Your Raspberry Pi 5 needs this!

https://news.itsfoss.com/pironman-5-max/

🚨 Update: The latest version of Samsung MagicINFO 9 Server is being actively exploited—despite a patch issued in Aug 2024.

🔍 Researchers at Huntress say the flaw is still vulnerable to attack via a public PoC.

🔗 Read: https://thehackernews.com/2025/05/hackers-exploit-samsung-magicinfo.html

🛑 New Cisco flaw scores a perfect 10.0 CVSS.

A hardcoded token. Root access. No login needed.

If you run Catalyst 9800 wireless controllers, you’ll want to check this fast.

👉 Read more about CVE-2025-20188 here: https://thehackernews.com/2025/05/cisco-patches-cve-2025-20188-100-cvss.html

🛠️ Microsoft hit 1,360 new vulnerabilities in 2024 — a record high. But here’s the twist—critical flaws are at a decade low.

So why are security leaders still on edge? Legacy code, AI risks, unstable patches… and a looming October 2025 deadline.

💥 The real threat isn’t always the loudest one.

Get the full story in the 2025 Microsoft Vulnerabilities Report: https://thehackernews.com/expert-insights/2025/05/dissecting-2025-microsoft.html

⚠️"I’m not a robot" just became dangerous.

A Russia-linked group is using fake CAPTCHAs and PowerShell tricks to quietly deploy a new espionage tool—LOSTKEYS.

Targets? The usual... and some surprising ones.

Read full story → https://thehackernews.com/2025/05/russian-hackers-using-clickfix-fake.html

🚨 China-linked hackers hit Japan & Taiwan!

Govt agencies were targeted with ROAMINGMOUSE, a stealthy Excel-based malware dropper delivering an upgraded ANEL backdoor.

It starts with a real OneDrive link. Ends with deep system access.

But there’s more under the surface...

🔗 See how the attack works → https://thehackernews.com/2025/05/mirrorface-targets-japan-and-taiwan.html

🔐 Learn from industry experts and gain hands-on experience with integrated cybersecurity strategies, policies, and safeguards.

Don’t miss this event → https://thn.news/gc-cyber-risk-fb

🚨 AI is only as secure as the data it relies on.

As generative AI adoption grows, one question matters most:

Can you trust your data?

Sentra Security’s latest blog breaks down why visibility & control are key to safe, reliable AI.

Read more 👉 https://thn.news/ai-secure-data-x

🚨 Qilin Ransomware Surges to #1

A stealthy tool called NETXLOADER is fueling Qilin’s explosive growth—45 victims in April alone, across sectors like healthcare, finance, and tech.

Find details here — https://thehackernews.com/2025/05/qilin-leads-april-2025-ransomware-spike.html

⚠️ Another one? A SonicWall bug from 2021 just came back—and might’ve been exploited.

Now, 3 new flaws in SMA 100 appliances open the door to root-level access via VPN.

Don’t wait for PoC exploit | Update now → v10.2.1.15-81sv

🔗 Details here: https://thehackernews.com/2025/05/sonicwall-patches-3-flaws-in-sma-100.html

Samsung is paying $350M for audio brands B&W, Denon, Marantz and Polk
Article, Comments

NSA spied through Angry Birds, other apps: report (2014)
Article, Comments

Yggdrasil is an experimental compact routing scheme that is fully decentralised
Article, Comments

We have reached the "severed fingers and abductions" stage of crypto revolution
Article, Comments

Bootstrapping Lisp in a Boot Sector
Article, Comments

Mycoria is an open and secure overlay network that connects all participants
Article, Comments

I can't understand Apple's Critical Alert policy
Article, Comments

How to Harden GitHub Actions: The Unofficial Guide
Article, Comments

From October 11, 2010

https://sociable.co/web/html5-a-threat-to-privacy/

Is HTML5 a threat to privacy?

HTML5 allows website owners to create custom cookies on visitor’s machines that can store vast amount of a user’s browsing history.

Unlike previous cookies, which have limited uses and often expire after a short period of time, these HTML5 cookies can be stored on user’s machines for months, during which time they can collect more data about individual visitors. HTML 5 cookies are also capable of storing images, videos, video, text and location data.

Security firms and W3C are concerned that hackers will be able to access this personal information potentially giving them access to email and social networking data.

Concerns for users’ privacy are not just academic, in a test of the vulnerability of HTML 5 Samy Kamkar, a Californian programmer (@samykamkar), created a HTML5 cookie capable of tracking a user’s online activities. Called ‘evercookie’ Kamkar cookie can be downloaded without the users knowledge and, according to security experts is “not easily deleted.” His website is here http://samy.pl/ if you are brave enough to visit it.

While Kamkar’s cookie was developed to prove that such security holes exist there are fears that it could be used for more malicious reasons. He has made his code available to the public.

CIA Developed Marble Framework to Cover its Tracks, Capable of Faking Russian Hacking
April 5, 2017
https://sociable.co/web/cia-marble-russian-hacking/

The plot behind Marble was so intricate that the CIA could, for example, pretend that “the spoken language of the malware creator was not American English, but Chinese,” but then show “attempts to conceal the use of Chinese, drawing forensic investigators even more strongly to the wrong conclusion.”

A Marble is a specific algorithm that scrambles and unscrambles data, and the Marble Framework was designed to allow for flexible and easy-to-use obfuscation (making something obscure) when developing tools.
The Marble Framework covered over the English language text on US-produced weapons systems before giving them to insurgents secretly backed by the CIA, according to WikiLeaks.

DARPA MAGICS seeks paradigm shift in ‘predicting collective human behavior’
April 8, 2025
https://sociable.co/military-technology/darpa-predicting-collective-human-behavior-magics/

In December, DARPA announced its algorithmic “Theory of Mind” program, which was later named “Kallisti” with the goal of developing “new capabilities to enable national security decisionmakers to optimize strategies for deterring or incentivizing actions by adversaries.”
According to the Theory of Mind special notice, “The goal of an upcoming program will be to develop an algorithmic theory of mind to model adversaries’ situational awareness and predict future behavior.”
“The program will seek not only to understand an actor’s current strategy but also to find a decomposed version of the strategy into relevant basis vectors to track strategy changes under non-stationary assumptions.”

 

at Galois, a tech R&D company whose clients include DARPA, the US Intelligence Community, and NASA, and whose partners include the Bill and Melinda Gates Foundation.

MAGICS and Kallisti follow a long line of DARPA research programs to monitor, predict, and modify human behavior going back decades.

“The goal of the Total Information Awareness (TIA) program is to revolutionize the ability of the United States to detect, classify and identify foreign terrorists – and decipher their plans – and thereby enable the US to take timely action to successfully preempt and defeat terrorist acts”
DARPA, Total Information Awareness (TIA), July 2002

Following the attacks on September 11, 2001 DARPA announced its now-defunct (or potentially splintered) “Total Information Awareness (TIA) program in July, 2002 “to revolutionize the ability of the United States to detect, classify and identify foreign terrorists – and decipher their plans – and thereby enable the US to take timely action to successfully preempt and defeat terrorist acts.”