Lorenzo ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

New, from me: Scattered Spider Hackers Plead Guilty on Day 1 of Trial

Two men pleaded guilty in the United Kingdom this week to criminal charges stemming from an August 2024 cyberattack that crippled Transport for London, the entity responsible for the public transport network in the Greater London area. The duo were key members of a prolific cybercrime group known as Scattered Spider, and their guilty pleas came on the first day of what was expected to be a six-week trial.

From the story:

"Jubair is also wanted by U.S. law enforcement agencies. In September 2025, prosecutors in New Jersey unsealed an indictment alleging Jubair and other Scattered Spider members committed computer fraud, wire fraud, and money laundering in relation to 120 computer network intrusions involving 47 U.S. entities between May 2022 and September 2025, and that the group’s victims paid at least $115 million in ransom payments."

krebsonsecurity.com/2026/06/sc…

#scatteredspider #cybercrime #justice

reshared this

Lorenzo ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

The #SoftwareIndustry traces its origin to an announcement by #IBM on #ThisDayInHistory in 1969. Pricing & selling #software separately from #hardware allows others to produce for your platform, giving rise both to commercial competitors & to an #OpenSource/#FreeSoftwareMovement.

reshared this

SeekFast il motore di ricerca per file che trova testi e documenti in pochi secondi

@GNU/Linux Italia

linuxeasy.org/seekfast-motore-…

SeekFast è un potente motore di ricerca desktop per Linux, Windows e macOS che trova testo in oltre 120 formati di file in pochi secondi
L'articolo SeekFast il motore di ricerca per file che trova testi e documenti

GentleOS: debutta il sistema operativo retro per PC i386 con soli 4 MB di RAM

@GNU/Linux Italia

linuxeasy.org/gentleos-sistema…

GentleOS è una nuova sistema operativo retro per PC i386 con appena 4 MB di RAM, interfaccia grafica classica e supporto per hardware vintage.
L'articolo GentleOS: debutta il sistema operativo retro per PC i386 con soli 4 MB di RAM proviene

Mouzi organizza automaticamente i download senza interrompere il lavoro

@GNU/Linux Italia

linuxeasy.org/mouzi-organizza-…

Mouzi organizza automaticamente la cartella Download con regole personalizzabili, cronologia delle azioni e massima attenzione alla privacy.
L'articolo Mouzi organizza automaticamente i download senza interrompere il lavoro proviene da Linux

Valve rilancia il gaming Linux da salotto con la nuova Steam Machine

@GNU/Linux Italia

linuxeasy.org/valve-gaming-lin…

Valve rilancia la Steam Machine con SteamOS 3 basato su Arch Linux, hardware AMD potente e focus sul gaming Linux da salotto.
L'articolo Valve rilancia il gaming Linux da salotto con la nuova Steam Machine proviene da Linux Easy.
E' vietato riprodurre questo

Dyedfox Radio il player web radio progettato per KDE Plasma

@GNU/Linux Italia

linuxeasy.org/dyedfox-radio-pl…

Dyedfox Radio porta le radio online su KDE Plasma con ricerca avanzata, integrazione MPRIS2 e un’interfaccia nativa basata su PyQt6.
L'articolo Dyedfox Radio il player web radio progettato per KDE Plasma proviene da Linux Easy.
E' vietato riprodurre questo

Lorenzo ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

A new edition of my weekly cyber newsletter, ~ this week in security ~, is out. Leading this week: Anthropic's AI ban wasn't ever really about a jailbreak, Ozempic maker gets hacked (twice), Apple kneecaps a privacy feature, a secret society's members were exposed, and find out how the UK's social media law, which pissed everyone off, was announced, denounced, and already potentially trounced.

Read online: this.weekinsecurity.com/this-w…

Sign up for the weekly newsletter: this.weekinsecurity.com


this week in security — june 21 2026 edition


~ ~

THIS WEEK, TL;DR


U.S. government's Anthropic ban wasn't really about an AI jailbreak
Axios ($), TechCrunch ($): Well that blew up… More than a week after the Trump administration used its export control powers to effectively ban Anthropic from offering its cybersecurity focused Mythos and Fable models, they're still largely offline. What initially erupted over cybersecurity fears after the White House took umbrage with an alleged Amazon-discovered jailbreak in Anthropic's latest AI models quickly turned out to be largely "personality clashes" between Trump and Anthropic, per Axios ($). The White House also seems to want a resolution to the jailbreak issue, which experts say isn't possible to fully remediate. Dozens of security researchers and experts have since called on the government to pull its export restrictions to allow Anthropic to offer its models again. So far, no dice. Anthropic has since dispatched a team to Washington, D.C. to negotiate with Trump officials, but we're not likely to see any change in positions here for the time being amid the impasse, and it's not known for how long this might drag on. Tech Policy Press said the quiet part out loud, that the "climate is one of a cloud of suspicion that senior officials are picking favorites based on personal and political factors." Infosec legend Bruce Schneier also has thoughts.
More: Luta Security | TechCrunch ($) | Axios ($) | The New York Times ($) | Wired ($) | The New Stack

