Salta al contenuto principale



Strade sbagliate


Viviamo in un tempo che idolatra l’andare avanti. L’avanzare, il progredire, il “non mollare mai”. Siamo educati a pensare che tornare indietro equivalga a fallire, a perdere terreno, a mostrarsi deboli. Ma questa è una narrazione incompleta, e talvolta pericolosa. Perché ci sono strade che, una volta intraprese, ci allontanano da chi siamo veramente. E non importa quanto lontano ci si sia spinti: puoi sempre tornare indietro. Questa frase ha il potere di ribaltare il pensiero comune. Ci ricorda che il vero atto di forza non è sempre resistere, ma avere la lucidità di fermarsi, guardarsi intorno, e ammettere che si è andati fuori rotta. In un’epoca dove ogni click, ogni scelta, ogni relazione sembra pubblica e definitiva, fare marcia indietro sembra impensabile. Ma è proprio lì che si nasconde la vera rivoluzione personale. Pensa a chi ha investito anni in un lavoro che lo prosciuga, lo svuota, lo allontana dai suoi valori. Ogni giorno si sveglia con un nodo allo stomaco, ma continua perché “ormai è tardi”, perché “non si può ricominciare da zero”. Ma chi ha detto che dobbiamo restare fedeli ad un errore solo perché ci abbiamo investito molto? Tornare indietro, in questo caso, non è arrendersi, ma scegliere la propria vita anziché subirla. Oppure pensa ad una relazione tossica, in cui l’amore ha lasciato spazio alla paura, al controllo, alla perdita di sé. Si resta perché “cambierà”, perché “ci siamo fatti promesse”, perché “non si può buttare tutto”. E invece sì, si può. Si può riconoscere che quella promessa era fatta da due persone diverse, e che le cose sono cambiate. Anche qui, tornare indietro è salvare sé stessi. Il nostro tempo è segnato da mappe GPS, ma nella vita reale non esistono voci elettroniche che ci dicono “ricalcolo del percorso”. Tocca a noi, con fatica, con coscienza. Fermarci. Riconoscere il paesaggio sbagliato. E scegliere. Sempre scegliere. E qual è la meraviglia? Che ogni volta che torni indietro da una strada sbagliata, ti riavvicini un po’ di più alla tua verità. Al tuo centro. Alla vita che vuoi davvero. Perché il cammino giusto non è mai quello tracciato dagli altri, ma quello che ha senso per te, anche se è più impervio, più lento, più incomprensibile agli occhi altrui. Nel 2025, tra algoritmi che decidono cosa vedere, app che suggeriscono cosa fare, e società che grida “non fermarti mai”, scegliere di fermarsi e invertire la rotta è un atto radicale. È una dichiarazione di libertà. È affermare che sei tu, e solo tu, l’autore del tuo percorso. Quindi, ovunque ti trovi, qualunque sia la distanza che hai percorso su una strada che non ti appartiene più, sappi questo: non è mai troppo tardi per tornare. Non sei in ritardo. Non sei finito. Sei semplicemente pronto a riscrivere la tua mappa.
E in questo, non c’è niente di più umano. E di più potente.


Più dialogo fra Ceo e Cio: in gioco è l’adozione dell’AI, anche nella cyber


@Informatica (Italy e non Italy 😁)
Attualmente quasi 4 Cio su dieci non si sentono allineati con il proprio Ceo in fase dei processi decisionali e sono frenati nel loro agire. Ecco perché invocano maggiore supporto da parte dei vertici in ambito AI, a partire dalla cyber resilienza
L'articolo Più



quando dico che mi pare di essere passata a universo distopico, molti potrebbero non capire. c'è una teoria della meccanica quantistica secondo cui la realtà è composta da un cosiddetto "multiverso". in pratica ogni volta che viene fatta una scelta, si crea c'è un universo on cui viene fatta quella scelta, e un altro in cui viene fatta quella opposta. non posso sapere ovviamente se tutte o quali scelte sono "così influenti" da splittare la realtà in 2 universi distinti. tutto questo è per lo più fantascienza, e infatti è proprio nella fantascienza che appare questo multiverso. è così che, ad esempio, i tedeschi vincono la seconda guerra mondiale, ma trame un modo/luogo di fragilità del tessuto dell'universo, cercano di invadere anche le realtà dove sono stato sconfitti.

tutto questo pippone per dire che nella testa di una persona con l'idea, creata dalla fantascienza, del multiverso, questo diventa quasi credibile. e così se l'universo proprio appare "normale". quelli "alternativi hanno spesso regole assurde e incredibili, e sono spesso quegli universi che io chiamo "distopici".

ora... non che il nostro universo o la nostra realtà fosse idilliaca anche 20 anni fa... tanto che pure sul cazzone che ha fatto l'universo avrei da dirne un po' se lo vedo, prima o poi, gliene dico 4, ma con trump e da un 4-5 anni pare davvero che le regole siano cambiare radicalmente e siano diventare incredibili e assurde.






Crosetto lancia l’esercito cyber, 1.500 unità per la sicurezza digitale italiana

@Notizie dall'Italia e dal mondo

Il governo prepara una nuova struttura militare interamente dedicata alla difesa informatica. Il ministro della Difesa Guido Crosetto ha annunciato la nascita di un “esercito cyber” composto da 1.500 unità, destinato a operare nel campo della sicurezza digitale



Bruxelles presenta la roadmap per la difesa fino al 2030, ma gli Stati frenano. I dettagli

@Notizie dall'Italia e dal mondo

A sette mesi dalla pubblicazione del piano ReArm Eu – poi ribattezzato Readiness 2030 – e dopo settimane di attacchi ibridi verso il continente, la Commissione europea ha presentato la roadmap che, nei prossimi anni, dovrebbe rappresentare la bussola comune degli Stati



MADAGASCAR. Deposto Rajoelina, al potere i militari


@Notizie dall'Italia e dal mondo
Dopo due settimane di proteste popolari e di crescente dissenso all’interno delle forze armate, il capo dello stato è stato ufficialmente deposto da un intervento del Capsat
L'articolo MADAGASCAR. Deposto pagineesteri.it/2025/10/16/map…



In an example of egregious planned obsolescence, as many as 400 million computers will soon hit the waste stream.#RighttoRepair #Windows10


The End of Windows 10 Support Is an E-Waste Disaster in the Making


Wednesday’s end of free Windows 10 support is an environmental disaster in the making, with as many as 400 million computers that cannot be upgraded to Windows 11 set to be cut off from receiving free security updates. The move is an egregious example of planned obsolescence that will inevitably result in the early deaths of millions of computers that would have otherwise had years of life left, and it is set to affect as many as 42 percent of all Windows computers worldwide.

