A joint statement of Belarus President Aleksandr Lukashenko and Iran President Masoud Pezeshkian on more profound advancement of relations between the Republic of Belarus and the Islamic Republic of Iran has been signed.
At the end of each shift, officers’ BWV footage was uploaded and stored to a central hub which could be accessed and managed, along with all of SYP’s digital evidence, via a secure system.
Following an upgrade in May 2023, the secure system began to struggle processing BWV data and a local drive workaround was put in place.
In August 2023 SYP identified that its BWV file storage was very low and further investigation found that 96,174 pieces of original footage had been deleted from its system.
The following month it was found the deletion had taken place on 26 July 2023 and included the loss of data relating to 126 criminal cases, only three of the cases were impacted by the loss. Of those three cases, SYP states one may have progressed to the first court hearing if BWV had been available. However, as there was no additional independent evidence to prove the offence, progression to prosecution stage was already uncertain.
Prior to the deletion, 95,033 pieces of BWV footage had been copied to a new system that SYP was implementing but, due to poor record keeping, SYP remain unable to confirm the exact number of files deleted without copies made.
96,000 UK Police Bodycam Videos Lost After Data Transfer Mishap
At the end of each shift, officers’ BWV footage was uploaded and stored to a central hub which could be accessed and managed, along with all of SYP’s digital evidence, via a secure system.
Following an upgrade in May 2023, the secure system began to struggle processing BWV data and a local drive workaround was put in place.
In August 2023 SYP identified that its BWV file storage was very low and further investigation found that 96,174 pieces of original footage had been deleted from its system.
The following month it was found the deletion had taken place on 26 July 2023 and included the loss of data relating to 126 criminal cases, only three of the cases were impacted by the loss. Of those three cases, SYP states one may have progressed to the first court hearing if BWV had been available. However, as there was no additional independent evidence to prove the offence, progression to prosecution stage was already uncertain.
Prior to the deletion, 95,033 pieces of BWV footage had been copied to a new system that SYP was implementing but, due to poor record keeping, SYP remain unable to confirm the exact number of files deleted without copies made.
Someone was reviewing some footage and decided to hide the deletion in amongst lots of other benign videos. They seem to always loose the critical videos showing police brutality don't they!?
This was probably done intentionally to hide one exceptionally terrible incident. Always make your own recordings of your police interactions so you don't have to hope your bodycam video request is actually fulfilled.
So basically you had a storage full issue and nobody thought to check on that? There isn't a monitor to alert at 80% full?
And those delete files, who deleted them? You don't have any audit system?
What the FUCK are you being paid for? Because I know that these systems don't come cheap, they are fucking expensive to buy and maintain and I know that a government will pay through the nose for this to work correctly and you fuck up at step one?
This should result in millions / billion dollar penalizations.
The best open source office suite continues to evolve, while maintaining its focus on privacy and digital sovereignty Berlin, 20 August 2025 – The Document Foundation announces the release of LibreOffice 25.8.
Hi everyone, I’m currently using Linux Mint 22 Cinnamon edition, version 6.2.7, which I reinstalled today on my laptop. When I open LibreOffice Writer, I’m experiencing an issue where some icons aren’t clearly visible in dark mode.
No, not that one. But I guess there are multiple angles, dark mode overall has been pretty rough.
The one that gets in my way the most is their already spotty xlsx conversion seems to parse Office's default font color as black instead of automatic, which means when you open Excel docs on LibreOffice you get black text on black background by default.
You can just select all and manually change the text color, but it's a pain, and on spreadsheets you have to do it on each spreadsheet page. From what I've seen there have been bugs opened and reclosed with "you should set the text to automatic", which is engineer excuses for what is obviously a genuine issue with the defaults of document conversion, as far as I can tell.
There's an optional "tabbed interface" in View > User Interface that's a lot like the Office ribbon. Like the Office ribbon, it has context-sensitive additional tabs, and you can enable a compact version that shows less but takes up less vertical space.
I've not had a need for LibreOffice for a while, but it certainly looks a lot less cluttered than the default old-school toolbars.
I know. I just didn't know GNU was pronounced Gee-Noo, like in GIMP
Isn't GNOME also a GNU thing? GNU Image Manipulation Program Network O… Object… Model… uhh… Environment? Also, this means GNOME is pronounced like Genome, as in, like, Jeans and stuff, innit?
for all 3 of these projects the main way ive heard them said is with a hard G, i know there is a debate with GNOME as to pronounce the G or not (as in the word "gnome"), idk if a similar debate exists with GNU
imo, there’s no wrong way to pronounce a word, as long as people know what you’re talking about, it’s fine
Dammit. I want arguments. Chaos. But yes, I do soft G GIMP. Not GNU or GNOME. I do say GNOME with a G, though. I mean, I don't talk about these things IRL. These words don't show up in my convos. Actually, it might be without a G. I guess I could start soft G'ing GNU and GNOME, just because. It's how I got to soft G GIF, by going the opposite way I was doing. And now it just be like that, and hard G GIF feels kinda weird.
LibreOffice Draw can actually edit PDFs - it's not perfect for complex layouts but works great for basic editing, adding text, and modifing simple elements (tho sometimes formatting gets a bit wonky).
[vlog/video] Trump-Zelensky summit was theater, not progress: Landsbergis — Russia resumes stolen grain shipments from occupied Ukrainian territories to Syria — Ukrainian drones hit oil refinery in Russia’s Volgograd Oblast — Security guarantees for Ukrai
Medical Supplies for Ukraine’s Hospitals. Partnering for global health equity.
Russia’s war against Ukraine
Supporters of the Ukraine Solidarity Campaign protest in Parliament Square on August 19, 2025 in London, England. President Zelensky has said today that he is willing to meet President Putin for peace talks to end Russia’s war on Ukraine. (Guy Smallman / Getty Images)
Zelensky, Putin maymeet within 2 weeks, German chancellor says. “The American president spoke with the Russian president on the phone and agreed that there would be a meeting between the Russian president and the Ukrainian president within the next two weeks,” German Chancellor Friedrich Merz said.
