Disabled system extensions & system policies at build-time.
Disabled & removed the build dependency on legacy AutoConfig functionality (also known as Mission Control Desktop, debuted in Netscape Communicator 4.5... https://www.internetnews.com/enterprise/netscape-unveils-enterprise-management-tools/) to reduce attack surface and reliance on legacy code.

Disabled more unnecessary debugging/development features at build-time.
Explicitly disabled SpiderMonkey performance telemetry at build-time.
Enabled mobile optimizations at build-time.

Updated the onboarding to remove Privacy Policy/Terms of Use references, and replaced the Firefox logo (and certain other elements) with our own.

Removed Swisscows as a default search engine due to concerns regarding false marketing of their VPN and spreading false claims about other services, such as Signal.
Other minor tweaks, fixes, & adjustments.

https://gitlab.com/ironfox-oss/IronFox/-/releases

■■■■□ A proof-of-concept program has been released to demonstrate a so-called monitoring "blind spot" in how some Linux antivirus and other endpoint protection tools use the kernel's io_uring interface.

That interface allows applications to make IO requests without using traditional system calls. That's a problem for security tools that rely on syscall monitoring to detect threats.

https://developers.redhat.com/articles/2023/04/12/why-you-should-use-iouring-network-io

https://www.theregister.com/2025/04/29/linux_io_uring_security_flaw/

Redis is open source again
Article, Comments

Fivetran to acquire Census
Article, Comments

Must read for tg user!!! 😤😡😈🤮

https://tginfo.me/esafety-analysis-en/ telegram will read all messages including private messages

Microsoft is making Office apps load at startup

Microsoft is introducing "Startup Boost" for Office apps, beginning with Word in mid-May 2025. It will enhance load times by preloading the apps at Windows startup. It is only available for PCs having at least 8GB of RAM and 5GB of free disk space to maintain performance.

The scheduled task will wait for 10 minutes before execution to prevent slowing down Windows on login. After the task executes, the app remains in paused state. It can be disabled via app settings or Task Scheduler. The feature will later extend to other Office apps.

🔗 MS365 Message Center
🧑‍💻 @agamtechtricks

🚨 AI isn’t just writing your code — it’s leaking your secrets.

New GitGuardian data shows AI-assisted repos leak secrets 40% more often than average.

📊 1,200+ repos leaked secrets in 2025 alone.

👉 Don’t trust. Verify. Full report: https://thehackernews.com/expert-insights/2025/04/the-new-frontier-of-security-risk-ai.html

🔥 UPDATE - A public PoC exploit is now available for a serious SonicWall SMA exploit chain.

➡️ CVE-2024-38475: Apache HTTP Server flaw used to bypass auth
➡️ CVE-2023-44221: Post-auth command injection via Diagnostics menu

CISA has added both to the KEV catalog — federal patch deadline: May 22, 2025.
Exploitation is already active in the wild.

📎 Details + PoC: https://thehackernews.com/2025/05/sonicwall-confirms-active-exploitation.html

🔐 Microsoft goes passwordless by default for all new accounts.

No more passwords at sign-up—just passkeys, using biometrics or device PINs. It's phishing-resistant, backed by FIDO standards.

Existing users? You can remove your password now from settings.

Learn more: https://thehackernews.com/2025/05/microsoft-sets-passkeys-default-for-new.html

Xiaomi may be moving towards a Google-free future with HyperOS, potentially collaborating with BBK and Huawei. This shift could redefine the smartphone market and reduce reliance on Google services while building their ecosystem. Stay tuned for updates!

🔗 Check More

Third Party Cookies Must Be Removed
Article, Comments

XAI Dev Leaks API Key for Private SpaceX, Tesla LLMs
Article, Comments

Felix86: Run x86-64 programs on RISC-V Linux
Article, Comments

Chrome Origin Trial: Device Bound Session Credentials
Article, Comments

Weather Doge

Wow, doge weather for Android.

🔗 Links:
- Download
- Screenshots
- Features
- Source code
Developer: VersoBit

❗️Friendly reminder:

If you find it useful, You may star the repo/app, donate to the developer, or perhaps you may also contribute to the development of this project.

🏷 Tags: #Android #Utilities

The UN is slowly moving away from proprietary solutions.

https://news.itsfoss.com/un-ditches-google-form/

🔥 Automate the chaos. Stay ahead of CVEs.

LivePerson slashed vuln ticketing time by 60% using a free Tines workflow that:

→ Auto-pulls CISA alerts
→ Enriches with CrowdStrike
→ Sends Slack buttons
→ Creates ServiceNow tickets

No manual tracking. No delays. Just speed.

👀 See how your team can do it too: https://thehackernews.com/2025/05/how-to-automate-cve-and-vulnerability.html

🚨 TikTok Fined €530M for secretly storing EU user data in China, violating GDPR rules.

🇪🇺 Ireland’s DPC says TikTok misled regulators, failed to ensure EU-level privacy, and ignored China’s surveillance risks.

They now have 6 months to stop transfers.

🔗 Read more: https://thehackernews.com/2025/05/tiktok-slammed-with-530-million-gdpr.html

📉 Second major GDPR fine after a €345M penalty in 2023.

How you can use ALL the AI you want from one web interface using Open WebUI and LiteLLM and your own Virtual Private Server:

https://rumble.com/v6sl7mf-i-made-a-roladex-of-ai-that-i-now-use-every-day-open-webui-and-litellm.html