM to a bitmap which is probably the safest way.
https://blog.invisiblethings.org/2013/02/21/converting-untrusted-pdfs-into-trusted.html
https://github.com/QubesOS/qubes-app-linux-pdf-converter

Hackers Claim Massive Breach of Location Data Giant, Threaten to Leak Data

Gravy Analytics has been one of the most important companies in the location data industry for years, collating smartphone location data from around the world selling some to the U.S. government. Hackers say they stole a mountain of data.

Hackers claim to have compromised Gravy Analytics, the parent company of Venntel which has sold masses of smartphone location data to the U.S. government.  The hackers said they have stolen a massive amount of data, including customer lists, information on the broader industry, and even location data harvested from smartphones which show peoples’ precise movements, and they are threatening to publish the data publicly.

The news is a crystalizing moment for the location data industry. For years, companies have harvested location information from smartphones, either through ordinary apps or the advertising ecosystem, and then built products based on that data or sold it to others.

In many cases, those customers include the U.S. government, with arms of the military, DHS, the IRS, and FBI using it for various purposes. But collecting that data presents an attractive target to hackers....

https://www.404media.co/hackers-claim-massive-breach-of-location-data-giant-threaten-to-leak-data/

https://www.wired.com/story/gravy-location-data-app-leak-rtb/

Net Switch: Isolate Apps from Internet Access

Net Switch is a Magisk module to isolate apps from accessing the internet on your Android device. This tool gives you complete control over which apps can send or receive data, improving security, privacy, and saving bandwidth.
Fully standalone, Operates fully on iptables.

More info :https://github.com/Rem01Gaming/net-switch

#magisk #firewall #privacy #afwallalterernative

■□□□□ New Attack Technique to Bypassing EDR as Low Privileged Standard User.

https://cybersecuritynews.com/bypassing-edr-as-standard-user/

Cloudflare Is Blocking Pale Moon and other non-mainstream browsers (🔥 Score: 159+ in 2 hours)

Link: https://readhacker.news/c/6nAUW

Hello.
Cloudflare's Browser Intergrity Check/Verification/Challenge feature used by many websites, is denying access to users of non-mainstream browsers like Pale Moon.
Users reports began on January 31:
https://forum.palemoon.org/viewtopic.php?f=3&t=32045
This situation occurs at least once a year, and there is no easy way to contact Cloudflare. Their "Submit feedback" tool yields no results. A Cloudflare Community topic was flagged as "spam" by members of that community and was promptly locked with no real solution, and no official response from Cloudflare:
https://community.cloudflare.com/t/access-denied-to-pale-moon-desktop-browser/764330
Partial list of other browsers that are being denied access:
Falkon, SeaMonkey, IceCat, Basilisk.
Hacker News 2022 post about the same issue, which brought attention and had Cloudflare quickly patching the issue:
https://news.ycombinator.com/item?id=31317886
A Cloudflare product manager declared back then: "...we do not want to be in the business of saying one browser is more legitimate than another."
As of now, there is no official response from Cloudflare. Internet access is still denied by their tool.

FeedDemon
Fluent Reader
Fraidycat
LeechCraft *
QuiteRSS
Raven Reader
RSS Bandit
RSS Guard *
RSSOwl
RSSOwlnix
SharpReader
Spot-On *

* Recommended

https://leechcraft.org/
https://textbrowser.github.io/spot-on/

Owner of spyware used in alleged WhatsApp breach ends contract with Italy.

https://www.theguardian.com/technology/2025/feb/06/owner-of-spyware-used-in-alleged-whatsapp-breach-ends-contract-with-italy

Spyware maker Paragon terminates contract with Italian government: media reports | TechCrunch

"Paragon Solutions, a startup that sells access to surveillance technologies including phone spyware, has cut ties with the Italian government, according to reports in The Guardian and Haaretz.

On Thursday, citing an anonymous source, The Guardian reported Paragon had first suspended its contract with Italy on Friday after WhatsApp said it had disrupted a hacking campaign leveraging the Israeli startup’s spyware targeting around 90 people. On Wednesday, Paragon terminated the contract once the company determined that the Italian government had broken “the terms of service and ethical framework it had agreed under its Paragon contract,” according to the British newspaper."

#Paragon #ParagonGraphite #Italy

Nitter.net is coming back.
https://github.com/zedeus/nitter/discussions/1212

■■□□□ ”Torrenting from a corporate laptop doesn’t feel right”: Meta emails unsealed.

https://arstechnica.com/tech-policy/2025/02/meta-torrented-over-81-7tb-of-pirated-books-to-train-ai-authors-say/

Nepenthes
This is a tarpit intended to catch web crawlers. Specifically, it's targetting crawlers that scrape data for LLM's - but really, like the plants it is named after, it'll eat just about anything that finds it's way inside.

It works by generating an endless sequences of pages, each of which with dozens of links, that simply go back into a the tarpit. Pages are randomly generated, but in a deterministic way, causing them to appear to be flat files that never change. Intentional delay is added to prevent crawlers from bogging down your server, in addition to wasting their time. Lastly, optional Markov-babble can be added to the pages, to give the crawlers something to scrape up and train their LLMs on, hopefully accelerating model collapse.
You can take a look at what this looks like, here. (Note: VERY slow page loads!)

WARNING
THIS IS DELIBERATELY MALICIOUS SOFTWARE INTENDED TO CAUSE HARMFUL ACTIVITY. DO NOT DEPLOY IF YOU AREN'T FULLY COMFORTABLE WITH WHAT YOU ARE DOING.

ANOTHER WARNING
LLM scrapers are relentless and brutual. You may be able to keep them at bay with this software - but it works by providing them with a neverending stream of exactly what they are looking for. YOU ARE LIKELY TO EXPERIENCE SIGNIFICANT CONTINUOUS CPU LOAD, ESPECIALLY WITH THE MARKOV MODULE ENABLED.

YET ANOTHER WARNING
There is not currently a way to differentiate between web crawlers that are indexing sites for search purposes, vs crawlers that are training AI models. ANY SITE THIS SOFTWARE IS APPLIED TO WILL LIKELY DISAPPEAR FROM ALL SEARCH RESULTS.

https://zadzmo.org/code/nepenthes/

■□□□□ Researcher Outsmarts, Jailbreaks OpenAI's New o3-mini.

https://www.darkreading.com/application-security/researcher-jailbreaks-openai-o3-mini

■■□□□ Cloudflare outage caused by botched blocking of phishing URL.

https://www.bleepingcomputer.com/news/security/cloudflare-outage-caused-by-botched-blocking-of-phishing-url/

VX Linux - systemd-free Plasma desktop distro - LinuxLinks
https://www.linuxlinks.com/vx-linux-systemd-free-plasma-desktop-distro/

Proof that the GNU project depends on corporations, the FSF must be piling money up its ass, doing nothing to maintain the software, abandoning its own software, not investing in its own developers, spending money promoting internal events!

https://www.phoronix.com/news/GNU-Gold-Linker-Deprecated