There are many ways to learn, but few to none of them compare to that of spending time standing over the shoulder of a master of the craft. This awesome page sent in by [JohnU] is a fantastic corner of the internet that lets us all peek over that shoulder to see someone who’s not only spent decades learning the art of of creating cable harnesses, but has taken the time to distill some of that vast experience for the rest of us to benefit from.

This page is focused on custom automotive and motorcycle modifications, but it’s absolutely jam-packed with things applicable in so many areas. It points out how often automotive wiring is somewhat taken for granted, but it shouldn’t be; there are hundreds of lines, all of which need to work for your car to run in hot and cold, wet and dry. The reliability of wiring is crucial not just for your car, but much larger things such as the 530 km (330 mi) of wiring inside an Airbus A380 which, while a large plane, is still well under 100 m in length.

This page doesn’t just talk about cable harnessing in the abstract; in fact, the overwhelming majority of it revolves around the practical and applicable. There is a deep dive into wiring selection, tubing and sealing selection, epoxy to stop corrosion, and more. It touches on many of the most common connectors used in vehicles, as well as connectors not commonly used in the automotive industry but that possess many of the same qualities. There are some real hidden gems in the midst of the 20,000+ word compendium, such as thermocouple wiring and some budget environmental sealing options.

There is far more to making a thing beyond selecting the right parts; how it’s assembled and the tools used are just as important. This page touches on tooling, technique, and planning for a wire harness build-up. While there are some highly specialized tools identified, there are also things such as re-purposed knitting needles. Once a harness is fully assembled it’s not complete, as there is also a need for testing that must take place which is also touched on here.

Thanks to [JohnU] for sending in this incredible learning resource. If this has captured your attention like it has ours, be sure to check out some of the other wire harness tips we’ve featured!

hackaday.com/2025/07/12/wire-l…

Il gruppo di criminali informatici RansomedVC, tornato sulla scena nel 2025, ha pubblicando sul suo sito web ufficiale una fuga di notizie di corrispondenza interna del gruppo di hacker Medusa, uno dei più noti gruppi di ransomware al mondo. La pubblicazione è stata programmata in concomitanza con il lancio di un nuovo Data Leak Site (DLS) che ha coinvolto due vittime, una statunitense e una brasiliana. Si è trattato della prima azione di alto profilo da quando RansomedVC è tornato sulla scena informatica.

RansomedVC si è concentrato sulla divulgazione delle chat di Medusa risalenti all’11 dicembre 2022 e al marzo 2023. La corrispondenza suggerisce che il gruppo utilizzava un account chiamato MediaTeam per promuovere le proprie attività su Telegram e YouTube.

Medusa è un gruppo che ha raggiunto la notorietà nel 2023. Contrariamente a quanto si potrebbe pensare, il loro modello di business è molto diverso dal classico Ransomware as a Service e operano su una divisione monitorata di sottogruppi. Ultimamente abbiamo notato uno strano comportamento da parte dell’amministratore, come confermato da altri affiliati: sembra completamente assente e insensibile alle esigenze dei suoi membri. Ha recentemente eliminato tutti i gruppi sul server di RocketChat senza preavviso, lasciando agli affiliati solo due plausibili motivi: exit scam o arresto dell’amministratore da parte delle autorità. Vi fidereste di Medusa se tornasse attivo? Di seguito vi abbiamo lasciato un interessante elenco di affiliati che partecipano al programma Medusa, ora sapete dove ripopolare il gruppo e guadagnare un sacco di soldi con le vostre competenze 😀

Per accedere ai sistemi, erano necessari degli hash dump e Medusa preferiva il servizio put.io con un piano da 10 TB e Mega Pro 2 come storage cloud. Le informazioni sulle versioni software delle vittime sono state raccolte dalla documentazione ufficiale delle aziende. L’utility GMER è stata utilizzata per gestire i rootkit, mentre gli strumenti Volatility e LSADump sono stati utilizzati per estrarre le password. Tra gli obiettivi menzionati figuravano Green Cloud e StoreOnce.