'FortiBleed' bug affects thousands of Fortinet firewalls, hackers reportedly cracked admin passwords
DoublePulsar: Security researcher Kevin Beaumont is filling in the knowledge gaps because Fortinet's response to its customers getting hacked has been (predictably) crap. Meet FortiBleed, a new mass-hacking campaign targeting Fortinet firewalls belonging to big corporations around the world. There are at least 1,000 known compromised organizations so far out of a suspected 75,000 total internet-facing firewalls. A hacking crew appears to have scanned the internet for these firewalls, somehow logged in (it's unclear exactly how), exported the firewall configs, and then later unscrambled the hashed admin passwords offline. This allows the hackers to breach the firewalls and break into the victim's networks. CloudSEK also has a really good report on this campaign as well. Beaumont has IOCs, and the excellent folks at GAYINT have a list of affected Fortinet devices, so check if your organization is a victim. CISA also has a hardening guide for Fortinet customers. Expect more from this ongoing (albeit rumbled) campaign.
More: The Register | Ars Technica | @IFIN | @GossiTheDog | @ransomwaresommelier | @shadowserver
a sample of data shown in a screenshot containing sensitive domain, Fortinet firewall and password information relating to customers around the world. Fortinet firewalls only produce this kind of sensitive data when they're in extreme distress.
Ozempic maker Novo Nordisk hit twice by separate hacking campaigns
DataBreaches.net: Journalist Dissent Doe reports not one, but two hacking campaigns have hit Danish pharmaceutical giant and Ozempic maker Novo Nordisk of late. One gang stole a ton of pseudonymized health data of clinical trial patients, but it's not clear if the data will ever stay fully private if the key used to scramble the data is ever leaked. An entirely separate group, about two weeks later, stole gigabytes of AI-related data, source code, credentials, and more. The groups demanded respectively $50M and $25M, but neither got paid. Novo's negotiator allegedly strung the hackers along to give the firm time to prepare for a public disclosure. (I bet the negotiator got paid pretty well, though.) Dissent Doe has a great run through in both stories about the state of Novo's security, in some cases as told by the hackers themselves, who were critical of the company's posture. Meanwhile: Cardiac equipment firm iRhythm said this week that it was hacked, with patient data stolen. The company didn't say how many people are affected.
More: DataBreaches.net | Reuters ($) | HelpNetSecurity | MedTech Dive | The Register

U.K. social media law announced, denounced, and potentially trounced amid possible change in U.K. government
The Guardian: Governments generally only roll out disastrous policies when they're in extreme distress or when their politicians are on a hideous losing streak. The U.K. is there, and is attempting to roll out a social media ban for kids under 16, following Australia's semi-unsuccessful effort to roll out its own law late last year. Even the kids are like, "this makes no sense." (But of course they'd say that; many of them are evidently smarter than our politicians these days.) This may also include bans on VPNs, per the U.K. tech minister. It's a staggeringly bad idea, but the BBC News ($) tries to make sense of it all. As you can imagine, much of it will rely on scanning your driver's license or passport for access. And yet none of this might matter if newly minted MP Andy Burnham becomes U.K. prime minister after an anticipated upcoming leadership battle among the ruling Labour Party. This is because the U.K. is a parliamentary system that allows leaders to change with relative ease (unlike other places 😑), which is why the U.K. is about to have its fifth prime minister in four years. Make that make sense, kids. More thoughts by @tjheffernan and Signal's Meredith Whittaker via Bloomberg ($).
More: GOV.UK | Wired ($) | EFF | Politico EU | NPR | @hypervisible

~ ~

PLEASE SUPPORT THIS NEWSLETTER!

~this week in security~ is my weekly cybersecurity newsletter supported by readers like you. Please consider signing up for a paying subscription starting at $10/month for access to exclusive articles, analysis, and more.

Or, you can submit a one-time tip to show your support!

