If you’ve got an RTL-SDR compatible receiver, you’ve probably used it for picking up signals from all kinds of weird things. Now, [Jaron McDaniel] has built a tool to integrate many such devices into the world of Home Assistant.

It’s called RTL-HAOS, and it’s intended to act as a bridge. Whatever you can pick up using the RTL_433 tool, you can set up with Home Assistant using RTL-HAOS. If you’re unfamiliar with RTL_433, it’s a multitalented data receiver for picking up all sorts of stuff on a range of bands using RTL-SDR receivers, as well as a range of other hardware. While it’s most closely associated with products that communicate in the 433 MHz band, it can also work with products that talk in 868 MHz, 315 MHz, 345 MHz, and 915 MHz, assuming your hardware supports it. Out of the box, it’s capable of working with everything from keyless entry systems to thermostats, weather stations, and energy monitors. You can even use it to listen to the tire pressure monitors in your Fiat Abarth 124 Spider, if you’re so inclined.

[Jaron’s] tool integrates these devices nicely into Home Assistant, where they’ll appear automatically thanks to MQTT discovery. It also offers nice signal metrics like RSSI and SNR, so you can determine whether a given link is stable. You can even use multiple RTL-SDR dongles if you’re so inclined. If you’re eager to pull some existing environmental sensors into your smart home, this may prove a very easy way to do it.

The cool thing about Home Assistant is that hackers are always working to integrate more gear into the ecosystem. Oftentimes, they’re far faster and more efficient at doing this than big-name corporations. Meanwhile, if you’re working on your own hacks for this popular smart home platform, we’d probably like to know about it. Be sure to hit up the tips line in due time.

hackaday.com/2025/12/06/bridgi…

The site is called Hackaday, and has been for 21 years. But it was only for maybe the first half-year that it was literally a hack a day. By the 2010s, we were putting out four or more per day, and in the later 20-teens, we settled into our current cadence of eight hacks per day, plus some original pieces over the top. That’s a lot of hacks per day! (But “Eight-to-Ten-Hacks-a-Day” just isn’t as catchy.)

With that many posts daily, we also tend to reach out to a broader array of interests. Quite simply, not every hack is necessarily going to be just exactly what you are looking for, but we wouldn’t be writing it up if we didn’t think that someone was looking for it. Maybe you don’t like CAN bus hacks, but you’re into biohacking, or retrocomputing. Our broad group of writers helps to make sure that we’ll get you covered sooner or later.

What’s still surprising to me, though, is that a couple of times per week, there is a hack that is actually relevant to a particular project that I’m currently working on. It’s one thing to learn something new every day, and I’d bet that I do, but it’s entirely another to learn something new and relevant.

So I shouldn’t have been shocked when Tom and I were going over the week’s hacks on the podcast, and he picked an investigation of injecting spray foam into 3D prints. I liked that one too, but for me it was just “learn something new”. Tom has been working on an underwater ROV, and it perfectly scratched an itch that he has – how to keep the top of the vehicle more buoyant, while keeping the whole thing waterproof.

That kind of experience is why I’ve been reading Hackaday for 21 years now, and it’s all of our hope that you get some of that too from time to time. There is a lot of “new” on the Internet, and that’s a wonderful thing. But the combination of new and relevant just can’t be beat! So if you’ve got anything you want to hear more about, let us know.

This article is part of the Hackaday.com newsletter, delivered every seven days for each of the last 200+ weeks. It also includes our favorite articles from the last seven days that you can see on the web version of the newsletter. Want this type of article to hit your inbox every Friday morning? You should sign up!

hackaday.com/2025/12/06/someth…

Nothing lasts forever, and that includes the ROMs required to make a retrocomputer run. Even worse, what if you’re rolling your own firmware? Period-appropriate EPROMs and their programmers aren’t always cheap or easy to get a hold of these days. [Kyo-ta04] had that problem, and thanks to them, we now all have a solution: Pico2ROMEmu, a ROM emulator based on, you guessed it, the Raspberry Pi Pico2.

The Pico2ROMEmu in its natural habitat on a Z80 SBC.
The ROM emulator has been tested at 10MHz with a Z80 processor and 12MHz with an MC68000. An interesting detail here is that rather than use the RP2350’s RISC-V or ARM cores, [kyo-ta04] is doing all the work using the chip’s powerful PIO. PIO means “programmable I/O,” and if you need a primer, check this out. Using PIO means the main core of the microcontroller needn’t be involved — and in this context, a faster ROM emulator.

