Forwarded from Hacker News
Forwarded from Hacker News
Viktor's Tech Musings & Security Paranoia
Yocto, RockPi and SBOMs: Building Modern Embedded Linux Images
Insights on DevSecOps, cloud architecture, and building secure, scalable systems. Sharing practical experience from running tech companies and implementing software supply chain security at scale.
Forwarded from 𝗽𝗼𝗽𝗠𝗢𝗗𝗦 | 𝗙𝗢𝗦𝗦, 𝗟𝗶𝗳𝗲, 𝗠𝗲𝗺𝗲𝘀 (🜲 SyntaxSpin ꑭ)
FSearch
a fast file search utility, inspired by Everything Search Engine.
🔗 Links:
- Download
- Screenshots
- Features
- SourceCode
Developer: Christian Boxdörfer
❤️ Special thanks for @rafi_ifar_0 for recommending!
🏷️ Tags: #GNU_linux #Search #GTK #Gnome
a fast file search utility, inspired by Everything Search Engine.
🔗 Links:
- Download
- Screenshots
- Features
- SourceCode
Developer: Christian Boxdörfer
❤️ Special thanks for @rafi_ifar_0 for recommending!
🏷️ Tags: #GNU_linux #Search #GTK #Gnome
Forwarded from Hacker News
WhatsApp, Signal Sign letter against UK privacy bill, say they will not comply (2023)
Article, Comments
Article, Comments
CNET
WhatsApp and Signal Say the UK's Online Safety Bill Puts Your Privacy at Risk
The bill could weaken end-to-end encrypted communication, the app-makers warned in a letter to the UK government.
France and Germany unveil Docs, a homegrown alternative to Google Docs | TechSpot
https://www.techspot.com/news/107225-france-germany-unveil-docs-collaborative-tool-rival-us.html
https://www.techspot.com/news/107225-france-germany-unveil-docs-collaborative-tool-rival-us.html
TechSpot
France and Germany unveil Docs, a homegrown alternative to Google Docs
The Trump administration has set out to drastically reshape the relationship between the US and Europe. In response, Brussels is scrambling to adapt to this new reality,...
Forwarded from The Hacker News
⚠️ Critical Next.js security flaw—PATCH NOW!
A 9.1 CVSS bug (CVE-2025-29927) lets attackers bypass auth checks in middleware and access admin-only pages.
Exploit details are now public.
🛠️ Fixed in: v12.3.5, v13.5.9, v14.2.25, v15.2.3
🛡️ Can't patch? Block x-middleware-subrequest headers.
This is urgent. Middleware-based auth alone isn't safe.
👉 Read the full advisory: https://thehackernews.com/2025/03/critical-nextjs-vulnerability-allows.html
A 9.1 CVSS bug (CVE-2025-29927) lets attackers bypass auth checks in middleware and access admin-only pages.
Exploit details are now public.
🛠️ Fixed in: v12.3.5, v13.5.9, v14.2.25, v15.2.3
🛡️ Can't patch? Block x-middleware-subrequest headers.
This is urgent. Middleware-based auth alone isn't safe.
👉 Read the full advisory: https://thehackernews.com/2025/03/critical-nextjs-vulnerability-allows.html
Forwarded from NoGoolag
Google’s multi-billion-dollar Wiz deal: A backdoor for military intel?
Google's $32 billion bid to acquire the cybersecurity firm Wiz, seen on the surface as part of its ongoing push into cloud and AI expansion, will in fact bring in a group of Israeli Unit 8200 military intelligence alumni amid growing rivalry with Microsoft and Amazon, WikiLeaks warns.
🔴 Unit 8200, Tel Aviv’s largest single military unit in the Israel Defense Forces (IDF), can be perceived as equivalent to the US National Security Agency (NSA).
🔴 The notorious unit is known for developing the deadly “Lavender” AI used in targeted assassinations during the Gaza conflict, an investigation by +972 Magazine and Local Call revealed in 2024.
🔴 Graduates of the unit involved in surveillance and high-tech warfare have reportedly infiltrated Israel’s tech startup scene, especially in cybersecurity.
🔴 “...Nearly 50% of founders whose companies were acquired for over $100 million in the last decade served in the unit [8200],” research by VC fund Ibex Investors claims.
🔴 Meta's Chief Information Security Officer (CISO) Guy Rosen is a Unit 8200 graduate.
🔴 Google, Meta, Amazon, Microsoft, and LinkedIn are all staffed with these ex-intelligence officers, according to open source reporting.
🔴 Wiz counts all four of its founders among Unit 8200's alumni, and all 1,800 Wiz staff will remain employed under the transition, The Times of Israel writes. The deal was touted as a “new feather in cap of Israeli military intelligence.”
👍 Boost us | Chat | Stickers |@geopolitics_live
Google's $32 billion bid to acquire the cybersecurity firm Wiz, seen on the surface as part of its ongoing push into cloud and AI expansion, will in fact bring in a group of Israeli Unit 8200 military intelligence alumni amid growing rivalry with Microsoft and Amazon, WikiLeaks warns.
🔴 Unit 8200, Tel Aviv’s largest single military unit in the Israel Defense Forces (IDF), can be perceived as equivalent to the US National Security Agency (NSA).
🔴 The notorious unit is known for developing the deadly “Lavender” AI used in targeted assassinations during the Gaza conflict, an investigation by +972 Magazine and Local Call revealed in 2024.
🔴 Graduates of the unit involved in surveillance and high-tech warfare have reportedly infiltrated Israel’s tech startup scene, especially in cybersecurity.