Annuncio di fuga di notizie su Medusa su RansomedVC

Sono stati utilizzati exploit specifici su sistemi vulnerabili, tra cui CVE-2022-26134 , una vulnerabilità critica in Atlassian Confluence. Sono stati inoltre discussi la vulnerabilità ProxyNotShell , che colpisce Outlook Web App, e i problemi di bypass antivirus in Windows Defender.

Tra i membri di Medusa menzionati ci sono circa 20 nickname affiliati. Tra questi c’è “drumrlu”, ampiamente conosciuto sui forum underground come Initial Access broker (IaB). In precedenza, aveva fornito accesso al gruppo Thanos. In uno degli episodi, si lamenta del fatto che il firewall Fortinet bloccasse tutto il traffico e descrive come ha aggirato il problema installando Anydesk tramite TOR e configurando un proxy per il controllo remoto: la sessione è durata un’ora.

La chat rivela anche conflitti interni: quando uno dei partecipanti, Ray, ha chiesto a drumrlu uno script, questi ha rifiutato, temendo di “bruciare” il metodo, ma ha espresso il suo supporto. Anche la traccia linguistica è caratteristica: il partecipante Jester scriveva costantemente in russo. Atari ha mostrato interesse nell’aggirare Windows Defender e nopiro ha confermato di aver sfruttato la suddetta vulnerabilità di Confluence. Si ritiene che il datastore del partecipante fosse in precedenza membro di Makop, un altro noto gruppo ransomware .

Il presunto leader di Medusa, nascosto sotto il soprannome di “boss”, propose di inviare messaggi sull’attacco hacker a tutti i dipendenti delle aziende e ai giornalisti, sperando in questo modo di attirare l’attenzione del pubblico. Si discusse anche di formazione su YouTube: i video sulla disattivazione delle protezioni di Windows erano molto richiesti.

La pubblicazione delle chat ha coinciso con la creazione di una nuova versione del sito di RansomedVC l’8 luglio 2025. Ciò suggerisce che la fuga di notizie fosse stata pianificata in anticipo e mirasse ad aumentare l’interesse per il gruppo testando la reazione alle prime due vittime. In questo modo, RansomedVC sta cercando di affermarsi come un attore di rilievo nell’ecosistema dei ransomware, cercando al contempo di minare la reputazione dei suoi concorrenti.

Di particolare interesse è stata la corrispondenza in cui Ray ha condiviso uno script volto ad attivare la Modalità provvisoria in Windows per disabilitare i meccanismi di protezione. Lo script crea un servizio, lo registra nel registro e commuta il sistema in Modalità provvisoria con un successivo riavvio. Tuttavia, errori di sintassi e presupposti relativi al funzionamento della rete in Modalità provvisoria si sono rivelati un fallimento per gli hacker: la rete non funziona in questa modalità di default e, senza ulteriori accorgimenti, l’accesso remoto viene perso. Inoltre, alcuni parametri erano scritti in modo errato, il che rendeva instabile l’avvio del servizio.

Le chat mostrano che Medusa si sta concentrando sui prodotti Fortinet: sia le chat che gli eventi del 2024 menzionano tentativi di sfruttare le SQL injection in questi sistemi. Tutte le attività indicano un focus sugli Stati Uniti, il Paese più spesso menzionato tra gli obiettivi.

RansomedVC sottolinea di aver avuto accesso a questi dati grazie a “insider“. Considerando l’arco temporale della corrispondenza e il ritorno del gruppo stesso, non si può escludere che uno dei membri di RansomedVC abbia collaborato con Medusa in passato. Ciò potrebbe anche indicare un conflitto interno o un tentativo di destabilizzare un concorrente attraverso una fuga di notizie deliberata.

La struttura stessa del mondo della criminalità informatica sta diventando più aggressiva e competitiva: i gruppi si contendono partner affiliati, massimizzano il numero delle vittime, offrono supporto personalizzato durante le negoziazioni, si dedicano al rebranding, lottano per la reputazione e lo spazio informativo. La fuga di notizie di Medusa si sta inserendo in questa lotta e RansomedVC la sta sfruttando per tornare in gioco.