Subscribe to support this newsletter

~ ~

THE STUFF YOU MIGHT'VE MISSED


Spy agencies using bulk data to snoop on targets
Financial Times ($): Advertising intelligence, aka "Adint," is now one of the major sources of government surveillance, according to a survey of European spy agencies. Buying access to huge datasets containing people's browsing and location data is sometimes far easier for the spy agencies than tapping undersea cables and sifting through ungodly amounts of intercept traffic. Using ad-blockers is a good way to combat public data collection.

Some health providers are recording your mental health care visits
The Markup: A horror story from The Markup investigating how medical providers, like Kaiser, are recording patient interactions — including mental health sessions — using "ambient listening," which is code for "listen to everything and feed it into an AI model for processing." You can (and should be able to) opt-out of this recording but as noted, it's increasingly making patients feel uncomfortable and wanting to change doctors.

An elite secret society is exposed after a data leak spilled its members
Straight Arrow News: A Peter Thiel-founded secret society of elite members that allegedly exists for fostering off-the-record discussions *pinches bridge of nose and sighs relentlessly* can't even seem to keep its members' information secret, because its website exposed dozens of their email addresses and phone numbers. The list includes celebrities, politicians, journos, and more, per @crimew.gay. More via Wired ($).
maia arson crimew post on Bluesky: "Both datasets were obtained due to insufficiently secured systems that were openly leaking data, no security mechanisms were bypassed and no "advanced hacking" took place. I verify all source data sent to me and it's provenance before using it in research or passing it along to other journalists."
Apple is about to kneecap its Hide My Email privacy service
Arseniy Shestakov: For no good (or obvious) reason, Apple is about to make its email hiding feature, Hide My Email, less effective by moving users' masked email addresses from @icloud.com domains (which all customers use) to @private.icloud.com, making it far easier for websites and apps to block anonymous users from signing up. I asked Apple why it changed this but didn't get back to me. (*makes chicken clucking noises*)

How residential proxy networks power hacker and crime groups
Wall Street Journal ($): Want to know more about how hackers hide in your router (and also apps and cracked video games) and hijack that access as a funnel for cybercrims' bad activity? Here's your primer on residential proxy networks, the backdoor software that powers them, and why they're a risk to confidential information. Plus! Brian Krebs digs into one major residential proxy provider and the botnet it allegedly (heavy wink) runs, thanks to millions of hijacked Android TV boxes.

~ ~

OTHER NEWSY NUGGETS


Knicks data nicked: The ShinyHunters' hackers leaked some 45GB of data stolen relating to the Knicks and Madison Square Garden, where the team just played, including "risk" score data about high-profile attendees, per 404 Media ($). Meanwhile, Have I Been Pwned reports retail giant JCPenney and fashion outlet Ralph Lauren also didn't pay the hackers after they had data stolen by the same group, nor did Kodak nor Council of Europe pay. (via HigherEd Dive, GovTech)

Not so sweet sugar cyberattack: Queensland-based Mackay Sugar, Australia's second largest sugar producer, was hacked, forcing the shutdown of at least two mills. The hack prompted the company to ask farmers to keep crops in the ground for longer. It's unclear if that'll affect the collective harvest. A hacking group called The Gentlemen (narrator voice: they are not) took credit. (via ABC.net.au, The Register)

Joomla bug sparks alarm: A maximum severity 10/10 bug in Joomla's content management system, used by an estimated 1% of the web, has patched a bug actively under attack by hackers, per the software maker. The bug allows unauthenticated access and execution of PHP code, so that's… not great. Update today. (via Widget Factory, CISA, @IntCyberDigest)

Trump's Pulte takes spy agency reins: Another political mess is bubbling over in the U.S. capital as President Trump decided to dig in on Bill Pulte as his administration's part-U.S. spy chief, part-federal housing boss, and part-Trump's personal attack dog (but actually though). As such, Pulte took office as the acting U.S. director of national intelligence, much to the chagrin of both parties. Meanwhile, Trump said he won't pass the FISA renewal bill (even though it's nowhere near close to being resolved) because lawmakers won't pass his absolutely insane voter ID bill under the guise of Trump trying to steal another election. It's all very messy, but our neighborhood natsec cyberscribe @dustinvolz explains the s...hituation atThe New York Times ($). (via @atrupar.com)

Time is a flat circle, spyware edition: Human Rights Watch found Bulgaria-based surveillance vendor Circles sold its spyware to countries with atrocious records of human rights, like Bahrain and the UAE. Circles sells Pixcell (for tracking calls, messages, and data) and Landmark (tracks location). The EU just can't seem to stop its countries exporting spyware to the world. If only it actually tried to begin with! (via Bloomberg ($), The Record)