“There’s 400 million computers that are going to enter the waste stream. That’s a disaster, just in terms of the sheer volume,” Nathan Proctor, director of consumer rights group PIRG’s right to repair campaign, said on the 404 Media Podcast. “And then you have people who are going to ignore the warnings and use a computer that’s insecure, so there’s going to [eventually] be some widespread security problems with these older, unsupported, no longer getting security updates computers.”

Microsoft has said it “will no longer provide free software updates from Windows Update, technical assistance, or security fixes for Windows 10. Your PC will still work, but we recommend moving to Windows 11.” The problem with this is that millions of computers don’t have the technical specs to move to Windows 11, and some large, unknown number of Windows 10 devices are owned and operated by businesses, governments, and large organizations like schools and nonprofits whose procurement rules do not allow them to operate devices that are no longer getting security updates. This means that these organizations will necessarily have to buy new devices, which has become a big topic of conversation on the r/sysadmin subreddit, a community of IT professionals who manage big fleets of computers.
youtube.com/embed/eAFVdrtmNf8?…
This inevitably means that many of those devices are going to end up in landfills and e-waste facilities, and that people are going to have to buy new computers, one of the more egregious examples of planned obsolescence in recent memory. Experts have repeatedly made clear that extending the use of any given device, either through repair, software updates, or just keeping a device for longer, is extremely important, because it delays all the carbon emissions associated with mining the raw materials needed to produce a new device and the energy and emissions associated with manufacturing and shipping that new device.

Notably, Microsoft is going to continue offering security updates to customers who pay for them, meaning that it would be trivial for the company to continue to offer critical security updates for free. This is notable because we have seen unpatched Windows computers and devices turned into ransomware and botnets, most notably the 2017 WannaCry ransomware attack, in which repurposed, leaked NSA hacking tools attacked computers running Windows XP and Windows Server 2003. WannaCry was one of the most devastating widespread cyberattacks in history.

Microsoft’s decision to sunset Windows 10 support is particularly concerning considering that more than 42 percent of all Windows users are currently using Windows 10. When Microsoft stopped supporting Windows 8, just 3.7 percent of computers were using it, and just 2.2 percent of Windows users were using Windows 8.1 when Microsoft stopped supporting that operating system.

“More than 40 percent of Windows users still use it,” Proctor said. “So to cut support for something that is legitimately a flagship product is bizarre. No one expects Microsoft to do software updates forever, but when 43 percent of your customers are using it, it’s not obsolete.”

Proctor and PIRG have launched a campaign pressuring Microsoft to extend support. Petitions and open letters of this sort aren’t known for being terribly effective, but when it comes to shaming companies into extending support for environmental and security reasons, there is one very big, very important precedent. In 2023, after widespread outrage from right to repair advocates, consumer rights groups, school districts, and enterprise buyers, Google agreed to extend automatic updates for Chromebooks to 10 years. The move saved millions of devices from going into landfills and ewaste facilities.

“What happened with Google and Chromebooks is an example that gives me hope that we can win,” Proctor said. “During the pandemic, schools bought massive quantities of Chromebooks, then it turns out that Chromebooks have this thing called the AUE [automatic update] date, which is a preset end of support date, which in some cases was just a couple years after the computers were brought brand new. There were photos from the Oakland Unified School District in California of thousands of working Chromebooks that were headed to the recycler because the AUE date had passed and they weren’t getting security updates, which meant they were ineligible to get some of the enterprise software they needed.”

“And so they were getting replaced by the thousands, and we organized a bunch of these school districts and institutional purchasers of Chromebooks,” he added. “Google initially resisted what we were doing, but then after a couple of months, they just flipped and said, ‘OK, we’re going to have 10 years minimum support timeline for all Chromebooks from here on out.’”

You can listen to and watch 404 Media’s full interview with Nathan Proctor here.




Meta tells its metaverse workers to push harder with AI; the massive Discord breach; and what happened when AI came for craft beer.#Podcast


Podcast: Meta Tells Workers to ‘Go 5x Faster’ with AI


We start this week with Jason’s article about an internal Meta message telling workers to increase their output by 5x with AI. That’s five times, not five percent. After the break, Joseph and Sam tell us all about the catastrophic Discord breach. In the subscribers-only section, Joseph explains what happened when AI came for craft beer (nothing is sacred).
playlist.megaphone.fm?e=TBIEA6…
Listen to the weekly podcast on Apple Podcasts,Spotify, or YouTube. Become a paid subscriber for access to this episode's bonus content and to power our journalism. If you become a paid subscriber, check your inbox for an email from our podcast host Transistor for a link to the subscribers-only version! You can also add that subscribers feed to your podcast app of choice and never miss an episode that way. The email should also contain the subscribers-only unlisted YouTube link for the extended video version too. It will also be in the show notes in your podcast player.
youtube.com/embed/VJLHVJ-OOj8?…




più vedo la gente e più mi convinco che non esista alcun senso di giustizia collettivo. poi magari facciamo le manifestazioni pro plaestinesi ma non pro ucraini o non pro curdi, e ci sentiamo buoni. ma non lo siamo, sia ben chiaro. perché conta più la giustizia che mostri verso le persone che incontri ogni giorno, la tua onestà, la tua voglia di servizio e non di sopraffazione, che fare una manifestazione. che un genitore insegni ai fligli il rispetto verso tutti i suoi compagni di scuola, che un genitore insegni il valore dello sport, specie verso gli avversari, che dimostri umanità insomma, quella che proprio manca. o a mostrare ai figli quando si guida il rispetto delle strisce pedonali, e di tutte le basilari regole di convivenza. se avessi un telecomando per cancellare l'umanità intera l'avrei già cancellata da un pezzo. (e non certo per la dieta onnivora)...


Roccella sui viaggi della Memoria: un ODG a Reggio Emilia


Abbiamo avuto modo di ascoltare le parole della Ministra Roccella sui Viaggi della Memoria, ridotti nella sua narrazione a semplici “Gite ad Auschwitz”. Evidentemente la Ministra non ha mai partecipato ad uno di essi, perché altrimenti saprebbe che le società storiche, che si occupano della formazione degli studenti e delle studentesse prima del viaggio, si soffermano sempre sulla storia dell’antisemitismo in Europa e di come si sia arrivati a considerarlo un pilastro fondante in alcune ideologie politiche. Esattamente Ministra, perché per il Nazismo prima, e per il Fascismo poi, adeguandosi alla volontà dell’alleato, l’antisemitismo era una base importante per mantenere il potere.