L'articolo Criminal Hacker contro Criminal hacker! RansomedVC umilia Medusa pubblicando le chat del gruppo proviene da il blog della sicurezza informatica.

I ricercatori di Huntress hanno rilevato lo sfruttamento attivo di una vulnerabilità critica in Wing FTP Server, appena un giorno dopo la sua divulgazione pubblica. La vulnerabilità CVE-2025-47812 ha ricevuto il massimo livello di gravità (CVSS 10.0), in quanto consente l’esecuzione remota di codice arbitrario su un server vulnerabile. Il problema è stato scoperto e segnalato dagli specialisti di RCE Security, che ne hanno tuttavia pubblicato i dettagli tecnici solo il 30 giugno, più di un mese dopo il rilascio della patch.

Wing FTP Server è una popolare soluzione multipiattaforma per il trasferimento file che supporta i protocolli FTP, FTPS, SFTP e HTTP/S. Secondo gli sviluppatori, il programma è utilizzato da oltre 10.000 clienti in tutto il mondo, tra cui Airbus, Reuters e l’Aeronautica Militare statunitense. La vulnerabilità riguarda il meccanismo di gestione dei nomi utente nell’interfaccia web di Wing FTP. Quando viene trasmesso un nome utente contenente un byte nullo ( ), tutto ciò che segue viene interpretato come codice Lua. Questo codice viene salvato nel file di sessione e quindi eseguito durante la deserializzazione, consentendo a un aggressore di ottenere il pieno controllo del server.

Secondo Huntress, i primi attacchi sono iniziati il 1° luglio, meno di 24 ore dopo la divulgazione della vulnerabilità. Gli aggressori si sono chiaramente basati su informazioni tecniche pubblicate. Inizialmente, i ricercatori hanno registrato tre connessioni al server della vittima, dopodiché è comparso un quarto aggressore, che ha iniziato a scansionare attivamente il file system, creando nuovi utenti e cercando di introdursi nel sistema. Tuttavia, le sue azioni hanno rivelato un basso livello di preparazione: i comandi contenevano errori, PowerShell si è bloccato e un tentativo di scaricare un trojan è fallito: il file è stato intercettato da Microsoft Defender. L’analisi dei log ha mostrato che a un certo punto l’aggressore ha persino provato a cercare su Internet come utilizzare l’utilità curl e poi, probabilmente, ha chiesto aiuto: un quinto partecipante si è connesso al server.

Dopo diversi tentativi falliti, l’aggressore ha tentato di caricare un file dannoso, ma il server si è bloccato poco dopo e l’organizzazione lo ha messo in quarantena, impedendo ulteriori azioni. Nonostante l’inefficacia dell’attacco, Huntress avverte che la vulnerabilità CVE-2025-47812 è attivamente sfruttata e rappresenta una minaccia reale. I ricercatori raccomandano vivamente a tutti gli utenti di Wing FTP di aggiornare alla versione 7.4.4, che contiene la correzione.

L’incidente ha anche evidenziato la vulnerabilità dei protocolli legacy. FTP è stato creato negli anni ’70 e la sicurezza non era una priorità all’epoca. Sebbene Wing FTP supporti protocolli più sicuri come SFTP e MFT, questi sono disponibili solo in versioni commerciali. Molti progetti moderni come Chrome, Firefox e Debian hanno da tempo abbandonato il supporto per FTP, riflettendo un generale cambiamento di atteggiamento nei confronti del protocollo negli ambienti professionali.

L'articolo Una vulnerabilità RCE in Wing FTP Server da score 10 apre le porte a 10.000 aziende proviene da il blog della sicurezza informatica.

One of the tropes of the space race back in the 1960s, which helped justify the spending for the part of the public who thought it wasn’t worth it, was that the technology developed for use in space would help us out here back on earth. The same goes for the astronomical expenses in Formula 1, or even on more pedestrian tech like racing bikes or cinematography cameras. The idea is that the boundaries pushed out in the most extreme situations could nonetheless teach us something applicable to everyday life.

