I ricercatori di sicurezza informatica hanno scoperto una sofisticata campagna malware che sfrutta la popolarità degli strumenti di intelligenza artificiale per prendere di mira gli utenti di lingua cinese.

Questa campagna rappresenta un’evoluzione preoccupante nelle tattiche di ingegneria sociale, in cui gli autori delle minacce sfruttano le tendenze tecnologiche emergenti per aumentare i tassi di successo dei loro attacchi.

Le vittime vengono indotte a scaricare programmi di installazione apparentemente legittimi per le applicazioni cinesi più diffuse, come WPS Office, Sogou e DeepSeek.

L’attacco sfrutta falsi programmi di installazione mascherati da download di software legittimi, tra cui il famoso chatbot con intelligenza artificiale DeepSeek, per distribuire minacce persistenti avanzate sui sistemi delle vittime.

Questi programmi di installazione contraffatti, distribuiti principalmente come file MSI, contengono payload sofisticati progettati per compromettere il sistema a lungo termine, mantenendo la massima discrezione attraverso tecniche di elusione avanzate.

Gli analisti di Netskope hanno identificato questa campagna durante le normali attività di ricerca delle minacce, scoprendo che i falsi programmi di installazione forniscono due componenti dannosi principali: Sainbox RAT, una variante della famigerata famiglia Gh0stRAT, e una versione modificata del rootkit open source Hidden.

La catena di infezione si avvia quando il programma di installazione MSI dannoso esegue una doppia operazione ingannevole: installa contemporaneamente il software legittimo per evitare sospetti nell’utente e distribuisce il suo payload dannoso tramite una complessa tecnica di caricamento laterale delle DLL.

L’utilizzo di varianti di RAT commerciali, come Gh0stRAT, e di rootkit del kernel open source, come Hidden, offre agli aggressori controllo e furtività senza richiedere un notevole sviluppo personalizzato. Netskope Threat Labs continuerà a monitorare l’evoluzione del RAT Sainbox e delle TTP del gruppo Silver Fox.

L'articolo Allarme malware: campagna di phishing con intelligenza artificiale prende di mira gli utenti cinesi proviene da il blog della sicurezza informatica.

Beste allemaal, Ik ben Kirsten Zimmerman, sinds 2022 met veel plezier stadsdeelcommissielid in Amsterdam-Noord voor De Groenen Basis Piraten. Mijn speerpunten zijn behoud van het groen, directe democratie, (online) privacy en sociale verbinding. Ik help de Noorderlingen graag en probeer bewoners in hun kracht te zetten om zelf met oplossingen voor maatschappelijke problemen aan de […]

Het bericht Kirsten stelt zich voor verscheen eerst op Piratenpartij.

For whatever reason, certain pieces of technology can have a difficult time interacting with the physical world. Anyone who has ever used a printer or copier can attest to this, as can anyone whose robot vacuum failed to detect certain types of non-vacuumable waste in their path, making a simple problem much worse. Farm equipment often falls into this category as well, where often complex machinery needs an inordinate amount of maintenance and repair just to operate normally. Wood chippers specifically seem to always get jammed or not work at all, so [Homemade Inventions] took a shot at building one on their own.

To build this screw-based wood chipper, the first thing to fabricate is the screw mechanism itself. A number of circles of thick steel were cut out and then shaped into pieces resembling large lock washers. These were then installed on a shaft and welded end-to-end, creating the helical screw mechanism. With the “threads” of the screw sharpened it is placed into a cylinder with a port cut out to feed the wood into. Powering the screw is a 3 kW electric motor paired with a custom 7:1 gearbox, spinning the screw at around 200 rpm. With that, [Homemade Inventions] has been able to easily chip branches up to 5 centimeters thick, and theorizes that it could chip branches even thicker than that.

Of course, wood chippers are among the more dangerous tools that are easily available to anyone with enough money to buy one or enough skill to build one, along with chainsaws, angle grinders, and table saws, so make sure to take appropriate safety precautions when using or building any of these things. Of course, knowing the dangers of these tools have led to people attempting to make safer versions like this self-propelled chainsaw mill or the semi-controversial table saw safety standard.