Al contempo, forse, la Ministra nasconde dietro l’accusa di odio religioso (antisemitismo) la volontà di censurare la critica all’agire politico di uno Stato nazionalista (antisionismo) come previsto dal DDL 1627, un’equiparazione e una pulizia della coscienza inaccettabile. Già, perché a firmare le Leggi Razziali, vorremmo ricordare, non furono Pertini o Gramsci, ma personaggi come Almirante il quale scriveva: “Il razzismo ha da essere cibo di tutti e per tutti, se veramente vogliamo che in Italia ci sia, e sia viva in tutti, la coscienza della razza”. Nello stesso articolo, uscito nel 1942, parlava degli ebrei come persone che simulavano l’essere italiani e che andavano ricercati perché avevano avuto l’ardire di mischiarsi, come i meticci, con il sangue italiano. I Viaggi della Memoria servono a questo, a capire la Storia, a non ripeterla, ad ammettere che in Italia l’odio razziale verso gli ebrei è esistito soprattutto sotto il fascismo che lo vedeva come un’estensione della lotta al comunismo militante, seguendo così le teorie naziste.

Proprio per questo, nella giornata di ieri, il gruppo “Verdi e Possibile” ha presentato un OdG urgente a firma del nostro consigliere Alessandro Miglioli in cui si chiedeva di prendere le distanze dalle affermazioni della Ministra. La Storia è una materia delicata che va capita e non abusata per lanciare la palla da una parte all’altra del campo politico o per ripulire la propria memoria storica fondata sulla violenza e sull’odio.

L'articolo Roccella sui viaggi della Memoria: un ODG a Reggio Emilia proviene da Possibile.



📣Il 16 e 17 ottobre il #MIM sarà al #SalonedelloStudente di Milano, presso il Parco Esposizioni Novegro, con uno spazio istituzionale dedicato a studenti, famiglie, al mondo della scuola e all’innovazione didattica.


Maverick: a new banking Trojan abusing WhatsApp in a mass-scale distribution


A malware campaign was recently detected in Brazil, distributing a malicious LNK file using WhatsApp. It targets mainly Brazilians and uses Portuguese-named URLs. To evade detection, the command-and-control (C2) server verifies each download to ensure it originates from the malware itself.
The whole infection chain is complex and fully fileless, and by the end, it will deliver a new banking Trojan named Maverick, which contains many code overlaps with Coyote. In this blog post, we detail the entire infection chain, encryption algorithm, and its targets, as well as discuss the similarities with known threats.

Key findings:


  • A massive campaign disseminated through WhatsApp distributed the new Brazilian banking Trojan named “Maverick” through ZIP files containing a malicious LNK file, which is not blocked on the messaging platform.
  • Once installed, the Trojan uses the open-source project WPPConnect to automate the sending of messages in hijacked accounts via WhatsApp Web, taking advantage of the access to send the malicious message to contacts.
  • The new Trojan features code similarities with another Brazilian banking Trojan called Coyote; however, we consider Maverick to be a new threat.
  • The Maverick Trojan checks the time zone, language, region, and date and time format on infected machines to ensure the victim is in Brazil; otherwise, the malware will not be installed.
  • The banking Trojan can fully control the infected computer, taking screenshots, monitoring open browsers and websites, installing a keylogger, controlling the mouse, blocking the screen when accessing a banking website, terminating processes, and opening phishing pages in an overlay. It aims to capture banking credentials.
  • Once active, the new Trojan will monitor the victims’ access to 26 Brazilian bank websites, 6 cryptocurrency exchange websites, and 1 payment platform.
  • All infections are modular and performed in memory, with minimal disk activity, using PowerShell, .NET, and shellcode encrypted using Donut.
  • The new Trojan uses AI in the code-writing process, especially in certificate decryption and general code development.
  • Our solutions have blocked 62 thousand infection attempts using the malicious LNK file in the first 10 days of October, only in Brazil.


Initial infection vector


The infection chain works according to the diagram below:

The infection begins when the victim receives a malicious .LNK file inside a ZIP archive via a WhatsApp message. The filename can be generic, or it can pretend to be from a bank:

The message said, “Visualization allowed only in computers. In case you’re using the Chrome browser, choose “keep file” because it’s a zipped file”.

The LNK is encoded to execute cmd.exe with the following arguments:

The decoded commands point to the execution of a PowerShell script:

The command will contact the C2 to download another PowerShell script. It is important to note that the C2 also validates the “User-Agent” of the HTTP request to ensure that it is coming from the PowerShell command. This is why, without the correct “User-Agent”, the C2 returns an HTTP 401 code.

The entry script is used to decode an embedded .NET file, and all of this occurs only in memory. The .NET file is decoded by dividing each byte by a specific value; in the script above, the value is “174”. The PE file is decoded and is then loaded as a .NET assembly within the PowerShell process, making the entire infection fileless, that is, without files on disk.

Initial .NET loader


The initial .NET loader is heavily obfuscated using Control Flow Flattening and indirect function calls, storing them in a large vector of functions and calling them from there. In addition to obfuscation, it also uses random method and variable names to hinder analysis. Nevertheless, after our analysis, we were able to reconstruct (to a certain extent) its main flow, which consists of downloading and decrypting two payloads.

The obfuscation does not hide the method’s variable names, which means it is possible to reconstruct the function easily if the same function is reused elsewhere. Most of the functions used in this initial stage are the same ones used in the final stage of the banking Trojan, which is not obfuscated. The sole purpose of this stage is to download two encrypted shellcodes from the C2. To request them, an API exposed by the C2 on the “/api/v1/” routes will be used. The requested URL is as follows:

  • hxxps://sorvetenopote.com/api/v1/3d045ada0df942c983635e

To communicate with its API, it sends the API key in the “X-Request-Headers” field of the HTTP request header. The API key used is calculated locally using the following algorithm:

  • “Base64(HMAC256(Key))”

The HMAC is used to sign messages with a specific key; in this case, the threat actor uses it to generate the “API Key” using the HMAC key “MaverickZapBot2025SecretKey12345”. The signed data sent to the C2 is “3d045ada0df942c983635e|1759847631|MaverickBot”, where each segment is separated by “|”. The first segment refers to the specific resource requested (the first encrypted shellcode), the second is the infection’s timestamp, and the last, “MaverickBot”, indicates that this C2 protocol may be used in future campaigns with different variants of this threat. This ensures that tools like “wget” or HTTP downloaders cannot download this stage, only the malware.