US troopswon’t be sent to Ukraine as part of security guarantees, Trump says. U.S. President Donald Trump said on Aug. 19 that U.S. soldiers will not be on the ground in Ukraine to ensure security guarantees are upheld, deflecting the responsibility to European allies.
NATO military leaders to meet on Aug. 20 to discusssecurity guaranteesfor Ukraine. NATO military leaders are scheduled to meet virtually on Aug. 20 to discuss the alliance’s support for Ukraine as European leaders continue negotiations with Kyiv and Washington on security agreements for the embattled country.
‘I want to try toget to heaven,’ Trump cites divine motivation for Ukraine peace. “If I can save 7,000 people a week from being killed, I think that’s a pretty… I want to try to get to heaven if possible, I’m hearing that I’m not doing well,” Trump said on Aug. 19.
Russia resumesstolen grain shipmentsfrom occupied Ukrainian territories to Syria. Russia has resumed grain shipments to Syria from within occupied Crimea, transporting stolen grain from Ukraine’s occupied territories, reported Kateryna Yaresko, a journalist with the Ukrainian SeaKrime project that tracks Russia’s illegal shipping activity.
Zelensky outlines$90 billionUS arms deal as part of Ukraine’s security guarantees. By tying its defense needs to a major boost for U.S. industry, Ukraine hopes to turn its request into an investment opportunity that appeals directly to American interests. The proposal also includes a separate $50 billion agreement for producing drones with Ukrainian companies.
The refinery is the second-largest owned by Lukoil and a key producer of petroleum products in Russia’s Southern Federal District.
Ukrainian drones destroy 2 Russianammo depotsin Luhansk Oblast, Security Service says. The strikes hit warehouses in the village of Bilokurakyne, located on a key railway line supplying Russian forces on the Pokrovsk front, where Moscow is focusing its primary offensive efforts.
Read our exclusives
Trump walks back from Ukraine ceasefire calls, aligning closer with Russia’s push for peace deal
U.S. President Donald Trump has walked away from his ceasefire demand, saying that he supports its “concept” but can push for a peace deal between Russia and Ukraine without one.
Photo: Andrew Harnik / Getty Images
Learn more Ukraine war latest: US troops won’t be sent to Ukraine as part of security guarantees, Trump says
Trump said on Aug. 19 that U.S. soldiers will not be on the ground in Ukraine to ensure security guarantees are upheld, deflecting the responsibility to European allies.
Photo: Bonnie Cash /UPI /Bloomberg via Getty Images
Learn more Did Zelensky wear a suit? President’s outfit at White House meeting sparks fresh debate
All eyes were on President Volodymyr Zelensky’s outfit as he arrived at the White House to meet President Donald Trump, months after his previous Washington visit sparked controversy — in part over what he wore.
Photo: Anna Moneymaker / Getty Images
Learn more Security guarantees for Ukraine explained: What’s on the table and what’s realistic?
As peace talks to end the war gather speed toward a potential trilateral meeting between the U.S., Ukraine, and Russia, the question of what kind of security guarantees Kyiv might receive continues to loom large.
Photo: Tom Brenner for The Washington Post via Getty Images
From Crimea to Donbas, Russia’s “peace” has always meant more war. We’re here in Ukraine to give the world a reality check. Support independent journalism in this critical moment.
Five people were killed and 11 injured on Aug. 17, followed by eight killed and 35 injured on Aug. 18, and at least eight killed and 53 injured on Aug. 19.
Russia’s Aug. 17 strike on Kharkivkills 7, injures 24, just hours before Zelensky met with Trump in Washington. Russia launched a wave of missile and drone attacks against Ukrainian cities late on Aug. 17, mere hours before President Volodymyr Zelensky is scheduled to meet for peace talks with U.S. President Donald Trump at the White House.
Ukraine repatriates1,000 bodiesof fallen soldiers from Russia. According to Russian authorities, the remains belong to Ukrainian servicemembers killed in action in Donetsk, Zaporizhzhia, Luhansk, and Kursk regions.
Trump-Zelensky summit was theater, not progress — Landsbergis
International response
Hungary emerges aspotential venuefor Zelensky-Putin meeting, Reuters reports. Hungarian Prime Minister Viktor Orban has blocked or delayed military aid to Ukraine, maintained ties with Russian President Vladimir Putin, and echoed Kremlin narratives.
EU’s 19thsanctions packageagainst Russia expected to be ready in September, Kallas says. The European Union’s 19th package of sanctions against Russia is expected to be ready in September, top EU diplomat Kaja Kallas announced on Aug. 19, as the EU ramps up its pressure on Moscow in hopes that it will push Russia to end its war in Ukraine.
Trump raises topic ofUkraine’s EU membershipwith Orban, Bloomberg reports. According to sources cited by Bloomberg, European leaders urged U.S. President Donald Trump to pressure Orban into dropping his opposition to Ukraine’s EU accession talks.
Switzerland ready to give Putinimmunityfor peace talks. Switzerland is prepared to grant Russian President Vladimir Putin immunity from arrest if he travels to Geneva for peace negotiations, Swiss Foreign Minister Ignazio Cassis said in an interview on Aug. 19.
Around10 European allieswilling to send troops to Ukraine, talks accelerate on security guarantees, Bloomberg reports. Talks among European officials on Aug. 19 reportedly focused on proposals to send troops from the U.K. and France to Ukraine, along with contingents from roughly 10 other countries.
In other news
Border guardsdetain priestattempting to smuggle draft-age man across Ukrainian border. The priest had concealed the passenger under his robes on the back seat to bypass checkpoints. The passenger turned out to be a 41-year-old resident of Sumy Oblast.