Thanks to [Keith] for the tip!

youtube.com/embed/8TzriE8APjs?…

hackaday.com/2025/06/28/a-wood…

Dopo il Garante italiano, ora il garante tedesco per la protezione dei dati ha chiesto ad Apple e a Google, sussidiaria di Alphabet, di rimuovere l’app DeepSeek della startup cinese di intelligenza artificiale (IA) dai loro negozi online a causa di preoccupazioni relative ai dati personali. In una dichiarazione rilasciata venerdì, Meike Kamp ha affermato di aver fatto questa richiesta perché, a suo dire, DeepSeek stava trasferendo illegalmente dati personali di utenti tedeschi in Cina.

Ora i due colossi tecnologici statunitensi dovranno valutare rapidamente questa richiesta prima di decidere se bloccare o meno l’app in Germania, ha aggiunto. DeepSeek non ha risposto alla richiesta di commento, mentre Apple e Google non erano immediatamente disponibili per un commento. Nelle sue condizioni d’uso, DeepSeek dichiara di archiviare molti dati personali, come le richieste inviate al suo programma di intelligenza artificiale o i file scaricati, su computer situati in Cina.

“DeepSeek non è stata in grado di fornire alla mia agenzia prove convincenti del fatto che i dati degli utenti tedeschi siano protetti in Cina a un livello equivalente a quello dell’Unione Europea”, sostiene Meike Kamp. “Le autorità cinesi hanno ampi diritti di accesso ai dati personali nell’ambito della sfera di influenza delle aziende cinesi”, continua.

Meike Kamp ha dichiarato di aver preso la decisione dopo aver chiesto a DeepSeek a maggio di conformarsi alle norme sui trasferimenti di dati al di fuori dell’Unione Europea (UE) o di rimuovere la sua app dagli store di Apple e Google. Ha affermato che DeepSeek non ha mai risposto alla sua richiesta. La startup cinese ha scosso il mondo della tecnologia a gennaio affermando di aver sviluppato un modello di intelligenza artificiale in grado di rivaleggiare con quelli di aziende americane come OpenAI, creatrice di ChatGPT, a un costo molto più basso.

L’Italia ha bandito DeepSeek dagli app store all’inizio di quest’anno, adducendo come motivazione la mancanza di informazioni circa l’utilizzo dei dati personali, mentre i Paesi Bassi hanno vietato l’app sui dispositivi governativi. Negli Stati Uniti è in preparazione un disegno di legge che impedirebbe alle agenzie americane di utilizzare modelli di intelligenza artificiale sviluppati in Cina.

Reuters, citando un alto funzionario statunitense, ha riferito questa settimana che DeepSeek ha assistito Pechino in operazioni militari e di intelligence.

L'articolo Apple e Google sotto pressione: garante tedesco vuole rimuovere DeepSeek proviene da il blog della sicurezza informatica.

Whatever your day job, many of us would love to jump behind the controls of a dump truck for a lark. In the real world, that takes training and expertise and the opportunity is denied to many of us. However, you can live out those dreams on your desk with this 3D-printed build from [ProfessorBoots.]

The build exists as two separate parts—the tractor, and the trailer. The tractor is effectively a fairly straightforward custom RC build, albeit with a few additional features to make it fit for purpose. It’s got six wheels as befitting a proper semi, and it has a nifty retractable magnetic hitch mechanism. This lets it hook up to various trailers and unhitch from them as desired, all from a press on the remote. The hitch also has provision for power and control lines that control whatever trailer happens to be attached.

As for the trailer, it’s a side-dumper that can drop its load to the left or right as desired. The dumping is controlled via a linear actuator using a small DC motor and a threaded rod. A servo controls a sliding locking mechanism which determines whether the truck dumps to the left or right as the linear actuator rises up.