Upon response, the encrypted shellcode is a loader using Donut. At this point, the initial loader will start and follow two different execution paths: another loader for its WhatsApp infector and the final payload, which we call “MaverickBanker”. Each Donut shellcode embeds a .NET executable. The shellcode is encrypted using a XOR implementation, where the key is stored in the last bytes of the binary returned by the C2. The algorithm to decrypt the shellcode is as follows:

  • Extract the last 4 bytes (int32) from the binary file; this indicates the size of the encryption key.
  • Walk backwards until you reach the beginning of the encryption key (file size – 4 – key_size).
  • Get the XOR key.
  • Apply the XOR to the entire file using the obtained key.


WhatsApp infector downloader


After the second Donut shellcode is decrypted and started, it will load another downloader using the same obfuscation method as the previous one. It behaves similarly, but this time it will download a PE file instead of a Donut shellcode. This PE file is another .NET assembly that will be loaded into the process as a module.

One of the namespaces used by this .NET executable is named “Maverick.StageOne,” which is considered by the attacker to be the first one to be loaded. This download stage is used exclusively to download the WhatsApp infector in the same way as the previous stage. The main difference is that this time, it is not an encrypted Donut shellcode, but another .NET executable—the WhatsApp infector—which will be used to hijack the victim’s account and use it to spam their contacts in order to spread itself.

This module, which is also obfuscated, is the WhatsApp infector and represents the final payload in the infection chain. It includes a script from WPPConnect, an open-source WhatsApp automation project, as well as the Selenium browser executable, used for web automation.

The executable’s namespace name is “ZAP”, a very common word in Brazil to refer to WhatsApp. These files use almost the same obfuscation techniques as the previous examples, but the method’s variable names remain in the source code. The main behavior of this stage is to locate the WhatsApp window in the browser and use WPPConnect to instrument it, causing the infected victim to send messages to their contacts and thus spread again. The file sent depends on the “MaverickBot” executable, which will be discussed in the next section.

Maverick, the banking Trojan


The Maverick Banker comes from a different execution branch than the WhatsApp infector; it is the result of the second Donut shellcode. There are no additional download steps to execute it. This is the main payload of this campaign and is embedded within another encrypted executable named “Maverick Agent,” which performs extended activities on the machine, such as contacting the C2 and keylogging. It is described in the next section.

Upon the initial loading of Maverick Banker, it will attempt to register persistence using the startup folder. At this point, if persistence does not exist, by checking for the existence of a .bat file in the “Startup” directory, it will not only check for the file’s existence but also perform a pattern match to see if the string “for %%” is present, which is part of the initial loading process. If such a file does not exist, it will generate a new “GUID” and remove the first 6 characters. The persistence batch script will then be stored as:

  • “C:\Users\<user>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\” + “HealthApp-” + GUID + “.bat”.

Next, it will generate the bat command using the hardcoded URL, which in this case is:

  • “hxxps://sorvetenopote.com” + “/api/itbi/startup/” + NEW_GUID.

In the command generation function, it is possible to see the creation of an entirely new obfuscated PowerShell script.

First, it will create a variable named “$URL” and assign it the content passed as a parameter, create a “Net.WebClient” object, and call the “DownloadString.Invoke($URL)” function. Immediately after creating these small commands, it will encode them in base64. In general, the script will create a full obfuscation using functions to automatically and randomly generate blocks in PowerShell. The persistence script reassembles the initial LNK file used to start the infection.

This persistence mechanism seems a bit strange at first glance, as it always depends on the C2 being online. However, it is in fact clever, since the malware would not work without the C2. Thus, saving only the bootstrap .bat file ensures that the entire infection remains in memory. If persistence is achieved, it will start its true function, which is mainly to monitor browsers to check if they open banking pages.

The browsers running on the machine are checked for possible domains accessed on the victim’s machine to verify the web page visited by the victim. The program will use the current foreground window (window in focus) and its PID; with the PID, it will extract the process name. Monitoring will only continue if the victim is using one of the following browsers:

* Chrome
* Firefox
* MS Edge
* Brave
* Internet Explorer
* Specific bank web browser

If any browser from the list above is running, the malware will use UI Automation to extract the title of the currently open tab and use this information with a predefined list of target online banking sites to determine whether to perform any action on them. The list of target banks is compressed with gzip, encrypted using AES-256, and stored as a base64 string. The AES initialization vector (IV) is stored in the first 16 bytes of the decoded base64 data, and the key is stored in the next 32 bytes. The actual encrypted data begins at offset 48.

This encryption mechanism is the same one used by Coyote, a banking Trojan also written in .NET and documented by us in early 2024.

If any of these banks are found, the program will decrypt another PE file using the same algorithm described in the .NET Loader section of this report and will load it as an assembly, calling its entry point with the name of the open bank as an argument. This new PE is called “Maverick.Agent” and contains most of the banking logic for contacting the C2 and extracting data with it.

Maverick Agent


The agent is the binary that will do most of the banker’s work; it will first check if it is running on a machine located in Brazil. To do this, it will check the following constraints:

What each of them does is:

  • IsValidBrazilianTimezone()
    Checks if the current time zone is within the Brazilian time zone range. Brazil has time zones between UTC-5 (-300 min) and UTC-2 (-120 min). If the current time zone is within this range, it returns “true”.
  • IsBrazilianLocale()
    Checks if the current thread’s language or locale is set to Brazilian Portuguese. For example, “pt-BR”, “pt_br”, or any string containing “portuguese” and “brazil”. Returns “true” if the condition is met.
  • IsBrazilianRegion()
    Checks if the system’s configured region is Brazil. It compares region codes like “BR”, “BRA”, or checks if the region name contains “brazil”. Returns “true” if the region is set to Brazil.
  • IsBrazilianDateFormat()
    Checks if the short date format follows the Brazilian standard. The Brazilian format is dd/MM/yyyy. The function checks if the pattern starts with “dd/” and contains “/MM/” or “dd/MM”.

Right after the check, it will enable appropriate DPI support for the operating system and monitor type, ensuring that images are sharp, fit the correct scale (screen zoom), and work well on multiple monitors with different resolutions. Then, it will check for any running persistence, previously created in “C:\Users\<user>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\”. If more than one file is found, it will delete the others based on “GetCreationTime” and keep only the most recently created one.

