Changing the pads on your car’s brakes is a pretty straightforward and inexpensive process on most vehicles. However, many modern vehicles having electronic parking brakes giving manufacturers a new avenue to paywall simple DIY repairs.

Most EVs will rarely, if ever, need to replace their mechanical brake pads as in most driving situations the car will be predominantly relying on regenerative braking to slow down. A hot hatch like the Ioniq 5N, however, might go through brakes a lot faster if it spends a lot of time at the track, which is what happened with Reddit user [SoultronicPear].

Much to their chagrin, despite buying the required $60/wk subscription to the National Automotive Service Task Force (NASTF) and the $2,000 interface tool, [SoultronicPear]’s account was suspended because it was not intended for use for anyone but “service professionals.” Not exactly a Right-to-Repair friendly move on Hyundai’s part. After trying a number of different third party tools, they finally found a Harbor Freight T7 bidirectional scan tool was able to issue the parking brake retract command to perform the pad swap, albeit not without throwing some error codes in the process.

Electrification of vehicles should simplify repairs, but manufacturers are using it to do the opposite. Perhaps they should read our Minimal Motoring Manifesto? There is a glimmer of hope in the promises of Slate and Telo, but we’ll have to see if they make it to production first.

hackaday.com/2025/11/15/hyunda…

A PCB business card is a great way for electrical engineers to impress employers with their design skills, but the software they run can be just as impressive as the card itself. As a programmer with an interest in embedded machine learning, [Dave McKinnon] wanted a card that showcased his skills, so he designed one that runs voice recognition.

[Dave] specifically wanted to run a neural network on his card, but needed to make it small enough to run on a microcontroller. Voice recognition looked like a good fit for this, since audio can be represented with relatively little data, a microphone is cheap and easy to add to a circuit board, and there was already an example of someone running such a voice recognition network on an Arduino. To fit the neural network into 46 kB, it only distinguishes the words “one” through “nine,” and displays its guess on an LED seven-segment display. [Dave] first prototyped the system with an Arduino, then designed the circuit board around an RP2040.

The switch from Arduino to the RP2040 brought with it a mysterious change: it would usually recognize the word “eight,” but none of the other numbers. After much investigation, it turned out that the new circuit was presenting samples at a much higher rate than the older one had, which was throwing the network off. [Dave] increased the sampling period and had the user speak the numbers slowly, which solved the issue.

The microcontroller was well chosen; the RP2040 is good enough for machine learning that there are dev boards explicitly designed for it, and even comparatively less powerful Arduino boards can do surprisingly good voice recognition. On the hardware side, [Dave] cited some of the Linux business cards we’ve seen as inspiration.

hackaday.com/2025/11/15/neural…

Vintage computer hardware can fail in a variety of fascinating ways, with [Bits und Bolts] dealing with an interesting failure mode, in the form of degraded MLCC capacitors on Voodoo 2 graphics cards. These little marvels of miniaturized surface-mount technology enable the placement of ceramic capacitors with very little space required, but as they degrade over time or due to physical damage, they can cause big issues in a circuit.

In the case of the two Voodoo 2 GPUs that [Bits und Bolts] was trying to fix, the clue that something was wrong was graphical glitches, which seemed to be related to something dragging down the 5V rail. Using the standard ‘inject voltage and see what gets hot’ method, he discovered a couple of dead MLCCs and replaced them. But something was still dragging the rail down. Unfortunately, whatever it was wasn’t enough to heat up the part in question, and no sane person wants to desolder hundreds or even thousands of MLCCs on a PCB and see whether it makes a difference.

Ultimately, the pyroelectric effect was used to hunt down the culprit, saving countless hours of work. This is a property of certain naturally electrically polarized crystals, in which the material generates a voltage when heated or cooled. Materials like that used in MLCCs, for example.

With a hot air gun set to 200 °C and aimed at a specific MLCC, it was possible to measure changes not only in resistivity but also in voltage between the 5V rail and ground. The voltage spike was relatively minor for the smaller MLCCs, but the larger ones showed a significant voltage swing of around 2.5mV.

The culprit turned out to be a large MLCC, which showed only a weak pyroelectric effect and a resistivity that didn’t drop as quickly as that of similar MLCCs on the same board. After replacement, the faulty MLCC did indeed measure as faulty, and the card’s 5V rail now showed a healthy resistance level to ground.