The design video covers the 3D printed design as well as some great action shots of the dump truck doing its thing. We’ve featured some builds from [ProfessorBoots] before, too, like this neat 3D-printed forklift . Video after the break.

youtube.com/embed/kiSTf0KXe-Y?…

hackaday.com/2025/06/27/buildi…

Il team PT SWARM di Positive Technologies ha segnalato l’eliminazione di una vulnerabilità nel browser Firefox che avrebbe potuto consentire agli aggressori di aggirare il meccanismo di download sicuro dei file. Il problema è stato scoperto dal dipendente dell’azienda Daniil Satyaev, a seguito del quale gli sviluppatori di Mozilla hanno prontamente rilasciato aggiornamenti.

La vulnerabilità è stata identificata come CVE-2025-6430. La sua essenza risiede nell’elaborazione errata dell’intestazione “Content-Disposition”, responsabile delle istruzioni al browser su come gestire il file scaricato. In condizioni normali, la presenza di questa intestazione dovrebbe forzare il browser a salvare il file, anziché aprirlo direttamente.

Tuttavia, si è scoperto che utilizzando i tag HTML, questo requisito veniva ignorato. Di conseguenza, i file scaricabili potevano essere aperti direttamente nella finestra del browser. Questa situazione creava il rischio di attacchi di iniezione di codice dannoso, inclusi scenari che sfruttavano vulnerabilità XSS.

Il problema ha interessato le versioni di Firefox precedenti alla 140, nonché le build enterprise di Firefox ESR precedenti alla 128.12. Dopo aver ricevuto la notifica da Positive Technologies, gli specialisti di Mozilla hanno risolto la vulnerabilità e incluso le correzioni necessarie nelle ultime versioni del browser.

Tali falle rappresentano un grave rischio per la sicurezza, soprattutto per i siti che si affidano al download forzato di file per proteggersi da possibili esecuzioni di contenuti all’interno del browser. Ignorare l’intestazione potrebbe portare gli utenti ad aprire inconsapevolmente file potenzialmente pericolosi direttamente su una pagina web.

Gli sviluppatori di Mozilla hanno esortato gli utenti ad aggiornare i propri browser alle versioni più recenti per ridurre al minimo il rischio di attacchi legati a questa vulnerabilità. Le aziende hanno inoltre raccomandato di rivedere la logica di gestione degli allegati sui propri siti, tenendo conto di possibili aggiramenti dei meccanismi di protezione standard.

L'articolo Gli hacker di Positive Technologies trovano una falla in Firefox ignorata da molti anni su Firefox proviene da il blog della sicurezza informatica.

Comincio col dire che non considero la pirateria una necessità.
Tuttavia, da appassionata di generi come lo Yuri e lo Shoujo-ai, mi chiedo spesso: come si fa a trovare materiale da leggere, considerando che in Italia queste opere arrivano col contagocce?
Un altro pensiero che continua a girarmi in testa è: perché nel nostro Paese arrivano pochissimi Yuri e Shoujo-ai, mentre invece c'è un’abbondanza di Yaoi?

Earlier this month, Freedom of the Press Foundation (FPF) and the Society of Professional Journalists led a letter to Steve Catalano, chair of the Greene County Board of Supervisors, objecting to a policy that reportedly prohibited county employees from speaking to the press and required them to label anything they provide to the press as “opinion.”

In response, the county claimed that the policy does not exist, despite several county employees reportedly telling local newspaper The Daily Progress that they could not speak to the media about public records requests they’d denied due to the policy.

We don’t know why county employees would be “confused” by a nonexistent gag policy if such a policy had not been communicated to them but, to resolve any confusion, here is the email chain that includes the denial of the policy’s existence.

freedom.press/static/pdf.js/we…

We hope any reporters whose requests for information are denied underthe supposed policy will show their sources this email, and that any Greene County employees who are confronted for not abiding by the policy will show it to their supervisors.

We note that even the above email denying the existence of the policy acknowledged that it is the county’s position that “When staff are asked about the County’s official position on policy matters, they are to represent the majority position of the Board or defer the question to the Chairman.”

We informed the County of the ambiguity of that position and the need to put its rules in writing, so that there won’t be further confusion if they’re constitutional, and so those impacted can challenge them if they’re not. As you can see, they said they would — we’ll hold them to it and will keep you posted.

freedom.press/issues/greene-co…

Dear Friend of Press Freedom,

It’s the 94th day that Rümeysa Öztürk is facing deportation by the United States government for writing an op-ed it didn’t like. More press freedom news below.