C2 communication


Communication uses the WatsonTCP library with SSL tunnels. It utilizes a local encrypted X509 certificate to protect the communication, which is another similarity to the Coyote malware. The connection is made to the host “casadecampoamazonas.com” on port 443. The certificate is exported as encrypted, and the password used to decrypt it is Maverick2025!. After the certificate is decrypted, the client will connect to the server.

For the C2 to work, a specific password must be sent during the first contact. The password used by the agent is “101593a51d9c40fc8ec162d67504e221”. Using this password during the first connection will successfully authenticate the agent with the C2, and it will be ready to receive commands from the operator. The important commands are:

CommandDescription
INFOCLIENTReturns the information of the agent, which is used to identify it on the C2. The information used is described in the next section.
RECONNECTDisconnect, sleep for a few seconds, and reconnect again to the C2.
REBOOTReboot the machine
KILLAPPLICATIONExit the malware process
SCREENSHOTTake a screenshot and send it to C2, compressed with gzip
KEYLOGGEREnable the keylogger, capture all locally, and send only when the server specifically requests the logs
MOUSECLICKDo a mouse click, used for the remote connection
KEYBOARDONECHARPress one char, used for the remote connection
KEYBOARDMULTIPLESCHARSSend multiple characters used for the remote connection
TOOGLEDESKTOPEnable remote connection and send multiple screenshots to the machine when they change (it computes a hash of each screenshot to ensure it is not the same image)
TOOGLEINTERNGet a screenshot of a specific window
GENERATEWINDOWLOCKEDLock the screen using one of the banks’ home pages.
LISTALLHANDLESOPENEDSSend all open handles to the server
KILLPROCESSKill some process by using its handle
CLOSEHANDLEClose a handle
MINIMIZEHANDLEMinimize a window using its handle
MAXIMIZEHANDLEMaximize a window using its handle
GENERATEWINDOWREQUESTGenerate a phishing window asking for the victim’s credentials used by banks
CANCELSCREENREQUESTDisable the phishing window

Agent profile info

In the “INFOCLIENT” command, the information sent to the C2 is as follows:

  • Agent ID: A SHA256 hash of all primary MAC addresses used by all interfaces
  • Username
  • Hostname
  • Operating system version
  • Client version (no value)
  • Number of monitors
  • Home page (home): “home” indicates which bank’s home screen should be used, sent before the Agent is decrypted by the banking application monitoring routine.
  • Screen resolution


Conclusion


According to our telemetry, all victims were in Brazil, but the Trojan has the potential to spread to other countries, as an infected victim can send it to another location. Even so, the malware is designed to target only Brazilians at the moment.
It is evident that this threat is very sophisticated and complex; the entire execution chain is relatively new, but the final payload has many code overlaps and similarities with the Coyote banking Trojan, which we documented in 2024. However, some of the techniques are not exclusive to Coyote and have been observed in other low-profile banking Trojans written in .NET. The agent’s structure is also different from how Coyote operated; it did not use this architecture before.
It is very likely that Maverick is a new banking Trojan using shared code from Coyote, which may indicate that the developers of Coyote have completely refactored and rewritten a large part of their components.
This is one of the most complex infection chains we have ever detected, designed to load a banking Trojan. It has infected many people in Brazil, and its worm-like nature allows it to spread exponentially by exploiting a very popular instant messenger. The impact is enormous. Furthermore, it demonstrates the use of AI in the code-writing process, specifically in certificate decryption, which may also indicate the involvement of AI in the overall code development. Maverick works like any other banking Trojan, but the worrying aspects are its delivery method and its significant impact.
We have detected the entire infection chain since day one, preventing victim infection from the initial LNK file. Kaspersky products detect this threat with the verdict HEUR:Trojan.Multi.Powenot.a and HEUR:Trojan-Banker.MSIL.Maverick.gen.

IoCs

DominioIPASN
casadecampoamazonas[.]com181.41.201.184212238
sorvetenopote[.]com77.111.101.169396356

securelist.com/maverick-banker…



Keep That Engine Running, With a Gassifier


Every now and then in histories of the 20th’s century’s earlier years, you will see pictures of cars and commercial vehicles equipped with bulky drums, contraptions to make their fuel from waste wood. These are portable gas generators known as gasifiers, and to show how they work there’s [Greenhill Forge] with a build video.
A gasifier on a vintage tractorA gasifier on a vintage tractor. Per Larssons Museum, CC BY 2.5.
When you burn a piece of wood, you expect to see flame. But what you are looking at in that flame are the gaseous products of the wood breaking down under the heat of combustion. The gasifier carefully regulates a burn to avoid that final flame, with the flammable gasses instead being drawn off for use as fuel.

The chemistry is straightforward enough, with exothermic combustion producing heat, water vapour, and carbon dioxide, before a further endothermic reduction stage produces carbon monoxide and hydrogen. He’s running his system from charcoal which is close to pure carbon presumably to avoid dealing with tar, and at this stage he’s not adding any steam, so we’re a little mystified as to where the hydrogen comes from unless there is enough water vapour in the air.

His retort is fabricated from sheets steel, and is followed by a cyclone and a filter drum to remove particulates from the gas. It relies on a forced air draft from a fan or a small internal combustion engine, and we’re surprised both how quickly it ignites and how relatively low a temperature the output gas settles at. The engine runs with a surprisingly simple gas mixer in place of a carburetor, and seems to be quite smooth in operation.

This is one of those devices that has fascinated us for a long time, and we’re grateful for the chance to see it up close. The video is below the break, and we’re promised a series of follow-ups as the design is refined.

youtube.com/embed/nXEDKRbiJe4?…


hackaday.com/2025/10/15/keep-t…



Rubik’s WOWCube: What Really Makes a Toy?


If there ever was a toy that enjoys universal appeal and recognition, the humble Rubik’s Cube definitely is on the list. Invented in 1974 by sculptor and professor of architecture Ernő Rubik with originally the name of Magic Cube, it features a three-by-three grid of colored surfaces and an internal mechanism which allows for each of these individual sections of each cube face to be moved to any other face. This makes the goal of returning each face to its original single color into a challenge, one which has both intrigued and vexed many generations over the decades. Maybe you’ve seen one?

Although there have been some variations of the basic 3×3 grid cube design over the years, none have been as controversial as the recently introduced WOWCube. Not only does this feature a measly 2×2 grid on each face, each part of the grid is also a display that is intended to be used alongside an internal processor and motion sensors for digital games. After spending many years in development, the Rubik’s WOWCube recently went up for sale at $299, raising many questions about what market it’s really targeting.