This week, we saw another update from the Minuteman project, which is by itself entirely ridiculous – a 3D printer that aims to print a 3D Benchy in a minute or less. Of course, the Minuteman isn’t alone in this absurd goal: there’s an entire 3D printer enthusiast community that is pushing the speed boundaries of this particular benchmark print, and times below five minutes are competitive these days, although with admittedly varying quality. (For reference, on my printer, a decent-looking Benchy takes about half an hour, but I’m after high quality rather than high speed.)

One could totally be forgiven for scoffing at the Speed Benchy goal in general, the Minuteman, or even The 100, another machine that trades off print volume for extreme speed. But there is definitely trickle-down for the normal printers among us. After all, pressure advance used to be an exotic feature that only people who were using high-end homemade rigs used to care about, and now it’s gone mainstream. Who knows if the Minuteman’s variable temperature or rate smoothing, or the rigid and damped frames of The 100, or its successor The 250, will make normal printers better.

So here’s to the oddball machines, that push boundaries in possibly ridiculous directions, but then share their learnings with those of us who only need to print kinda-fast, but who like to print other things than little plastic boats that don’t even really float. At least in the open-source hardware community, trickle-down is very real.

This article is part of the Hackaday.com newsletter, delivered every seven days for each of the last 200+ weeks. It also includes our favorite articles from the last seven days that you can see on the web version of the newsletter. Want this type of article to hit your inbox every Friday morning? You should sign up!

hackaday.com/2025/07/12/trickl…

Sometimes, all you need to make something work is to come at it from a different angle from anyone else — flip the problem on its head, so to speak. That’s what [Keizo Ishibashi] did to create his Cantareel, a modified guitar that actually sounds like a hurdy-gurdy.

We wrote recently about a maker’s quest to create just such a hybrid instrument, and why it ended in failure: pressing strings onto the fretboard also pushed them tighter to the wheel, ruining the all-important tension. To recap, the spinning wheel of a hurdy-gurdy excites the strings exactly like a violin bow, and like a violin bow, the pressure has to be just right. There’s no evidence [Keizo Ishibashi] was aware of that work, but he solved the problem regardless, simply by thinking outside the box — the soundbox, that is.

Unlike a hurdy-gurdy, the Cantareel keeps its wheel outside the soundbox. The wheel also does not rub directly upon the strings: instead, it turns what appears to be a pair of o-rings. Each rosined o-ring bows 2 of the guitar’s strings, giving four strings a’ singing. (Five golden rings can only be assumed.) The outer two strings of this ex-six-string are used to hold the wheel assembly in place by feeding through holes on the mounting arms. The guitar is otherwise unmodified, making this hack reversible.

It differs from the classic hurdy-gurdy in one particular: on the Cantareel, every string is a drone string. There’s no way to keep the rubber rings from rubbing against the strings, so all four are always singing. This may just be the price you pay to get that smooth gurdy sound out of a guitar form factor. We’re not even sure it’s right to call it a price when it sounds this good.

youtube.com/embed/1fVSCuUCHtA?…

Thanks to [Petitefromage] for the tip. If you run into any wild and wonderful instruments, don’t forget to let us know.

hackaday.com/2025/07/12/the-ca…

Dear Friend of Press Freedom,

It’s the 107th day that Rümeysa Öztürk is facing deportation by the United States government for writing an op-ed it didn’t like, and the 27th day that Mario Guevara has spent behind bars for covering a protest. Read on for news on more recent affronts by the government on the free press.

LA journalists reflect on protest attacks

Journalists covering recent demonstrations in California have been assaulted, detained, shot with crowd-control munitions, and had their equipment searched — simply for doing their jobs.

Independent journalists from Los Angeles talk to FPF about the attacks from law enforcement they endured while covering recent demonstrations.

Screenshot.

Independent reporters are especially vulnerable. We hosted an online discussion with some of them — Ben Camacho, Sean Beckner-Carmitchel and Tina-Desiree Berg — to hear their firsthand accounts of their efforts to uphold the public’s right to know. We were also joined by Adam Rose, press rights chair at the Los Angeles Press Club, which, along with others, has sued law enforcement agencies for violating freedom of the press at the recent protests. Since our discussion, the judge in one of those lawsuits has ordered the Los Angeles Police Department to stop violating the First Amendment rights of journalists covering protests.