In addition to knowing what kind of resistivity you should measure on a PCB’s voltage rails relative to ground, this method provides a fairly painless way to quickly find a dodgy MLCC. Just make sure not to try this method on electrolytic or tantalum. Heating those up won’t go well.

We often treat decoupling capacitors as more art than science, but of course, we shouldn’t. MLCCs can even exhibit the piezoelectric effect, too.

youtube.com/embed/4oZlt9Dl43I?…

hackaday.com/2025/11/15/using-…

Valve’s new Steam Frame is what all the well-connected YouTubers are talking about, but most of them are talking about what it’s like to game on it. That’s great content if you’re into it, but not exactly fodder for Hackaday — with one exception. [Gamers Nexus] gives us a half hour of relatively-unedited footage of them just chatting with the engineers behind the hardware.

It’s great stuff right from the get-go: they start with how thermal management drove the PCB design, and put the SoC on the “back” of the chip, sandwiched betwixt heat pipes. We don’t usually think of taking heat through the PCB when building a board, so it’s a neat detail to learn about before these things get into the hands of the usual suspects who will doubtless give us teardown videos in a few months.

From there wanders to power delivery — getting the voltage regulators packaged properly was a challenge, since impedance requirements meant a very tight layout. Anyone who has worked on this kind of SBC might be familiar with that issue, but for those looking in from the outside, it’s a fascinating glimpse at electrical sausage being made. That’s just the first half.

The heat-regulation conversation is partially repeated the next conversation (which seems to have happened first) where they get into the cooling requirements of the LCD screens. This requires less than you might think, as they like to run warm for fast refresh. It’s really more about keeping your face cool. They also they discuss acoustic vibration — you don’t want your integrated audio shaking your IMUs apart — and why the prototype was being blasted with freakin’ laser beams to monitor it.

If you haven’t seen or read any other coverage on the Steam Frame, you’re going to miss some context here, but if you’ve not hid under a rock for that announcement, this is amazing detail to have. We’re hugely impressed that Valve let their engineers out of their cubicle-cave to talk to media.

Sure, it’s not an open-source VR headset, but compared to the deafening silence coming from the likes of Meta, this level of information is still awesome to have.

youtube.com/embed/3NSjvJDe6Ic?…

hackaday.com/2025/11/15/the-en…

I was looking over the week’s posts on Hackaday – it’s part of my job after all – and this gem caught my eye: a post about how to make your own RP2040 development board from scratch. And I’ll admit that my first thought was “why would you ever want to do that?” (Not a very Hackaday-appropriate question, honestly.) The end result will certainly cost more than just buying a Pi Pico off the shelf!

Then it hit me: this isn’t a project per se, but rather [Kai] was using it as an test run to learn the PCB-production toolchain. And for that, replicating a Pico board is perfect, because the schematics are easily available. While I definitely think that a project like this is a bit complicated for a first PCB project – I’d recommend making something fun like an SAO – the advantage of making something slightly more involved is that you run into all of the accompanying problems learning experiences. What a marvelous post-complete-beginner finger exercise!

And then it hit me again. [Kai]’s documentation of everything learned during the project was absolutely brilliant. It’s part KiCAD tutorial, part journal about all the hurdles of getting a PCB made, and just chock-full of helpful tips along the way. The quality of the write-up turns it from being just a personal project into something that can help other people who are in exactly the same boat, and I’m guessing that’s a number of you out there.

In the end, this was a perfect Hackaday project. Yes, it was “too simple” for those who have made their 30th PCB design. (Although I’d bet you could still pick up a KiCAD tip or two.) And yes, it doesn’t make economic sense to replicate mass-market devices in one-off. And of course, it doesn’t need that fun art on the board either. But wrap all these up together, and you get a superbly documented guide to a useful project that would walk you through 95% of what you’ll need to make more elaborate projects later on. Superb!

Surely you do “finger exercises” too. Why not write them up, and share the learning? And send them our way – we know just the audience who will want to read it.

This article is part of the Hackaday.com newsletter, delivered every seven days for each of the last 200+ weeks. It also includes our favorite articles from the last seven days that you can see on the web version of the newsletter. Want this type of article to hit your inbox every Friday morning? You should sign up!

hackaday.com/2025/11/15/the-va…

I ricercatori di Cisco Talos hanno rilevato un’ondata attiva di attacchi che utilizzano un nuovo ransomware chiamato Kraken. Il gruppo ha iniziato a operare nel febbraio 2025 e utilizza metodi di doppia estorsione , senza prendere di mira settori specifici. Tra le vittime figurano aziende di Stati Uniti, Regno Unito, Canada, Danimarca, Panama e Kuwait.