Is the WOWCube a ‘real’ Rubik’s Cube, and what makes something into a memorable toy and what into a mere novelty gadget that is forgotten by the next year like a plague of fidget spinners?

The Cube’s Genius

Rubik's Cube components with the nylon core visible. (Credit: Encik Tekateki)Rubik’s Cube components with the nylon core visible. (Credit: Encik Tekateki)
Originally created as a 3D visualization aid for Rubik’s students, the key to the Cube is a sphere. Specifically, the rotation occurs around said internal sphere, with the outer elements interlocked in such a way that they allow for free movement along certain planes. It is this simple design that was turned into a toy by the 1980s, with its popularity surging and never really fading.

There are a few definitions of a ‘toy’, which basically all come down to ‘an object to play with’, meaning something that provides pleasure through act of interacting with it, whether that’s in the innocent sense of a child’s playing time, or the mind-in-gutter adult sense. These objects are thus effectively without real purpose other than to provide entertainment and potentially inflict basic skills on a developing mind.

Although this may seem like a clear-cut distinction, there is a major grey zone, inside of which we find things like of ‘educational toys’ and games like chess. These are toys which are explicitly designed to only provide some kind of reward after a puzzle is solved, often requiring various levels of mental exertion.

It’s hard to argue that a Rubik’s Cube isn’t an educational toy, especially considering its original purpose within the education system. After shuffling the faces of the cube, the goal is to somehow move the individual blocks of color back to their fellow colors on a singular face. This is a process that can be done through a variety of methods, the easiest of which is to recognize the patterns that are formed by the colors.

Generally, solving a Rubik’s Cube is done algorithmically, using visual recognition of patterns and applying the appropriate response. While a casual ‘Cuber’ can solve a standard 3×3 cube in less than half an hour using the basic layer-by-layer algorithm, so-called speedcubers can knock this down to a few seconds by applying far more complicated algorithms. As of May 2025 the world record for fastest single solve stands at 3.05 seconds, achieved by Xuanyi Geng.

In this regard, one can easily put Rubik’s Cube in the same general ‘toy’ category as games like chess, go, and shogi. Although the Cube isn’t by itself a multiplayer game, it also clearly invites competition and a social atmosphere in which to better oneself at the game.

Does It WOW?


With the Cube so firmly established in the global community’s psyche and the multi-colored ‘toy’ a symbol of why paying attention during math classes can absolutely pay off later in life, this brings us to the WOWCube. Looking at the official website for the item, one can’t help but feel less than inspired.
Would you rather play this than solve a Rubik's Cube? (Credit: WOWCube)Would you rather play this than solve a Rubik’s Cube? (Credit: WOWCube)
Backing up a bit, the device itself is already a major departure from the Cube. Although the WOWCube’s price tag at $299 is absolutely worthy of a ‘Wow’, the 2×2 configuration is decidedly underwhelming. Yes, it rotates like a Cube, and you could use it like a regular 2×2 Cube if that is your thing and you hate a challenge, but the general vibe is that you’re supposed to be playing the equivalent of Flash or phone games on the screens, in addition to using it like a geometrically-challenged smartphone to display statuses and notifications.

For these applications you have the use of a total of 24 1.4″ IPS LC displays, each with a 240 x 240 resolution. Due to the 2×2 configuration, you have eight blocks that can be moved around, each with its own built-in processor, battery, speaker and 6-axis IMU sensor for gyroscope and accelerometer functionality. These blocks communicate with each other using a magnetic system, and after up to five hours of play time you have to recharge it on the special charger.

Currently you can only pre-order the special Rubik’s WOWCube, with delivery expected ‘by Christmas 2025’. You can however get a good idea of what the experience will be like from videos like the 2022 review video of a pre-production unit by MetalJesusRocks, who also helpfully did a teardown while reconnecting the battery in one block after it disconnected during use.
The 2022 preproduction WOWCube with a block removed. (Credit: MetalJesusRocks, YouTube)The 2022 preproduction WOWCube with a block removed. (Credit: MetalJesusRocks, YouTube)
The internals of a 2022-era WOWCube block. (Credit: MetalJesusRocks, YouTube)The internals of a 2022-era WOWCube block. (Credit: MetalJesusRocks, YouTube)

Although this happened with a preproduction unit, it provides some indications regarding the expected lifespan of a WOWCube, as these devices are likely to experience constant mechanical forces being applied to it. With no touchscreen, you have to sometimes rather violently tap the cube or shake it to register user input, which will likely do wonders for long-term reliability.

In the earlier referenced pre-production review, the conclusion was – especially after having a group of random folk try it out – that although definitely an interesting device, it’s too expensive and too confused about who or what it is targeting. This is also the vibe in a brief production unit review by major gadget YouTube channel Mrwhosetheboss, whose ‘Overkill Toys’ video spent a few minutes fiddling with a 2023-era, $599 Black Edition WOWCube before giving it the ‘impressive, but why’ thumbs down.

This also reveals the interesting aspect here, namely that the WOWCube never was designed by the Rubik’s Cube company for Rubik’s Cube users, but rather it’s the Cubios Inc. company that created the WOWCube Entertainment System. The company that owns the Rubik’s brand name, Spin Master, has decided to make this $299 version of with official Rubik’s Cube branding. Basically, you could have bought your own WOWCube all along for the past few years now.

More Of A MehCube


Considering the overwhelming chorus of crickets that greeted the release of earlier versions of the WOWCube Entertainment System, it seems unlikely that slapping Rubik’s Cube branding on a WOWCube will do much to change the outcome. Although Cube enthusiasts don’t mind shelling out a few hundred bucks for a magnetically levitated, fairy dust-lubricated Cube to gain that 0.1 second advantage in competitive solving, this is totally distinct from this WOWCube product.

While absolutely impressive from a technological perspective, and likely a fun toy for (adult) children who can use it to keep themselves occupied with a range of potentially educational games, the price tag and potentially fragile nature of the device rather sours the deal. You do not want to give the WOWCube to a young child who may drop it harder than a $1,400 iPad, while giving Junior a dodgy $5 Rubik’s Cube clone to develop their algorithmic skills with is far less of a concern.