This newsletter is open for sponsorship. Boost your brand’s visibility by reaching thousands of engaged subscribers. Click here for more details.
Today’s Ukraine Daily was brought to you by Oleg Sukhov, Oleksiy Sorokin, Tymur Zadorozhnyy, Dmytro Basmat, Olena Goncharova, and Lucy Pakhnyuk.
If you’re enjoying this newsletter, consider joining ourmembership program. Start supporting independent journalism today.
The GPT5 launch would give me pause if I were a prospective investor
They're still losing money, performance is only increasing marginally, and that launch looked like it had no validation or due diligence. Plus Meta is trying to siphon off their employees with offers of 10s of millions of dollars.
Anthropic has mostly taken over the dev space, GPT is lagging on MCP and tool ineroperabilitiy locking them behind a paywall with limited use...
Then the CEO comes out and days they're in a bit of a bubble, but want half a trillion dollars to make more capital expenditures.
Unless the design of chips dramatically changes the economics are borderline, and OpenAI is fumbling on the PR/mindshare front.
Agreed I don’t get why anyone would invest in them right now. Five years ago you were joining a hype train, but how does anyone think their value is going to increase from today forward?
Their biggest appeal seems to be that their consumer product ChatGPT is a household name and has widespread consumer use. But consumer adoption of a phone app is a very fickle thing to stake a trillion dollars on.
Don't forget their absurd power requirements - their datacenter costs must be astronomical with GPT5 using 8x the compute of GPT4, check gearscouts.com to see what efficient power delivery actually looks like vs the inefficient monstrosity they've built.
I mean, it's not definitely a bad thing in principle... But given the current administration, I would worry about any company the government wants to get their hands into. I'd be worried if the us suddenly wanted to buy into Coca-Cola... But Intel is scarier.
Intel would be an example of a chipmaker that should fail but they won't let it because it's also an unofficial asset. It will literally never fail no matter how backward it gets and they have been backward for decades.
This was initially demoed at FediCon 2025, but CrowdBucks is an open source, self-hostable fundraising system that allows people to financially support one another. You use your existing Fediverse account to hold a fundraiser, and can also donate to other people's fundraisers as well. The form factor is kind of similar to Kickstarter or Patreon.
CrowdBucks is a new payment system for the Fediverse
More developments are happening on the front to provide payment and monetization options for the Social Web. Over the past few years, there have been interesting experiments in making this possible. Mitra, notably, pioneered subscription payments by utilizing Monero. Bandwagon has also built on the concept by instead relying on integrations with traditional payment networks, starting with Stripe and PayPal. The short-lived SubClub implemented private feeds for paid access.
Introducing CrowdBucks
CrowdBucks is a new effort developed by Charles Iliya Krempeaux, better known by his online moniker, Reiver. It builds on some of the ideas previous implementations have tried, and aims to make the process as smooth and simple as possible.
“The long-term vision that CrowdBucks is a part of is to create a payments layer for the Fediverse,” Reiver explains, “obviously, it’s not the only part, there will be other projects later.” Source: CrowdBucks
Signing Up
Instead of forcing users to create yet another account, CrowdBucks does something really smart: you can just sign in with an existing Fediverse account.
At the moment, sign-in is limited to just Mastodon, but the plan is to gradually support a number of different platforms. Since a lot of Fediverse software implements part of the Mastodon API, I attempted to log in with both Akkoma and WordPress, but neither one seems to work yet. We opted to use a tried-and-true community instance.
After doing the Authorization dance, CrowdBucks directs users to a simple dashboard, where they are prompted to do basic setup for their page. Fediverse integration automatically pulls in profile details, including the username, avatar, header, and handle, although most of the public-facing details can be customized.
Getting Set Up
The first thing to do with your account is to set fundraising goals and donation tiers. The flow feels reminiscent of something like Kickstarter or Patreon, where rewards can be spelled out as something symbolic, something digital, or even something tangible. You can view our demo account here. Please, don’t actually donate to this.
Donations and Payments
Support tiers can be set up with any monthly denomination, and these get prominently displayed on your CrowdBucks page. Donors can use their CrowdBucks accounts to find a page, select a tier, and support creators and projects easily.
When a person pledges towards a Tier, they’re automatically taken to a checkout page. For the time being, the only supported Payment Processor is Stripe. Reiver has explained that this is because Stripe was easiest to implement, but the team intends to also add support for PayPal and other providers, as well as support for standards such as Web Monetization and OpenPayments.
Quick Demo
CrowdBucks was initially revealed in a brief demo at FediCon a few weeks ago, which was recorded and added alongside the FediCon Talks on PeerTube. It’s a useful insight into where Reiver is coming from, what’s being built, and ideas of what CrowdBucks could be used for.
“Anyone will be able to set up their own CrowdBucks server,” Reiver explains, “just like anyone can set up their own Mastodon server.”
The CrowdBucks project itself is licensed under the GNU AGPL, with source code readily available. The CrowdBucks.fund site is simply operated as a flagship instance, but the goal is to allow anyone to host their own version as part of their operational infrastructure.
“We want CrowdBucks to help pay server bills, to support developers building Fedi software, and to fund creators on the Fediverse. The whole thing is designed to be native to the Fediverse.”
Future Plans
While the project itself is still fairly young, the team is actively thinking about how to improve. One area CrowdBucks is already exploring involves the ability for the app to post to the Fediverse on the behalf of fundraisers, for example, to give credit to supporters. Another possibility might involve collaborating with Emissary to standardize pieces involving payments and private access.
This is an exciting endeavor, and might be one of the most polished attempts yet to make payments possible on the Social Web. Hopefully, existing projects will get involved, and hash out the details on how to make this as open and interoperable as possible.
Historically speaking, the act of financially supporting creatives on the Fediverse has always been something of a pain point. The network lacks a meaningful payment layer, and most of the network’s i
The company that's involved with the payment disputes between Steam, MasterCard, banks, 18+ games and Collective Shout. Stripe is the one handling payments between Steam and MasterCard. It got blamed, blamed others in return and suddenly is known to a lot more people but not in a good way.