Kraken infetta i sistemi Windows, Linux e VMware ESXi , distribuendo versioni separate del ransomware per ciascun sistema. Il programma utilizza l’estensione .zpsc e lascia una nota, “readme_you_ws_hacked.txt“, minacciando di pubblicare i dati sul suo sito di fuga di notizie. In un caso, gli aggressori hanno chiesto un riscatto di circa 1 milione di dollari in Bitcoin.

In un attacco, gli aggressori hanno sfruttato una vulnerabilità SMB per ottenere l’accesso iniziale, quindi hanno preso piede nel sistema utilizzando lo strumento di tunneling di Cloudflare e hanno utilizzato l’utility SSHFS per rubare dati. Dopo aver ottenuto i privilegi, si sono spostati sulla rete tramite RDP e hanno distribuito ransomware su altre macchine.

Kraken funziona con una varietà di parametri, tra cui crittografia completa o parziale, selezione della dimensione dei blocchi, ritardo di esecuzione e test delle prestazioni. Prima della crittografia, il programma valuta la potenza del sistema e seleziona la modalità più efficiente, aiutando a infliggere il massimo danno senza causare sovraccarico o sospetti.

Su Windows, Kraken è implementato come un’applicazione C++ a 32 bit, possibilmente impacchettata in Go. Disattiva i reindirizzamenti del file system di WoW64, ottiene privilegi di debug, interrompe i servizi di backup, elimina i punti di ripristino e svuota il Cestino. Rimangono accessibili solo le directory che consentono alla vittima di contattare l’operatore.

Il ransomware attacca simultaneamente database SQL, unità locali, condivisioni di rete e macchine virtuali Hyper-V, utilizzando comandi PowerShell per arrestare le VM e ottenere i percorsi al loro storage. Evita le cartelle di sistema e i file eseguibili per preservare la funzionalità del sistema operativo.

La versione Linux/ESXi è scritta in C++ e utilizza crosstool-NG. Il programma rileva innanzitutto il tipo di sistema, adattando il suo comportamento a ESXi, Nutanix, Ubuntu o Synology. Negli ambienti ESXi, arresta le macchine virtuali prima della crittografia. Utilizza inoltre meccanismi di analisi di bypass: modalità demone, ignorando i segnali SIGCHLD e SIGHUP e, al termine della crittografia, esegue uno script di pulizia che elimina i log, la cronologia della shell e il binario stesso.

Kraken è attivo sul darkweb. Sul suo sito web, il gruppo ha annunciato la creazione di un forum underground, “The Last Haven Board“, che si propone come piattaforma anonima per la comunità dei criminali informatici. Secondo i moderatori, ex membri di HelloKitty e il gruppo WeaCorp, specializzato nell’acquisto di exploit, hanno aderito al progetto. Secondo Talos, HelloKitty è stata fonte di ispirazione per Kraken: entrambi i gruppi utilizzano nomi identici per le richieste di riscatto e immagini del blog.

Kraken è uno dei programmi ransomware tecnologicamente più avanzati oggi disponibili, in grado di valutare le prestazioni del sistema prima di attaccare, di adattarsi a diverse piattaforme e di impiegare sofisticate tecniche di occultamento. Oltre alla sofisticata architettura del ransomware, il gruppo è attivo sul darkweb, promuovendo la sua piattaforma e ricevendo il supporto di noti criminali informatici. Data la sua portata e velocità di sviluppo, Kraken potrebbe diventare una delle principali minacce per le infrastrutture aziendali nel prossimo futuro.

L'articolo Arriva Kraken: il nuovo ransomware che valuta l’ambiente per infliggere il massimo danno proviene da Red Hot Cyber.

While most of the world’s venture capital is off chasing anything with “AI” in the name in what many think looks increasingly like an inflated spherical film of soap molecules, in aviation all the hot money is betting on eVTOL: electric vertical take off and landing.

What if you want to get in on the eVTOL game but don’t have (or want) billionaire backing? Long-time contributor [spiritplumber] demonstrates how to do it on the cheap, with a low-cost quadcopter and a foam wing called Lift5.