So if Rubik’s Cube fans don’t seem interested in this device, and the average person might be interested, but only if it was less than $100, it would seem that the WOWCube is condemned to be just another overpriced gadget, and not some kind of ‘digital re-imagining’ of the veritable Cube, as much as the marketing makes you want to sign up for a WOWClub subscription and obligatory ‘AI’ features.


hackaday.com/2025/10/15/rubiks…



More Than 100 Sub-Circuit Designs from Texas Instruments


The Texas Instruments branding with some schematic symbols in background.

We were recently tipped off to quite a resource — on the Texas Instruments website, there’s a page where you can view and download a compendium of analog sub-circuits.

Individual circuits can be downloaded in the form of PDF files. If you chose to register (which is free), you’ll also gain access to the pair of e-books listed at the bottom of the page: Analog Engineer’s Circuit Cookbook: Amplifiers and Analog Engineer’s Circuit Cookbook: Data Converters. The data converter circuits can be further subdivided into analog-to-digital converter (ADC) circuits and digital-to-analog converter (DAC) circuits.

There are more than 60 amplifier circuits including basic circuits, current sensing circuits, signal sources, current sources, filters, non-linear circuits (rectifiers/clamps/peak detectors), signal conditioning, comparators, sensor acquisition, audio, and integrated amplifier circuits using MSP430 microcontrollers.

You’ll also find 39 analog-to-digital converter (ADC) circuits including low-power, small size, and cost optimized circuits; level translation and input drive circuits; low-level sensor input circuits; input protection, filtering and isolation circuits; and commonly used auxiliary circuits. Finally, there are 15 digital-to-analog converter (DAC) circuits including audio outputs, auxiliary and biasing circuits, current sources, and voltage sources.

Thanks to [Lee Leduc] for letting us know over on the EEVblog Forum.


hackaday.com/2025/10/15/more-t…



“È un segno di speranza. Mentre tutti cercavano di scappare, di uscire e mettersi in salvo, sacerdoti, religiosi e religiose hanno fatto la scelta opposta”. Cosi il card.


“La grande questione non è se l’intelligenza artificiale sia potente, ma come la stiamo utilizzando. Serve una vera e propria algor-etica”. Lo ha detto il card.


“Avendo chiuso il capitolo Gaza, spero che il presidente Trump possa dedicarsi e impegnarsi maggiormente a cercare una via d’uscita alla guerra in Ucraina”. Lo ha detto il card.



Venerdì prossimo, 17 ottobre, è in programma un briefing sulla visita di Stato dei reali d’Inghilterra al Papa. Lo rende noto oggi la Sala stampa della Santa Sede, inserendolo nel calendario degli eventi.






Britisches Gericht zu Clearview AI: Datenschutz gilt auch für biometrische Überwachung aus dem Ausland


netzpolitik.org/2025/britische…

Gazzetta del Cadavere reshared this.



Elicotteri, carri armati e droni. Le novità dell’Esercito Usa in mostra all’Ausa 2025

@Notizie dall'Italia e dal mondo

All’Annual meeting dell’association of the United States army (Ausa), a Washington, il messaggio è stato chiaro. L’Esercito americano sta cambiando. La principale fiera della difesa terrestre, vetrina delle innovazioni e punto d’incontro tra industria e




MADAGASCAR. Deposto Rajoelina, al potere i militari


@Notizie dall'Italia e dal mondo
Dopo due settimane di proteste popolari e di crescente dissenso all’interno delle forze armate, il capo dello stato è stato ufficialmente deposto da un intervento del Capsat
L'articolo MADAGASCAR. Deposto pagineesteri.it/2025/10/16/med…



si può cercare la pace o la guerra. cercare di sterminare il nemico in mondo da firmare la pace alla fine per conto proprio, come unico interlocutore sopravvissuto, provoca una grave maledizione sul popolo che ha fatto tutto questo...

reshared this



se israele non sostiene di avere un problema con i propri coloni israeliani in cisgiodania, ma sostiene di avere un problema con i "terroristi" /tutti i palestinesi, io ho difficoltà a ritenere israele un interlocutore valido, e pensare che israele parli onestamente e non mi stia prendendo per il culo...

reshared this



combattere l'anti-semitismo è ovviamente sacrosanto (perlomeno in quando discriminazione verso una qualsiasi categoria), ma chissà per quante persone questo significa uccidere tutti i palestinesi (o ridurli alla fame) senza ovviamente che questo sia un genocidio (il corretto genocidio per definizione è solo quello subito dagli ebrei a opera di hitler, unico ed inimitabile per crudeltà). forse se più genericamente invocassimo una civiltà più libera, per tutti (anche per quelli che ci stanno sulle palle) questi contrasti neppure si verificherebbero. chi è causa del suo male pianga se stesso. i coloni israeliani, fuori israele, stanno costruendo un mondo migliore di rispetto con gli abitanti della cisgiordania con i quali a quanto pare, secondo molti, NON sono in conflitto (le armi che hanno a casa servono per il tiro al piattello)?


Apple prende a bordo il colosso cinese dell’auto Byd

L'articolo proviene da #StartMag e viene ricondiviso sulla comunità Lemmy @Informatica (Italy e non Italy 😁)
Con l'asiatica Byd l'americana Apple avrebbe sviluppato le batterie per l'auto elettrica Project Titan, abbandonata nei garage di Cupertino. Il fallimento di quel prototipo non ha però interrotto quella curiosa collaborazione che



GAZA. Infantino (Fifa) ha ignorato i massacri, ora parla di ricostruzione


@Notizie dall'Italia e dal mondo
La presenza a Sharm El Sheikh su invito di Trump del presidente della Federazione Calcio non è legata alla ricostruzione degli stadi, ma a molteplici interessi politici ed economici. Infantino negli ultimi anni ha impedito l'esclusione del calcio israeliano dalle




Ragazzi sempre più classificati e spesa per l’aiuto previsto

@Politica interna, europea e internazionale

Nelle scuole italiane cresce ogni anno il numero di bambini e ragazzi che hanno bisogno di sostegno perché – a detta degli insegnanti – manifestano difficoltà. La richiesta è esplosa al punto da rendere difficile distinguere una condizione reale da ciò che, in fondo, è una normale fase



Genova, una jihad contro le donne


@Giornalismo e disordine informativo
articolo21.org/2025/10/genova-…
(Il brano che segue è tratto dal romanzo di Roberto Bertoni “Raccontami ogni cosa. Genova, per non dimenticare”, uscito il 15 ottobre per Santelli. CRATERI Penso spesso a lei, che all’epoca era una studentessa dai lineamenti dolci, bellissima anche se non appariscente. Penso



Sicurezza cognitiva. Come si difende l’Europa quando il campo di battaglia è la mente

@Notizie dall'Italia e dal mondo

Droni che violano gli spazi aerei, profili psicometrici che anticipano le reazioni di cittadini e leader, deepfake sempre più convincenti e cloni di siti media che replicano perfettamente i loghi istituzionali. La guerra ibrida ha abbandonato il confine tra reale e virtuale e si combatte oggi





Regionali Toscana 2020
Lega Salvini Premier 21,78

Regionali Toscana 2025
Lega Toscana per Salvini Premier 4,38

In Toscana, aver appaltato la gestione della campagna a Vannacci ha indubbiamente avuto un impatto.