We’ve seen ROM emulators before, of course — the OneROM comes to mind, which can also use the RP2350 and its PIOs. That project hasn’t been chasing these sorts of speeds as it is focused on older, slower machines. That may change in the newest revision. It’s great to see another contender in this space, though, especially one to serve slightly higher-performance retrocomputers. Code and Gerbers for the Pico2RomeEMU are available on GitHub under an MIT license.

Thanks to [kyo-ta04] for the tip.

hackaday.com/2025/12/06/emulat…

If you wanted to build an electronic dice, you might grab an Arduino and a nice OLED display to whip up something fancy. You could even choose an ESP32 and have it log your rolls to the cloud. Or, you could follow the lead of [Axiometa] and do it the old-school way.

The build is based around the famous 555 timer IC. It’s paired with a 4017 decade counter IC, which advances every time it receives a clock signal from the 555. With the aid of some simple transistor logic, this lights the corresponding LEDs for the numbers 1 to 6, which are laid out like the face of a typical six-sided die. For an added bit of fun, a tilt sensor is used to trigger the 555 and thus the roll of the dice. A little extra tweak to the circuit ensures the 555 keeps counting just a little while after you stop shaking. This makes the action feel like an actual dice roll.

Schematics are available for the curious. We’d love to see this expanded to emulate a range of other dice—like a D20 version that could blink away on the D&D table. We’ve covered some very exciting technology in that area as well.

youtube.com/embed/cZxBj7fzkkk?…

hackaday.com/2025/12/06/electr…

Gli esperti hanno scoperto che nell’estate del 2025 Microsoft ha corretto una pericolosa vulnerabilità in Windows che era stata sfruttata attivamente da almeno 11 gruppi di hacker, tra cui APT nordcoreani e grandi gruppi come Evil Corp.

Si tratta del CVE-2025-949, che consentiva agli aggressori di nascondere comandi dannosi all’interno di file LNK e di eseguire malware senza essere rilevati su un dispositivo compromesso.

La radice del problema risiede nel modo in cui Windows gestisce i collegamenti LNK. Gli aggressori hanno riempito il campo Destinazione nel file LNK con spazi per nascondere argomenti dannosi della riga di comando.

Le proprietà del file mostrano solo i primi 260 caratteri del campo Destinazione, mentre il resto rimane nascosto. Di conseguenza, l’utente visualizza un comando innocuo, ma facendo doppio clic sul collegamento viene avviato il malware.

Gruppi di hacker hanno sfruttato attivamente questo trucco. Gli analisti di Trend Micro hanno scoperto che il CVE-2025-9491 è stato sfruttato da almeno 11 gruppi, tra cui APT37 nordcoreano, APT43 (noto anche come Kimsuky), Mustang Panda, SideWinder, RedHotel e Konni, oltre ai criminali informatici di Evil Corp e Bitter.

“Gli attacchi hanno utilizzato vari payload e downloader: Ursnif, Gh0st RAT, Trickbot. Le piattaforme MaaS (malware-as-a-service) hanno complicato ulteriormente la situazione“, osserva Trend Micro.

Come recentemente riportato da Arctic Wolf e StrikeReady , il gruppo di hacker cinese Mustang Panda ha addirittura sfruttato questa vulnerabilità come zero-day e l’ha utilizzata in attacchi contro diplomatici europei in Ungheria, Belgio e altri paesi dell’UE. Gli aggressori hanno infine distribuito il malware PlugX RAT sui sistemi delle loro vittime.

A marzo 2025, gli analisti di Trend Micro segnalarono agli sviluppatori Microsoft che la vulnerabilità CVE-2025-9491 era stata attivamente sfruttata. Tuttavia, il produttore rispose che avrebbe solo “considerato” la correzione del bug, sottolineando che la vulnerabilità non soddisfaceva i criteri per una correzione immediata.

Inoltre, a novembre, i rappresentanti di Microsoft hanno rilasciato un ulteriore chiarimento affermando che il problema non dovrebbe essere considerato una vulnerabilità, “data l’interazione richiesta dall’utente e il fatto che il sistema avvisa in merito al formato di file non attendibile“.