Most eVTOL isn’t just quadcopters, after all — multirotors are great for playing with in the back yard, but their thrust-based lift makes for short range, and the engine-out options are all bad. Add a wing, and you can get that sweet, sweet dynamic lift. Add an extra, forward facing motor, and you can get thrust in the direction you need it most. That’s what [spiritplumber] is doing here: strapping a foam wing to a cheap quadcopter. Specifically, his custom frame for an Eiele F120 drone kit.You can see it in action in the demo video embedded below.

The wing and its forward thrust motor are equipped with its own speed controller, so the concept should be adaptable to just about any little drone. Quadcopter flight computers are mostly going to be able to compensate for the added lift and thrust automatically, which is neat, considering that these forces would require some bizarre headwind/updraft very unlikely to be found in nature.

Now the wing does add a lot of drag during the lift phase, to be sure, so [spiritplumber] is working on folding or tilting it out of the way, but that version is apparently inordinately fond of trees. Once the control issues are worked out you’ll likely see it on his site and YouTube channel Robots Everywhere.

[spiritplumber] has been contributing hacks here at least since 2009, when he showed us how to make a Macbook right click.

youtube.com/embed/VPGdzh6Qtys?…

hackaday.com/2025/11/15/evtol-…

Fortinet ha confermato la scoperta di una vulnerabilità critica (CWE-23, path traversal vulnerability) nei dispositivi FortiWeb, identificata con il codice CVE-2025-64446 e registrata come IR Number FG-IR-25-910.

La falla, pubblicata il 14 novembre 2025, interessa principalmente l’interfaccia di gestione GUI e permette a un attaccante non autenticato di eseguire comandi amministrativi tramite richieste HTTP o HTTPS manipolate. La gravità della vulnerabilità è classificata come critica, con un punteggio CVSSv3 di 9.1, e il rischio principale riguarda il controllo degli accessi inadeguato, che potrebbe portare a compromissioni severe dei sistemi.

Secondo Fortinet, la vulnerabilità è già stata sfruttata in contesti reali, aumentando l’urgenza di adottare misure correttive. L’accesso non autorizzato ai dispositivi FortiWeb potrebbe consentire agli attaccanti di ottenere pieno controllo amministrativo, con potenziali conseguenze gravi sulla sicurezza delle reti aziendali.

Le versioni FortiWeb vulnerabili e gli aggiornamenti consigliati sono:

Come misura temporanea, Fortinet consiglia di disabilitare l’accesso HTTP e HTTPS sulle interfacce esposte a Internet. Se l’accesso HTTP/HTTPS è limitato a reti interne, come previsto dalle best practice di sicurezza, il rischio di sfruttamento della vulnerabilità risulta notevolmente ridotto. Questa soluzione permette di mitigare temporaneamente la minaccia fino all’installazione degli aggiornamenti correttivi.

Dopo l’aggiornamento, gli amministratori di sistema dovrebbero esaminare attentamente la configurazione dei dispositivi e analizzare i log per identificare eventuali modifiche non autorizzate o la creazione di account amministrativi sospetti. Queste operazioni di audit sono fondamentali per garantire che eventuali tentativi di compromissione precedenti vengano rilevati e corretti.

Fortinet ha inoltre reso disponibili i pacchetti di aggiornamento nei formati CVRF e CSAF per una gestione strutturata della vulnerabilità. L’azienda invita tutti i clienti a intervenire tempestivamente, data la gravità critica della falla, la sua presenza già in scenari di sfruttamento reale e l’inserimento nel catalogo CISA KEV.

Rischio elevato delle interfacce di amministrazione esposte

Non è consigliabile rendere le interfacce di amministrazione di dispositivi come FortiWeb accessibili su Internet. Anche con aggiornamenti disponibili o sistemi di autenticazione implementati, il rischio rimane elevato: una patch potrebbe non essere ancora applicata, oppure l’autenticazione potrebbe presentare vulnerabilità.

Esporre la GUI pubblicamente espone l’intera azienda a possibili attacchi, inclusi quelli automatizzati, rendendo il sistema vulnerabile a compromissioni critiche. La regola fondamentale per la sicurezza dei dispositivi di rete è che l’accesso amministrativo dovrebbe essere sempre limitato a reti interne sicure e mai reso direttamente pubblico.

Riduci l’esposizione: questa è la chiave del successo.

L'articolo Vulnerabilità critica in FortiWeb: Fortinet e CISA consigliano aggiornamenti urgenti proviene da Red Hot Cyber.