Paramount should abandon mediation with Trump. So should the mediator

Earlier this week, CBS News filed a strong brief outlining why President Donald Trump’s lawsuit over the editing of its 2024 interview with Kamala Harris is completely frivolous and an affront to the First Amendment.

But just days later, The Wall Street Journal reported that a mediator had proposed CBS owner Paramount Global settle the suit for $20 million. It’s been reported that Paramount — believing the Trump administration will block its merger with Skydance Media if it doesn’t settle – had previously offered $15 million, which Trump declined, demanding at least $25 million.

We wrote about why the unnamed mediator needs to consider their ethical obligations to not facilitate what may amount to an illegal bribe. Read more here.

Stop prosecuting journalist who exposed antisemitism

The Trump administration loves to position itself as an enemy of antisemitism. But it has continued its predecessor’s legally dubious prosecution of journalist Tim Burke, who found outtakes of a 2022 antisemitic rant by Ye, formerly Kanye West, that Fox News cut from a Tucker Carlson interview.

We’ve written before about why the government’s legal theories are nonsense, but there’s also the issue of why two presidential administrations thought it was a wise use of prosecutorial discretion to go after someone who clearly did a public good.

Freedom of the Press Foundation (FPF) Advocacy Director Seth Stern, along with Bobby Block of the Florida First Amendment Foundation, urged the administration to drop the case in USA Today. Read more here.

Putting public records to use

Federal agencies are closing their Freedom of Information Act offices, disappearing information from their websites, no longer creating records, and possibly even inappropriately destroying them. At the local level, we’re seeing legislation introduced across various states that would make it easier for local governments to ignore requests they don’t like.

To discuss how the public can use public records requests to fight back against mounting secrecy, we hosted a webinar June 24 with Washington Post FOIA Director Nate Jones, MuckRock CEO Michael Morisy, investigative journalist and author Miranda Spivack, and FPF’s Daniel Ellsberg Chair on Government Secrecy Lauren Harper. Watch it here.

What’s going on in Greene County?

Earlier this month, FPF and the Society of Professional Journalists led a letter to Steve Catalano, chair of the Greene County Board of Supervisors, objecting to a policy that reportedly prohibited county employees from speaking to the press and required them to label anything they provide to the press as “opinion.”

In response, the county claimed that the policy does not exist, despite several county employees reportedly telling local newspaper The Daily Progress that they could not speak to the media about public records requests they’d denied due to the policy.

To resolve any confusion among reporters and county employees under the impression that there’s a gag order, we posted the exchange on our website. Read more here.

What we’re reading

‘They’re not breathing’: Inside the chaos of ICE detention center 911 calls (Wired). This important story is available to read for free, thanks to Wired’s partnership with FPF to unpaywall FOIA-based reporting. Other outlets should follow suit.

DeKalb solicitor-general dismisses charges against journalist Mario Guevara (Atlanta Civic Circle). Dropping charges is nice, but too little, too late after they handed the journalist (who has a legal work authorization) over to Immigration and Customs Enforcement.

‘Giving information to the enemy’: Israel’s ban on Al Jazeera extends to foreign broadcasters (The Dissenter). It was obvious from the outset that Israel’s Al Jazeera ban was a pretext for further censorship. The same goes for U.S. efforts to crack down on foreign media.

The Paramount risk in settling Trump’s lawsuit: ‘Bribery’? (The Wall Street Journal). The Journal’s editorial board writes that, instead of caving to Trump, Paramount should “win the legal case [and] vindicate its CBS journalists and the First Amendment.”

White House to limit intelligence sharing, skip Gabbard at Senate Iran briefing (The Washington Post). The public should know if the Trump administration is lying about its Iran strike. Leaks undermining the administration’s claims aren’t an excuse for secrecy — they are a reason to declassify the underlying records.

freedom.press/issues/trump-par…

Supreme Leader Khamenei declared victory over Israel and said the U.S. "will definitely pay a heavy price" should it attack Iran again

Realtà alternative...