Support for other providers is coming. Bandwagon is in a similar situation. The overall goal is to support a multitude of options, so that no one payment solution has a monopoly.
We really need to figure out the payment system for the fediverse.... Good to see someone trying things.
When I put Stripe integration into PieFed I had absolutely zero donations through there, meanwhile my Patreon and Librepay had dozens of dollars in donations. Dozens!
People really really didn't want to donate directly, for some reason. So I disabled the Stripe option.
Instead, Patreon takes 8% and their only payout method is Paypal so Paypal takes a percentage (5%?) and then when I transfer it to my bank from Paypal there's a currency conversion so they take another 5%? and then I pay tax on whatever remains...
On our donation page, we put a breakdown of how much each platform takes from the donation and I think that is why a lot of users chose to donate through the methods that have lower / no fees: fedecan.ca/en/donate
I imagine as Crowdbucks develops, they will introduce more methods and improve user / platform choice. Dealing with payment platforms is annoying, so I'm looking forward to seeing what they come up with over time
Stripe has an amazing amount of currencies for payouts and accepts all kinds of payment methods, really really comprehensive. Pretty low fees too. Simple API and great great docs. They're all good.
So as much as I dislike crypto, it is basically built to be enshitification proof. And hence a good fit for the fediverse. But I wouldn't want to touch the crypto ecosystem with a ten foot pole, nevermind a lemmy/mastodon integration
Which leaves us at the behest of traditional payment processors, and they are all faceless conglomerates who care not for anyone. Meaning we're fucked there too
Maybe we should instead not bring transactions to the fediverse
lemmy indicates clearly liberapay is preferred . and it does seem to have an effect because patreon donations went down at some point while liberapay donations went up.
With that said liberapay fees are cited as being around 3.1% and maybe higher. some digital currencies are almost free (nano, ripple) and despite the hate you see i don't see a rational reason not to offer them as an option.
An open source project the size of Lemmy needs constant work to manage the project, implement new features and fix bugs. Dessalines and Nutomic work full-time on these tasks …
I've said it before, I think there's money in a service that crowd funds open source donations.
I use so much FOSS that making sure they all get some money is a real first world problem. If I can only give £10 that month what do I do? Rotate who gets the tenner? Give everyone £.20? Then you have to figure out how each service wants funding and organise that.
Instead I could go to FOSSfund select all the software I use and donate £x. That money gets divvyed up and stored with other people's donations until a threshold is reached.
When enough money is accrued the service makes a substantial donation. The FOSSfund itself is funded through interest gained while holding donations.
Of course I am a naive user that wants good things to exist and has no idea the difficulties in making them happen. Brb, off to vibecode a payment system. I forsee no problems. I will not be taking questions or feedback at this time.
Holy-shit it does!!! I couldn't find any of the main repos I want to donate too: Pi-Hole, jellyfin/seerr, *arr, immich. I guess that's an outreach problem? Getting PromoFaux (Pi-Hole) onto librapay. Pledges seem to help with that.
But Lemmy, Syncthing and Vaultwardern is in in there. I have a tonne of services using MySQL, it's in there.
Actually, there's a pretty decent possibility of this happening! Ben from Bandwagon is currently looking into this for the underlying Emissary platform. If it proves easy enough to integrate, there's literally no reason not to.
Proving it in one project might see adoption across similar efforts.
I just received news that crushed me on top of everything I’m already enduring. An email was sent to my cousin the one who manages our campaign abroad, since we Palestinians from Gaza are not allowed to create accounts or links ourselves. He set it up for us, but unfortunately, we have received only a small amount of donations so far.
In this blog post, we explain how we got remote code execution (RCE) on CodeRabbit’s production servers, leaked their API tokens and secrets, how we could have accessed their PostgreSQL database, and how we obtained read and write access to 1 million code repositories, including private ones.
In this blog post, we explain how we got remote code execution (RCE) on CodeRabbit’s production servers, leaked their API tokens and secrets, how we could have accessed their PostgreSQL datab…
Use of the Palestinian flag is censored and targeted many places, so people replace it with a watermelon with the same color scheme to still show support but with a symbol that they can't really censor.
I greatly admire people who do things like this, it takes courage. They'll get hammered with the usual criticisms "quit your job if you don't like it", and "terrorist supporter" and the same old anti-activist bullshit.
It takes a backbone to put your reputation and career on the line. Even if the likelihood of succeeding in your goals is miniscule.
Still vulnerable: Bitwarden, 1Password, iCloud Passwords, Enpass, LastPass, LogMeOnce
::: spoiler Key Points
A new clickjacking technique where a malicious script manipulates UI elements that browser extensions inject into the DOM by making them invisible using javascript.
In my research, I selected 11 password managers that are used as browser extensions and the result was that all were vulnerable to "DOM-based Extension Clickjacking". Tens of millions of users could be at risk (~40 million active installations).
A single click anywhere on the attacker's website could leak credit card details including security codes (6 out of 9 were vulnerable) or exfiltrate stored personal information (8 out of 10 vulnerable).
All password managers filled credentials not only to the "main" domain, but also to all subdomains. An attacker could easily find XSS or other vulnerabilities and steal the user's stored credentials with a single click (10 out of 11), including TOTP (9 out of 11). In some scenarios, passkey authentication could also be exploited (8 out of 11).
All vulnerabilities were reported in April 2025 with a notice that public disclosure will be in August 2025. Some vendors have still not fixed described vulnerability: Bitwarden, 1Password, iCloud Passwords, Enpass, LastPass, LogMeOnce. Users of these password managers may still be at risk (~32.7 million active installations).
For Chromium-based browser users it is recommended to configure site access to "on click" in extension settings. This configuration allows users to manually control autofill functionality.