🔴 “...Nearly 50% of founders whose companies were acquired for over $100 million in the last decade served in the unit [8200],” research by VC fund Ibex Investors claims.
🔴 Meta's Chief Information Security Officer (CISO) Guy Rosen is a Unit 8200 graduate.
🔴 Google, Meta, Amazon, Microsoft, and LinkedIn are all staffed with these ex-intelligence officers, according to open source reporting.
🔴 Wiz counts all four of its founders among Unit 8200's alumni, and all 1,800 Wiz staff will remain employed under the transition, The Times of Israel writes. The deal was touted as a “new feather in cap of Israeli military intelligence.”
👍 Boost us | Chat | Stickers |@geopolitics_live
Forwarded from 𝗽𝗼𝗽𝗠𝗢𝗗𝗦 | 𝗙𝗢𝗦𝗦, 𝗟𝗶𝗳𝗲, 𝗠𝗲𝗺𝗲𝘀 (Ömer)
Forwarded from The Hacker News
⚠️ Developers targeted where it hurts — their tools.
2 malicious VSCode extensions were caught deploying early-stage ransomware, demanding 1 ShibaCoin to decrypt files.
➡️ Names: ahban.shiba & ahban.cychelloworld
➡️ Encrypted a test folder on victims’ desktops
➡️ Demanded 1 ShibaCoin—no wallet address yet
Meanwhile, a fake Maven package is stealing OAuth credentials every 15th of the month—via typosquatting.
🔗 Your tools can betray you. Audit dependencies: https://thehackernews.com/2025/03/vscode-marketplace-removes-two.html
2 malicious VSCode extensions were caught deploying early-stage ransomware, demanding 1 ShibaCoin to decrypt files.
➡️ Names: ahban.shiba & ahban.cychelloworld
➡️ Encrypted a test folder on victims’ desktops
➡️ Demanded 1 ShibaCoin—no wallet address yet
Meanwhile, a fake Maven package is stealing OAuth credentials every 15th of the month—via typosquatting.
🔗 Your tools can betray you. Audit dependencies: https://thehackernews.com/2025/03/vscode-marketplace-removes-two.html
Forwarded from It's FOSS
Linux-Assistant can be your go-to tool for quick searches and automation.
https://news.itsfoss.com/linux-assistant/
https://news.itsfoss.com/linux-assistant/
It's FOSS
Linux-Assistant is a Tool You Didn't Know You Needed!
Tired of managing your Linux installation? Linux-Assistant helps simplify common maintenance tasks, making system management easier.
Forwarded from It's FOSS
The European Union is aiming high with EU OS. Will they be able to achieve their goals?
https://news.itsfoss.com/eu-os/
https://news.itsfoss.com/eu-os/
It's FOSS
Can this become the European Union's own Linux Distribution?
Can this Linux-powered operating system disrupt Windows' hold in the European Union?
Forwarded from It's FOSS
Ever wondered what's pacman -Syu? Our latest piece clears that up for you:
https://itsfoss.com/pacman-syu/
https://itsfoss.com/pacman-syu/
It's FOSS
Understanding pacman -Syu Command in Arch Linux
Unraveling the mysterious Syu in pacman
Forwarded from The Hacker News
🚨 URGENT: New ransomware "VanHelsing" claims 3 victims in just 17 days since March 7th launch.
This RaaS operation charges newcomers $5K to join while letting experienced hackers in for free. Targets ALL major OS platforms with sophisticated "double extortion" tactics.
See the full story: https://thehackernews.com/2025/03/vanhelsing-raas-launch-3-victims-5k.html
This RaaS operation charges newcomers $5K to join while letting experienced hackers in for free. Targets ALL major OS platforms with sophisticated "double extortion" tactics.
See the full story: https://thehackernews.com/2025/03/vanhelsing-raas-launch-3-victims-5k.html
Forwarded from Gizchina.com
Xiaomi HyperOS 2.2: Supported Devices, Features, and Release Details
https://www.gizchina.com/2025/03/24/xiaomi-hyperos-2-2-supported-devices-features-and-release-details/
https://www.gizchina.com/2025/03/24/xiaomi-hyperos-2-2-supported-devices-features-and-release-details/
Forwarded from The Hacker News
🔥 “Security OR usability?” is the wrong question.
71% of professionals admit to risky password behavior—not because they don't care, but because friction drives shortcuts. 😬
The solution? Smarter design, not stricter rules.
| Reduce complexity
| Use passphrases
| Give real-time feedback
The right tools—like Specops Password Policy—boost both security and UX.
Stop choosing between safety and simplicity. Start balancing both → https://thehackernews.com/2025/03/how-to-balance-password-security.html
71% of professionals admit to risky password behavior—not because they don't care, but because friction drives shortcuts. 😬
The solution? Smarter design, not stricter rules.
| Reduce complexity
| Use passphrases
| Give real-time feedback
The right tools—like Specops Password Policy—boost both security and UX.
Stop choosing between safety and simplicity. Start balancing both → https://thehackernews.com/2025/03/how-to-balance-password-security.html
Forwarded from The Hacker News
Stay informed with the latest in cybersecurity trends, vulnerabilities, and best practices.
🔐 Don't miss out on this week's critical updates on patching, threats, and system protection.
Read the full newsletter here: https://thehackernews.com/2025/03/thn-weekly-recap-github-supply-chain.html
🔐 Don't miss out on this week's critical updates on patching, threats, and system protection.
Read the full newsletter here: https://thehackernews.com/2025/03/thn-weekly-recap-github-supply-chain.html