Tuttavia, come ha riferito Mitja Kolsek, responsabile di Acros Security e co-fondatore di 0patch, Microsoft ha recentemente modificato silenziosamente il comportamento dei file LNK. Kolsek afferma che, dopo gli aggiornamenti di giugno (sebbene la patch sembri essere stata distribuita gradualmente), gli utenti vedono tutti i caratteri nel campo Destinazione quando aprono le proprietà dei file LNK, non solo i primi 260.

Kolsek ha osservato che questa non è una soluzione completamente funzionale. Il problema è che gli argomenti dannosi dei file LNK persistono e gli utenti non ricevono ancora avvisi quando aprono un collegamento con una stringa di destinazione eccessivamente lunga.

In attesa che Microsoft rilasci una patch completa, Acros Security ha rilasciato una correzione non ufficiale tramite la sua piattaforma 0Patch. La micropatch limita tutte le stringhe di destinazione nelle scorciatoie a 260 caratteri e avvisa gli utenti del potenziale pericolo nell’apertura di file con stringhe eccessivamente lunghe.

“Anche se è possibile creare scorciatoie dannose con meno caratteri, crediamo che fermare gli attacchi reali già scoperti potrebbe apportare notevoli vantaggi a coloro che sono presi di mira dagli hacker“, afferma Kolsek.

La patch non ufficiale è disponibile per gli utenti 0patch con abbonamenti PRO ed Enterprise che eseguono versioni di Windows da Windows 7 a Windows 11 22H2, nonché da Windows Server 2008 R2 a Windows Server 2022.

L'articolo Sfruttata da mesi nel silenzio generale: la falla LNK usata dagli APT di mezzo mondo proviene da Red Hot Cyber.

13 dicembre, dalle ore 17:30 in via Garibaldi 13 Centro Sereno Regis

Programma (sala Poli):

Conferenza "Due Lazari contemporanei, creatori di lingue" del prof. Pennacchietti.
Consegna dei diplomi.
Concerto di Lucio Avitabile.

Cena a buffet (sala Gandhi), quota adesione alla cena: 10€.

Blog • Festa dell'esperanto a Torino, 13 dicembre

Zamenhofa festo 13 dicembre, dalle ore 17:30 in via Garibaldi 13 Centro Sereno Regis Programma…

^{webchat.disroot.org}

Ahoy Pirates,

Our next PPI board meeting will take place on 09.12.2025, 20:00 UTC.

All official PPI proceedings, Board meetings included, are open to the public. Feel free to stop by. We’ll be happy to have you.

Where:jitsi.pirati.cz/PPI-Board

Agenda: Pad: https://etherpad.pp-international.net/p/ppi-board-meeting-2025-08-05-vnly0cj

All of our meetings are posted to our calendar: pp-international.net/calendar/

We look forward to seeing visitors.

Thank you for your support,

The Board of PPI

pp-international.net/2025/12/p…

Dear Friend of Press Freedom,

Rümeysa Öztürk has been facing deportation for 255 days for co-writing an op-ed the government didn’t like, and journalist Ya’akub Vijandre remains locked up by Immigration and Customs Enforcement over social media posts about issues he reported on. Read on for more ongoing battles against government suppression of the free press.

And join us today at 2 p.m. EST for a conversation with leading immigration journalists about reporting truth and protecting communities. Register here.

New York Times fights back against Pentagon prior restraint

The newspaper President Donald Trump likes to call “the failing New York Times” somehow managed to scrounge up enough pocket change to take his administration to court. The Times and its Pentagon reporter, Julian Barnes, are suing the Pentagon over its censorial policy restricting journalists from publishing unauthorized information.

As Freedom of the Press Foundation (FPF) Executive Director Trevor Timm said, “The Pentagon’s absurd access pledge has been an affront to the First Amendment since the first day they proposed it. And we look forward to a federal judge throwing it out with the trash, where it belongs.”

• READ THE FULL STATEMENT

FPF demands court lift secrecy in Catherine Herridge’s privilege case

A federal appellate court got it wrong by requiring journalist Catherine Herridge to disclose the sources for her reporting on scientist Yangping Chen’s alleged ties to the Chinese military while an online college Chen founded received federal funds. She’s rightly seeking a rehearing.