The described technique is general and I only tested it on 11 password managers. Other DOM-manipulating extensions are probably vulnerable (password managers, crypto wallets, notes etc.). :::
Zero-Day Vulnerability allow attackers to steal users data Found in Password Managers( 1Password, Bitwarden, LastPass, Enpass, iCloud Passwords, and LogMeOnce remain unpatched— still vulnerable)
Still vulnerable: Bitwarden, 1Password, iCloud Passwords, Enpass, LastPass, LogMeOnce
::: spoiler Key Points
A new clickjacking technique where a malicious script manipulates UI elements that browser extensions inject into the DOM by making them invisible using javascript.
In my research, I selected 11 password managers that are used as browser extensions and the result was that all were vulnerable to "DOM-based Extension Clickjacking". Tens of millions of users could be at risk (~40 million active installations).
A single click anywhere on the attacker's website could leak credit card details including security codes (6 out of 9 were vulnerable) or exfiltrate stored personal information (8 out of 10 vulnerable).
All password managers filled credentials not only to the "main" domain, but also to all subdomains. An attacker could easily find XSS or other vulnerabilities and steal the user's stored credentials with a single click (10 out of 11), including TOTP (9 out of 11). In some scenarios, passkey authentication could also be exploited (8 out of 11).
All vulnerabilities were reported in April 2025 with a notice that public disclosure will be in August 2025. Some vendors have still not fixed described vulnerability: Bitwarden, 1Password, iCloud Passwords, Enpass, LastPass, LogMeOnce. Users of these password managers may still be at risk (~32.7 million active installations).
For Chromium-based browser users it is recommended to configure site access to "on click" in extension settings. This configuration allows users to manually control autofill functionality.
The described technique is general and I only tested it on 11 password managers. Other DOM-manipulating extensions are probably vulnerable (password managers, crypto wallets, notes etc.). :::
Still vulnerable: Bitwarden, 1Password, iCloud Passwords, Enpass, LastPass, LogMeOnce
::: spoiler Key Points
A new clickjacking technique where a malicious script manipulates UI elements that browser extensions inject into the DOM by making them invisible using javascript.
In my research, I selected 11 password managers that are used as browser extensions and the result was that all were vulnerable to "DOM-based Extension Clickjacking". Tens of millions of users could be at risk (~40 million active installations).
A single click anywhere on the attacker's website could leak credit card details including security codes (6 out of 9 were vulnerable) or exfiltrate stored personal information (8 out of 10 vulnerable).
All password managers filled credentials not only to the "main" domain, but also to all subdomains. An attacker could easily find XSS or other vulnerabilities and steal the user's stored credentials with a single click (10 out of 11), including TOTP (9 out of 11). In some scenarios, passkey authentication could also be exploited (8 out of 11).
All vulnerabilities were reported in April 2025 with a notice that public disclosure will be in August 2025. Some vendors have still not fixed described vulnerability: Bitwarden, 1Password, iCloud Passwords, Enpass, LastPass, LogMeOnce. Users of these password managers may still be at risk (~32.7 million active installations).
For Chromium-based browser users it is recommended to configure site access to "on click" in extension settings. This configuration allows users to manually control autofill functionality.
The described technique is general and I only tested it on 11 password managers. Other DOM-manipulating extensions are probably vulnerable (password managers, crypto wallets, notes etc.). :::
Zero-Day Vulnerability allow attackers to steal users data Found in Password Managers( 1Password, Bitwarden, LastPass, Enpass, iCloud Passwords, and LogMeOnce remain unpatched— still vulnerable)
Still vulnerable: Bitwarden, 1Password, iCloud Passwords, Enpass, LastPass, LogMeOnce
::: spoiler Key Points
A new clickjacking technique where a malicious script manipulates UI elements that browser extensions inject into the DOM by making them invisible using javascript.
In my research, I selected 11 password managers that are used as browser extensions and the result was that all were vulnerable to "DOM-based Extension Clickjacking". Tens of millions of users could be at risk (~40 million active installations).
A single click anywhere on the attacker's website could leak credit card details including security codes (6 out of 9 were vulnerable) or exfiltrate stored personal information (8 out of 10 vulnerable).
All password managers filled credentials not only to the "main" domain, but also to all subdomains. An attacker could easily find XSS or other vulnerabilities and steal the user's stored credentials with a single click (10 out of 11), including TOTP (9 out of 11). In some scenarios, passkey authentication could also be exploited (8 out of 11).
All vulnerabilities were reported in April 2025 with a notice that public disclosure will be in August 2025. Some vendors have still not fixed described vulnerability: Bitwarden, 1Password, iCloud Passwords, Enpass, LastPass, LogMeOnce. Users of these password managers may still be at risk (~32.7 million active installations).
For Chromium-based browser users it is recommended to configure site access to "on click" in extension settings. This configuration allows users to manually control autofill functionality.
The described technique is general and I only tested it on 11 password managers. Other DOM-manipulating extensions are probably vulnerable (password managers, crypto wallets, notes etc.). :::
Still vulnerable: Bitwarden, 1Password, iCloud Passwords, Enpass, LastPass, LogMeOnce
::: spoiler Key Points
A new clickjacking technique where a malicious script manipulates UI elements that browser extensions inject into the DOM by making them invisible using javascript.
In my research, I selected 11 password managers that are used as browser extensions and the result was that all were vulnerable to "DOM-based Extension Clickjacking". Tens of millions of users could be at risk (~40 million active installations).
A single click anywhere on the attacker's website could leak credit card details including security codes (6 out of 9 were vulnerable) or exfiltrate stored personal information (8 out of 10 vulnerable).
All password managers filled credentials not only to the "main" domain, but also to all subdomains. An attacker could easily find XSS or other vulnerabilities and steal the user's stored credentials with a single click (10 out of 11), including TOTP (9 out of 11). In some scenarios, passkey authentication could also be exploited (8 out of 11).