Listen to the conversation here.

New Jersey prosecutors ignore Constitution

Prosecutors are pursuing blatantly unconstitutional criminal charges against two Red Bank, New Jersey, journalists for declining to remove a police blotter entry about an arrest from a news website after the arrest was expunged, as FPF’s U.S. Press Freedom Tracker first reported.

They’re alleged to have engaged in disorderly conduct by revealing the existence of an arrest, knowing that the arrest record has been expunged or sealed, in violation of New Jersey Revised Statutes Section 2C:52-30.

We said in a press release that “prosecuting journalists for declining to censor themselves is alarming and blatantly unconstitutional … Any prosecutors who would even think to bring such charges either don’t know the first thing about the Constitution they’re sworn to uphold, or don’t care.” Read more here.

The rise and fall of FOIA Gras

Tom Hayden never intended to become a journalist. But in the midst of the COVID-19 pandemic, Hayden decided to look into how his local school district in Evanston, Illinois, was making decisions about when to send kids back to school.

That led to his Substack newsletter, FOIA Gras. As the name implies, it focused on Freedom of Information Act-based reporting. He broke important stories about local schools and more, and FOIA Gras became an invaluable resource for Evanstonians.

But earlier this year, he decided to shut it down after growing tired of the personal toll of being an unpaid citizen journalist covering politically charged news. Read more here.

Secrecy surrounds ICE’s for-profit detention network

President Donald Trump’s signature budget legislation allocates Immigration and Customs Enforcement a staggering $45 billion to expand immigrant detention efforts. Much of this money will go towards tripling ICE’s for-profit detention facility network.

Even though these private facilities hold human beings in federal custody under federal law, they are not subject to FOIA, the federal transparency law. This must change. Read more here.

Speaking of secret police…

Louisiana is the latest state to ignore the First Amendment to restrict journalists and others from recording police up close. Countless important news stories have come from footage of police abuses — which is exactly why we keep seeing laws like these.

We joined a legal brief led by the Foundation for Individual Rights and Expression and National Press Photographers Association. If you’re able, NPPA is definitely an organization you should support. They do an incredible job protecting the rights of photojournalists and all journalists, but they’re in financial trouble and need your help. Read the brief here.

What we’re reading

SPJ urges caution on anti-doxing laws, warns of threat to press freedom (Society of Professional Journalists). Anti-doxing laws, if not drafted carefully, could become tools to punish journalism. Read the letter we signed urging the Uniform Law Commission to pause potential legislation.

‘I am being persecuted’ | Atlanta journalist held in ICE custody releases letter (WALB News). “I am being persecuted for having carried out my journalistic work ... I need to get out in order to continue with my life, return to my work, and support my family,” wrote imprisoned journalist Mario Guevara.

Immigration officials used shadowy pro-Israel group to target student activists (The New York Times). Students exercising their First Amendment rights shouldn’t concern the government. And officials should base decisions on real intelligence, not “research” by amateur internet trolls.

Trump officials want to prosecute over the ICEBlock app. Lawyers say that’s unconstitutional (Wired). “ICE and the Trump administration are under the misimpression that law enforcement in the United States is entitled to operate in secret,” we told Wired.

I chaired the FCC. The ‘60 Minutes’ settlement shows Trump has weaponized the agency (The Guardian). “What was once an independent, policy-based agency is now using its leverage to further the Maga message,” writes former Federal Communications Commission Chair Tom Wheeler.

Gabbard’s team has sought spy agency data to enforce Trump’s agenda (The Washington Post). This retaliation could chill FOIA releases across the government. We are filing FOIA requests to learn how Gabbard’s agency is trying to stifle lawful disclosures.