Worse yet, the misguided ruling was informed by documents about the FBI’s investigation of Chen that were improperly filed under seal, and which the appellate court considered in a closed hearing. FPF, represented by Schaerr | Jaffe LLP, filed a motion to intervene and unseal the documents and hearing transcript.

• READ OUR PRESS RELEASE AND MOTION

Reckless federal agents are the threat, not cameras

The right to record law enforcement operations is well established. But immigration officers have repeatedly chased, assaulted, and even arrested people for recording them. This isn’t just unconstitutional. It’s dangerous.

FPF Senior Adviser Caitlin Vogus wrote for NC Newsline that “Federal agents don’t want cameras pointed at them because it can force accountability. When they lash out at people who record them, it’s not just those targeted who are in danger; everyone around them is at risk too.”

• READ MORE

U.S. journalists abducted by Israel describe abuse and U.S. indifference

FPF Deputy Director of Audience Ahmed Zidan wrote for Jacobin about the online event we hosted with Defending Rights & Dissent last month featuring three U.S. journalists who were nabbed by Israel in international waters while on aid flotillas headed to Gaza.

It should’ve been an international scandal, but the administration hardly lifted a finger. As Jewish Currents reporter Emily Wilder said, “The abuses against us demonstrate how far [the Israeli] regime will go, how emboldened it’s been, and the absolute impunity they have to act this way.”

• READ MORE

White House media bias tracker: Another tired gimmick

The White House launched a media bias tracker to catalog instances of supposedly distorted coverage. Predictably, the site is long on hyperbole and short on substance.

FPF Advocacy Director Seth Stern said, “If Trump thinks the media is getting stories wrong or being unfair to him, he should release the public records, correspondence, and legal memoranda that prove it, instead of wasting time and taxpayer money on silly websites. … The gimmick is wearing thin.” Media columnist Margaret Sullivan agrees.

• READ OUR STATEMENT

Sen. Kelly: Read the boat strike memo into the Congressional Record

Sen. Mark Kelly told CNN that he has read the Justice Department’s classified legal rationale for destroying alleged drug boats and that it should be released.

Not only is the senator right, he has the power to make the document public himself, and he should do so without delay. FPF’s Daniel Ellsberg Chair on Government Secrecy, Lauren Harper, has more.

• READ MORE

Censorship by invoice

Michigan’s Grand Blanc Township thinks it has discovered a trick to weasel out of accountability: charging a reporter more for records about a tragic church shooting than most people earn in two years.

FPF’s Stern wrote about why these tactics can’t be allowed to continue and why, rather than being deterred, reporters should take governmental evasiveness as a sign that they’re onto something.

• READ MORE

What We're Reading

Photojournalist arrested at Miami immigration protest, gear seized

U.S. Press Freedom Tracker
Freelance photojournalist Dave Decker was unlawfully arrested by Miami-Dade Sheriff’s deputies while documenting anti-deportation protests. Read the objection letter we joined with Florida’s First Amendment Foundation and the National Press Photographers Association.

In ‘Cover-Up,’ Laura Poitras investigates Seymour Hersh

Columbia Journalism Review
The filmmaker and FPF’s founding board member discussed her 20-year project, the “crisis” in investigative journalism, and how truth-telling can still change the world.

How the feds used propaganda to frame their ‘war’ on Chicago: ‘They’re lying constantly’

Block Club Chicago
As Stern explained, propaganda doesn’t work when there’s a strong local media. “People know their local reporters. They see them on the street. They rely on them. That makes it harder for the administration to control the narrative.”

The SLAPP problem is worse than we thought

Columbia Journalism Review
CJR features our friends at First Amendment Watch’s new “SLAPP Back Initiative” to track strategic lawsuits against public participation.

• DONATE TO FPF

This year, we’ve trained over 3,000 journalists in essential digital security skills, documented 240 press freedom violations, and filed over 250 Freedom of Information Act requests and 6 FOIA lawsuits. We can’t keep this up without your help. Donate online, via DAFpay, or our other ways to give. All donations are matched, up to $75,000.

RSVP: freedom.press/silenced-sources

freedom.press/silenced-sources

freedom.press/issues/caving-is…