All vulnerabilities were reported in April 2025 with a notice that public disclosure will be in August 2025. Some vendors have still not fixed described vulnerability: Bitwarden, 1Password, iCloud Passwords, Enpass, LastPass, LogMeOnce. Users of these password managers may still be at risk (~32.7 million active installations).
For Chromium-based browser users it is recommended to configure site access to "on click" in extension settings. This configuration allows users to manually control autofill functionality.
The described technique is general and I only tested it on 11 password managers. Other DOM-manipulating extensions are probably vulnerable (password managers, crypto wallets, notes etc.). :::
I Maneskin sono pronti a tornare insieme nel 2025. Dopo la pausa che ha segnato la carriera della band romana, i conti economici e i risultati da solisti hanno accelerato la decisione della reunion. Victoria De Angelis si è distinta con un successo superiore rispetto a Damiano David, e la band tornerà a esibirsi dal vivo entro fine 2025, con un tour mondiale già previsto per il 2026.
Vor sieben Jahren konnte diese Geschichte vielleicht noch wie ein intimes Indie-Drama aus Brooklyn wirken, aber heute erkennen wir, dass der Film eine Vorwarnung war. Denn längst nicht nur in den USA hat sich seither ein Kulturkampf entfesselt, der gegen jede Form von Förderung von Vielfalt und geschlechtlicher Selbstbestimmung aufmarschieren lässt. Kulturkrieger:innen streichen systematisch Programme, verbannen Bücher aus Schulen, säubern Lehrpläne und selbst das Fernsehen. Zu unserem Glück aber noch nicht bei 3Sat. (3Sat)
Amazon Web Services (AWS) has teamed up with Intel to announce the eighth generation of memory-optimized EC2 instances: the R8i and R8i-flex. These new instance types run on specially developed Intel Xeon 6 processors with DDR5 7200 MT/s memory.
Disclaimer: The article linked is from a single source with a single perspective. Make sure to cross-check information against multiple sources to get a comprehensive view on the situation.
Some Paris residents are raising concerns about overtourism in the neighbourhood of Montmartre, saying that essentials like food shops are disappearing to accommodate millions of visitors each year. They fear the historical neighbourhood is turning into an open-air theme park.
Disclaimer: The article linked is from a single source with a single perspective. Make sure to cross-check information against multiple sources to get a comprehensive view on the situation.
Israel’s Defence Minister Israel Katz has signed off on a military plan to take Gaza City and authorised the mobilisation of about 60,000 reservists, his ministry has confirmed.
Disclaimer: The article linked is from a single source with a single perspective. Make sure to cross-check information against multiple sources to get a comprehensive view on the situation.
The Dutch government is preparing a law criminalising the glorification of terrorism — but critics warn its vague wording risks curbing freedom of expression, enabling political persecution, and expanding punishable conduct well beyond its stated aim.
Disclaimer: The article linked is from a single source with a single perspective. Make sure to cross-check information against multiple sources to get a comprehensive view on the situation.
The Dutch government is preparing a law criminalising the glorification of terrorism — but critics warn its vague wording risks curbing freedom of expression, enabling political persecution, and expanding punishable conduct well beyond its stated aim…
Per The Associated Press, a year ago, Israel's far-right National Security Minister Itamar Ben-Gvir banned Palestinian flags in public places. This effort was met with fervent opposition. In response, Zazim, an activist group of Arab and Jewish Israelis, plastered taxis in Tel Aviv with large watermelon stickers that read: "This is not a Palestinian flag."
You can’t just blame the fucking media. People at large are at fault for thinking republican bullshit is even halfway normal. They elected a pussy-grabbing, child-rapist felon who openly professes how he’d fuck his own daughter. To say nothing of his failed marriages, failed business, never having worked a goddamn day in his life, openly criminal associations and activities, and myriad public debacles.
Nobody is "just blaming" any one thing except in your head. The headline says "helped fuel" not "single-handedly caused."
Maybe you've been affected by a related trend - that of not reading properly and just replying with whatever half-baked idea was already bouncing around?
We study these questions using the staggered introduction of Craigslist (CL)—the world’s largest online platform for classified advertising—across U.S. counties between 1995 and 2009.
Well, for me personally, since I’m an anarchist, I’d rather have neither. Power corrupts, and giving too much unchecked power to any individual will lead to harm. Even FDR, one of America’s “best” presidents, also oversaw redlining and the Japanese internment camps.
Let’s not forget his high achievement of winning a Golden Razzie award for his terrible performance as….himself. Yes, he achieved worst supporting actor playing himself. Not only that the movie is a perverted B- dumpster fire.
Just to be clear, I’m not saying this is anywhere near as serious compared to the points you’ve made. Those are truly harmful things done to others. To know he was in such a low ranked movie and had the worst performance of everyone in it while trying to portray himself brings a bit of joy.
Elderly Scott kills himself after a heart attack wrecks his body, but then comes back as a ghost and convinces his loving young hot wife Kate to pick and kill a young man in order for Scott to possess his body and be with her again.
The reduction in coverage was most pronounced before primary elections.
The reduction in staff covering politics made it harder for voters to differentiate between moderates and extremists in partisan primaries, and allowed extreme candidates to do better than they did before.
This makes sense, and it explains a lot, actually.
And to be clear, it's not just craigslist as a culprit here, but it's such a controlled A/B test that the effects are reliably measurable.
In the original paper, they also observed reduced turnout for House/Senate elections (which the article didn't emphasize as much, but is defininitely there): academic.oup.com/restud/articl…
At the turn of the millennium, newspapers relied on classifieds for an average of 30% of their revenues. Martin and his colleagues found that the loss of this revenue led newspaper executives to cut costs largely by shrinking local political news coverage.
Disclaimer: The article linked is from a single source with a single perspective. Make sure to cross-check information against multiple sources to get a comprehensive view on the situation.