Wishing for a world where corporate motives didn’t clash with the sacred trust of journalism (Poynter). “The ethics of the professional and the business can bump into each other. When they do, it is imperative that the ethics of the profession take precedence.”

freedom.press/issues/la-journa…

FOR IMMEDIATE RELEASE:

Prosecutors are pursuing baseless criminal charges against two Red Bank, New Jersey, journalists for refusing to remove a police blotter entry from a news website, as the Freedom of the Press Foundation’s U.S. Press Freedom Tracker first reported.

The defendants are Redbankgreen publisher Kenny Katzgrau and reporter Brian Donohue. They’re alleged to have engaged in disorderly conduct by revealing the existence of an arrest, knowing that the arrest record has been expunged or sealed, in violation of New Jersey Revised Statutes Section 2C:52-30. They’re represented by Pashman Stein Walder Hayden P.C., who have moved to dismiss the ridiculous charges. (Read their motion to dismiss below.)

On Sept. 18, 2024, Redbankgreen published the August 2024 blotter provided by the Red Bank Police Department, which contained information about the arrest. The arrest was later expunged on March 27, 2025. The blotter published by the Redbankgreen includes an update that the arrest was expunged, as well as a note that arrests in general are not determinations of guilt.

Freedom of the Press Foundation (FPF) Advocacy Director Seth Stern said:

Prosecuting journalists for declining to censor themselves is alarming and blatantly unconstitutional, as is ordering the press to unpublish news reports. Any prosecutors who would even think to bring such charges either don’t know the first thing about the Constitution they’re sworn to uphold, or don’t care. Failure to immediately correct and apologize for this inexplicable error would put prosecutors’ competence in doubt and warrant investigation of whether they should keep their law licenses.

The Supreme Court has held over and over that journalists are entitled to publish truthful information they lawfully obtain, in cases dealing with matters as sensitive as closed juvenile court proceedings and identities of rape victims. The Supreme Court of New Jersey has also upheld the right to publish expunged information. There is no exception for expunged arrest records and any state law that says otherwise violates the First Amendment. Any first-year law student should know that.

Journalists don’t work for the government and can’t be compelled to do its bidding. In the rare instances where the government is allowed to keep records from public view, it is the government’s responsibility, not the media’s, to ensure that they aren’t disclosed.

This is the latest in a string of egregious press freedom violations by local police and prosecutors across the country. Virtually all of them have failed and left taxpayers on the hook for needless legal fees, settlement payments, or both.

Earlier this year, Clarksdale, Mississippi, officials got a judge to order a newspaper to take down an editorial critical of the mayor. After national headlines about their frivolous antics led to public ridicule, they dropped the case.

Last year, the city of Los Angeles was forced to pay a settlement to journalist Ben Camacho after it sued him for publishing public records. Authorities in LA are also facing a lawsuit over an unconstitutional investigation of a journalist who obtained police disciplinary records.

In 2023, prosecutors in Atmore, Alabama, charged a journalist and news publisher for reporting on grand jury proceedings. The case was thrown out after becoming a national embarrassment, and a lawsuit is pending.

And most famously, the same year, authorities in Marion, Kansas, raided the newsroom of the Marion County Record as part of an investigation premised on the absurd notion that reporters violated computer crime laws by accessing a public website to confirm a news tip. The ordeal has led to multiple settlements and lawsuits, and even criminal charges against the ex-police chief who orchestrated it.

This is also, unfortunately, not the first recent instance of authorities harassing journalists over lawful reporting on arrests. Last year, San Francisco City Attorney David Chiu threatened civil penalties against a journalist, Jack Poulson, who reported on a sealed report of tech executive Maury Blackman’s arrest for domestic violence. A judge held that the California law that Chiu referenced to threaten Poulson was unconstitutional and, in a separate proceeding, a lawsuit brought by Blackman against Poulson was dismissed.

Please contact us if you would like further comment.

freedom.press/static/pdf.js/we…

freedom.press/issues/nj-report…

Sixteen Israeli experts in international law warned in a public letter that the plans presented by Israel's defense minister to concentrate Gaza's population in a "humanitarian city" constitute a manifestly illegal order and a war crime.

us18.campaign-archive.com/?e=0…