#Lega

#Lega




Gianluca Soncin. Anzi, il Gianluca, ué figa!


Questo signore con l'aria un po' alla Gèc Nìcolson si chiama Gianluca (ué figa) Soncin.
Ha una cinquantina d'anni, proprio come il vignaiolo Emanuele Ragnedda; è nato a Biella e abita a Cervia.
Veste con eleganza, e la cosa già dovrebbe destare sospetti.
Secondo il gazzettaio del 16 ottobre 2025 guadagna denaro vendendo e comprando automobili invece che facendo strizzare frutta per venderne il succo fermentato, e ha anche lui i comportamenti di consumo di chi guadagna -o meglio, di chi vuol fare intendere di guadagnare- molto denaro.
Il che dovrebbe destare ancora più sospetti.
Chi guadagna molto denaro dovrebbe essere contento di non doversela vedere con l'indigenza.
Invece chi guadagna molto denaro -e soprattutto chi vuol fare intendere di guadagnarne- risulta per lo più decisamente antipatico.
Il che fa aumentare i sospetti e li rafforza.
Se poi si legge che una volta stretta con burocratica rapidità una relazione peccaminosa con un individuo consimile di sesso opposto -solo con i costumi da bagno al posto delle automobili- lo avrebbe esortato, incentivato e accompagnato all'uso di "sostanze psicotrope", i sospetti diventano certezze.
Una attendibile ricostruzione dei comportamenti di consumo e della natura delle relazioni tra individui di questo genere non è certo ricavabile dal gazzettaio; unica fonte documentale minimamente attendibile sarebbero i rispettivi estratti conto.
Ma insomma, dal poco che si può capire -oltre a vendere e comprare automobili- Gianluca Soncin nel corso degli ultimi due anni avrebbe trovato il tempo per le seguenti attività relazionali, non si sa se remunerate o meno.
L'epilogo si è tenuto in un quartiere della periferia milanese eloquentemente privo di qualsiasi caratteristica instagrammabile.
La coprotagonista è sempre la stessa, che a distanza di chissà quanti anni verrà ricordata come una "fotomodella a cui piace vestire alla modo [sic] rigorosamente firmato, uscire con gli amici, viaggiare per il mondo e gustarsi ogni momento della giornata per essere felice".

Estate 2024: viaggio all’Elba. Lui la tempesta di calci e pugni durante una lite, e «cerca di buttarla dal balcone».
Settembre 2024: un’altra aggressione, questa volta durante una gita a Venezia.
Lo scorso aprile lei vuole chiudere la relazione. Lascia Cervia. Lui l’avverte: «Se mi lasci t’ammazzo, e ammazzo tua madre». Pamela spaventata si sfoga con l’ex: «Non posso lasciarlo altrimenti m’ammazza». Tra loro è un tira e molla.
Il 9 maggio, nella casa di Milano interviene la polizia per una lite.
Gli episodi si moltiplicano.
Ad agosto lui le punta una pistola alla pancia.
Sabato scorso, durante una gita a Padova, lui minaccia di ucciderle il cane, la schiaffeggia.
Dopo quel giorno, lei lo caccia di casa.


Solo che il Gianluca (ué figa) si era fatto una copia delle chiavi.



Questo essere l'ha detto veramente? l'UE è l'antidoto per le guerre? Ma vive in questo mondo o in un mondo parallelo? Fategli ascoltare le dichiarazioni delle varie Von Der Layen, Kallas, Metsola, Merz, Tusk ecc. Veramente senza parole, VERGOGNATI!



Rapporto Politico e Umanitario sulle Barriere e i Checkpoint nella Cisgiordania Occupata
A cura dell’Unità di Monitoraggio per i Diritti Umani – Associazione dei Palestinesi in Italia
Nel cuore della Cisgiordania occupata, oltre 1274 cancelli metallici e checkpoint militari israeliani bloccano quotidianamente la vita dei palestinesi. Queste barriere, installate agli ingressi delle città, tra i villaggi e lungo le strade riservate esclusivamente ai coloni israeliani, costituiscono un sistema di separazione forzata e un vero e proprio regime di apartheid moderno.
Ogni giorno, studenti, lavoratori, impiegati, malati, donne incinte e anziani sono costretti ad attendere ore intere sotto il sole cocente o il freddo solo per attraversare queste barriere per andare al lavoro, a scuola o in ospedale.
Situazione attuale:
• Alcuni checkpoint sono aperti solo in orari specifici: chi arriva tardi deve passare la notte fuori casa.
• I soldati israeliani esercitano forme sistematiche di umiliazione, attraverso controlli minuziosi, domande provocatorie e ritardi intenzionali.
• In posti come il checkpoint di Qalandiya, i cittadini sono costretti a scendere dai mezzi, passare per tunnel e subire controlli corporei estenuanti, come se stessero attraversando una frontiera internazionale.
• L’accesso ai territori del 1948 (Israele) richiede permessi complessi, più difficili di un visto turistico, concessi in modo arbitrario, rendendo la vita palestinese un mosaico di enclavi isolate (bantustan) senza connessione geografica.
Implicazioni umanitarie e politiche:
• Frammentazione del tessuto sociale e territoriale palestinese.
• Impossibilità di creare uno Stato palestinese contiguo e sovrano.
• Violazioni gravi del diritto internazionale, in particolare del diritto alla libertà di movimento.
• Rafforzamento di un sistema di apartheid riconosciuto da numerose organizzazioni internazionali.
Chiediamo alla comunità internazionale, alle organizzazioni per i diritti umani e alla coscienza globale di:
• Agire per la rimozione delle barriere.
• Fermare il regime di permessi arbitrari.
• Garantire la libertà di movimento per il popolo palestinese.

14/10/2025
Associazione dei Palestinesi in Italia (API)

luke15n 🐳 reshared this.