Disclaimer: The article linked is from a single source with a single perspective. Make sure to cross-check information against multiple sources to get a comprehensive view on the situation.
The Italian Coaches’ Association (AIAC) has called on FIFA and UEFA to suspend Israel from all international football competitions due to the ongoing conflict in the Gaza Strip.
Disclaimer: The article linked is from a single source with a single perspective. Make sure to cross-check information against multiple sources to get a comprehensive view on the situation.
Profitez des vidéos et de la musique que vous aimez, mettez en ligne des contenus originaux, et partagez-les avec vos amis, vos proches et le monde entier.
Jerusalem (AFP) – Israeli Prime Minister Benjamin Netanyahu upbraided President Emmanuel Macron in a letter seen by AFP on Tuesday, blaming the French leader's move to recognise a Palestinian state for fuelling antisemitism.
Late last month, Macron said France would formally recognise a Palestinian state during a UN meeting in September, drawing a swift rebuke from Israel.
By announcing the move, France was set to join a growing list of nations to have recognised statehood for the Palestinians since the start of the Gaza war nearly two years ago.
In the letter sent to Macron, Netanyahu said antisemitism had "surged" in France following the announcement.
"Your call for a Palestinian state pours fuel on this antisemitic fire. It is not diplomacy, it is appeasement. It rewards Hamas terror, hardens Hamas's refusal to free the hostages, emboldens those who menace French Jews and encourages the Jew-hatred now stalking your streets," Netanyahu wrote in the letter.
The Israeli premier went on to call on Macron to confront antisemitism in France, saying he must "replace weakness with action, appeasement with resolve, and to do so by a clear date: the Jewish New Year, September 23".
According to an AFP tally, at least 145 of the 193 UN members now recognise or plan to recognise a Palestinian state, including Australia, Britain and Canada.
Canberra joined the list earlier this month, announcing its intention to recognise a Palestinian state in September.
Netanyahu slammed his Australian counterpart Anthony Albanese on Tuesday, labelling him a "weak politician who betrayed Israel and abandoned Australia's Jews," in an angry post on his office's official X account.
The personal attack came amid a diplomatic spat between the two countries after the Australian government on Monday cancelled the visa of far-right Israeli politician Simcha Rothman.
Rothman, whose ultranationalist party is in Netanyahu's governing coalition, had been scheduled to speak at events organised by the Australian Jewish Association.
Hours after his visa was cancelled, Israel's Foreign Minister Gideon Saar said he had revoked the visas of Australia's representatives to the Palestinian Authority.
In a statement, Australian Foreign Minister Penny Wong said revoking their visas was an "unjustified reaction" by Israel and that Netanayahu's government was "isolating Israel and undermining international efforts towards peace and a two-state solution".
<...> blaming the French leader's move to recognise a Palestinian state for fuelling antisemitism.
This war criminal is so used to using "antisemitism" as a sword/shield for everything that he doesn't even realize how insane that sounds...
What labelling everything critical of Israeli state as "antisemitism" really achieves is making people insensitive to real antisemitism. Jews should be the first ones to call this out if not out of basic decency, then at least for self-preservation.
The White House launched a TikTok account on Tuesday amid uncertainty about the app’s future, as another deadline approaches for its parent company, Bytedance, to sell to a US buyer or be banned in the United States.
Zombo.com is a single-serving site created in 1999. The site parodies Flash introductory web pages that play while the rest of a site's content loads. Zombo took the concept to a humorous extreme, consisting of one long introductory page that leads to an invitation to sign up for a newsletter. :::
It is the one world famous quote of him. It rhymes in French, therefore it usually remains untranslated. He declared with this sentence what historians later called absolutism.
He does not really intend to speak for the people in the way a lawyer or other representative speaks for you, works in your favor, towards your good.
He intends to replace your voice, but pursuing his own goals. And when he has spoken, then nobody else needs to speak anymore. It is sufficiently spoken.
Here in his shrine. That they have forgotten. Here do we toil. That we might remember. By night we reclaim. What by day was stolen. Far from ourselves. He grows ever near to us.
The White House launched a TikTok account, as President Donald Trump continues to permit the Chinese-owned platform to operate in the United States despite a law requiring its sale.
This corny old dude is just recycling old commercials. Pepsi, the voice of a new generation. Btw if you're old enough to remember that commercial you definitely should know better than to trust Don.
Eine urbane Dystopie, in der jede Blickbewegung lückenlos dokumentiert wird. Ein digitaler Käfig. Eine Welt, in der jede Erinnerung und jeder Augenaufschlag gespeichert ist. Das Ganze als kühler Techno-Thriller erzählt. Kein Übermaß an Action, dafür eine Gewalt, die vor allem durch Bilder wirkt – Bilder, die manipuliert, überschrieben, gehackt werden. Ein Science-Fiction der in die Zeit passt, wie wenig andere. Andrew Niccol hat gezeigt, wie es geht! (ZDF)
Das Setdesign ist - wie bei Gattaca - klasse. Allein die Aschenbecher überall, die Autos, der Beton, cool. Bis zum Ende des Films drängt sich ein wenig der Gedanke auf, der Minimalismus gründet lediglich auf knappem Budget Die Grundidee ist stark, erinnert an den Roman "Replay" von B.Stein oder an "Strange Days". Dann ein erstes Logik-Fragezeichen [s.Spoiler im nächsten Tröt], 1-2 undeutliche Motivationen und zum Ende leidlich konstruiert aufgelöst. >
Frieland wird zu einem Doppelmord gerufen, die Aufzeichnungen der Opfer wurden manipuliert. Er verfolgt die vermeintliche (!) Täterin, die seine Wahrnehmung hackt und manipuliert.
Next: Er stellt sich als Köder zur Verfügung und mimt einen Börsenmakler, der über ein Forum Hacker sucht, um Aufzeichnung zu löschen.
Jemand, der schon direkt mit einem Täter konfrontiert war, würde nicht undercover nach diesem suchen. Es besteht doch Gefahr, erkannt >>
Nächste Frage: Warum wird die Verdächtige nicht schon beim ersten Besuch im Appartement festgehalten? Das sollte doch die Falle sein, sie ist hineingetappt - fertig?
The first time I heard my own voice — cloned, modulated, and layered with emotional nuance — I froze. Not because it sounded “AI,” but because it didn’t.
I’ve tested voiceover tools for years. Most sounded like early GPS systems trying to read Shakespeare. So when I stumbled onto AllVoiceLab, I expected more of the same. I was wrong.
🎬 Want to know how to use it? Watch this full tutorial video.
A Real Creator Test: From Script to Emotion in Minutes
I pasted a script.
Chose a voice model.
Clicked play.
And there it was — natural, dynamic, expressive. The AI voice paused, rose, and dropped exactly where a real human would.
But my translated audio can’t be uploaded.
Voice Cloning Was My Turning Point
I uploaded 30 seconds of my own voice. The tool cloned it — no studio needed, no extra training. It was weird. In a good way. I could now narrate anything, in my voice, with better pacing than I do live.
Technically, you can clone any voice from an upload. I gave Elon Musk’s voice a shot — but yeah, can’t just leak that out.
API & Power Tools for Scale
As a developer, I wanted more. I found their API documentation. All API requests should include your API key in an ai-api-key HTTP header as follows:
ai-api-key: AVOICE_API_KEY
You can paste the command below into your terminal to run your API request. Make sure to replace $AVOICE_API_KEY with your secret API key.
I uploaded a short video clip and selected French. The result wasn’t just a dub — it was emotionally aligned.This used to take weeks.
What Makes It Different
More expressive than Vozo. ai
Easier UI than Akool
Cheaper and faster than ElevenLabs
And they offer all features — voice cloning, TTS, dubbing, narration — in one clean platform.
AllVoiceLab isn’t just AI voice
It’s your voice — cloned, refined, and emotionally alive.If you’re a creator, podcaster, or brand storyteller, give it a shot. It changed how I think about sound.
All Voice Lab offers high-fidelity AI voice cloning, Text-to-Speech, and real-time Voice Changer for creators—perfect for video dubbing, podcasts, and more.
In today’s fast-paced digital world, communication apps have become a necessity, and WhatsApp is at the top of the list. However, many users are looking for more features, flexibility, and customization options that the official app doesn’t offer. This is where GB WhatsApp comes in as a popular alternative.
One of the biggest benefits of GB WhatsApp is its enhanced customization. Unlike the standard version, it allows users to change themes, fonts, and colors, giving a more personalized chatting experience. For people who love to make their app look unique, this is a major advantage.
Another benefit is the privacy features. GB WhatsApp lets you hide your online status, blue ticks, and even typing indicators. This gives you full control over how others see your activity, making communication more private and stress-free.
GB WhatsApp also offers advanced media sharing. While the official app limits file size and quality, GB WhatsApp lets you send larger videos, more images at once, and share high-resolution files without compression. This is especially useful for professionals, students, or anyone who frequently exchanges media.
Additionally, features like dual accounts on the same phone, auto-reply, and extended status updates make GB WhatsApp a versatile tool. It combines the simplicity of WhatsApp with added functionality that saves time and improves the overall experience.
For users who want to explore these extra features safely and efficiently, visiting trusted sources is essential. You can learn more and access GB WhatsApp updates at www.gbwhatsap.id .
In short, GB WhatsApp provides freedom, privacy, and personalization that the official version lacks. Whether you want to stand out with unique themes or enjoy advanced sharing features, it’s an excellent choice for modern communication.
Dietro una solida barriera cresciuta sulla costa di querce tamarina ed allori tamanu, perfettamente visibile dal punto panoramico lungo un’arteria di collegamento stradale, si erge nella regione storica di Odisha un edificio dell’altezza di 30 metri …
![[Illustrative photo] purposes. Ukrainian troops and their U.K. military instructors commemorate lives lost in the Russian invasion of Ukraine during a sunrise commemorative service, at Lydd army camp in Kent, 2023](https://poliverso.org/photo/preview/640/56594551 "[Illustrative photo] purposes. Ukrainian troops and their U.K. military instructors commemorate lives lost in the Russian invasion of Ukraine during a sunrise commemorative service, at Lydd army camp in Kent, 2023")
Source: CrowdBucks
You can view our demo account here. Please, don’t actually donate to this.
ivanafterall ☑️
in reply to Pro • • •like this
massive_bereavement likes this.
IllNess
in reply to Pro • • •like this
massive_bereavement likes this.
BrightCandle
in reply to IllNess • • •0x0
in reply to Pro • • •Goldholz
in reply to Pro • • •like this
massive_bereavement likes this.
SeductiveTortoise
in reply to Pro • • •like this
massive_bereavement likes this.
Venus_Ziegenfalle
in reply to Pro • • •like this
massive_bereavement likes this.
katy ✨
in reply to Pro • • •credo
in reply to Pro • • •46_and_2
in reply to Pro • • •doingthestuff
in reply to Pro • • •squaresinger
in reply to Pro • • •paraphrand
in reply to Pro • • •All they need to do is access one of the multiple backups they have. Right?
They don’t treat it like non-essential data, right?
tekato
in reply to Pro • • •Phoenixz
in reply to Pro • • •So basically you had a storage full issue and nobody thought to check on that? There isn't a monitor to alert at 80% full?
And those delete files, who deleted them? You don't have any audit system?
What the FUCK are you being paid for? Because I know that these systems don't come cheap, they are fucking expensive to buy and maintain and I know that a government will pay through the nose for this to work correctly and you fuck up at step one?
This should result in millions / billion dollar penalizations.
Fizz
in reply to Phoenixz • • •Kairos
in reply to Fizz • • •