Canada gets legal anti-botnet kibosh order: Canadian spy agency CSIS was granted approval by a court to take down botnets… two years ago, following a request by the agency to "remove the compromised devices from Canada." The ruling was made public this week in a barebones filing, but as Risky.biz notes, it's probably China-related. The FBI used similar court orders in the past to take down botnets, too, but also remove the malware code from routers and servers. (via The Canadian Press, CityNews)

Klue app compromised: Klue, a market intelligence company that makes the Battlecards integration for Salesforce customers, was compromised (Klue noindex'd its blog post, hiding it from search engines). This breach allowed hackers to hijack those integrations and steal customer data. A new extortion gang called Icarus took credit for the hack.A bunch of customers are affected, including Recorded Future, Tanium, Jamf, Sprout Social, Gong, and Insurity. (via Dark Reading, Bleeping Computer, DataBreachToday)

~ ~

THE HAPPY CORNER


It's a corner, it's got happy stuff, it's the happy corner. And it's got all that we need to relax after a busy week of news.

To the kids facing a social media ban today, well… at least you didn't have to rely on using an Excel spreadsheet on a Nokia 9210 to send text messages to your boo. (I fear nobody under the age of 30 will get this reference and if that's the case, I'm gonna go find a nice quiet corner to just crumble into dust.)
Dr Chris Burden post on X: "Under 16s messaging each other on Excel post the social media ban," followed by a screenshot from a Nelly-Kelly Rowland music video from the 2000s featuring a still of a typed-out text message saying "WHERE YOU AT?" on an Excel spreadsheet on a Nokia 9210 phone.
I will admit, I got a little hooked on this secrets-finding game. Find the exposed tokens, credentials, and other exposed sensitive data in this data leak simulator.

Be careful out there, folks. Things are getting desperate among AI-fueled CEOs. Please, please use our sh*tty AI products, they beg. Will someone think of the executives?
James Hawkins post on Bluesky: "seriously be careful out there everyone i had 2 Microsoft Copilot licenses in my car, and someone broke in and left 4 more," followed by a photo of a smashed car window.
And lastly this week. Thank you so much to everyone who contributed to last week's shout-out to a special cause, Project Sunshine, a nonprofit that my partner Jordan and I are involved with that helps to raise funds so that kids with medical challenges can enjoy much-needed playtime. We were just blown away by the support and love from you. We raised our goal and then some! If you're reading this on the weekend, there's still a few more hours before the Play-A-Thon closes for this season, but if you can spare a few bucks to donate, it will make all the difference to the kids that you help to support. Thank you again, really; it means so much.

Got good news to share? Get in touch! this@weekinsecurity.com.

~ ~

CYBER CATS & FRIENDS


This week's cyber cat is Meech, who can be seen h… Zzzz…. Z..z zz… zzz… Zz… *shhh* sleeping softly with his head on a… keyboard?! …Zzz…. Z.. Zz…zz.. must be exhausted after a busy day hacking. Z.. zz…. z….. back to snoozing for you… *psssts quietly* Thanks so much to Mike B. for sending in…!
Meech is an orange kitty who can be seen asleep, with his head resting on the side of a computer keyboard.
🐈 Keep sending in your cyber cats! 🐈‍⬛ Got a cat or a non-feline friend? Send me an email with their photo and name and they will be featured in a later newsletter! I always appreciate an update if you've sent in before!

~ ~

SUGGESTION BOX


And that's all there is for this week. Thank you so much for reading, subscribing, and supporting this newsletter (and blog!). That was... a bit of a busy one. I hope this edition gave you everything you needed to catch up.

If you like this newsletter, please do share it on your socials and whatnot! I really appreciate getting new readers in and word-of-mouth is one of the best ways to do that.

And, if you have anything you want to share for the newsletter, including suggestions and feedback, please drop me a note any time.

As a short programming note from me, there will be no newsletter next week! I'll be away in New England for a few days with Jordan; she's always wanted to go up to Maine, so we're going to drive north and disconnect from the world. I'm back the week after for July 5, with the latest edition of ~this week in security~ to mark a special milestone.

Logging off for now... take care, and catch you soon.

Back in a fortnight,
@zackwhittaker

Reading this online? Get ~this week in security~ by email


a weekly cybersecurity newsletter by Zack Whittaker, plus analysis and blogs. All the news you need to know. No slop.

Subscribe
Email sent! Check your inbox to complete your signup.

No spam. Unsubscribe anytime. This newsletter does not use email open or link trackers.


reshared this

Lorenzo ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

Heads up, Gizmodo has been compromised by some #ErrTraffic affiliate to. Inject is in main response.
ErrTraffic C2 cdnpro-987[.]xyz (Resoved via #EtherHiding)
PS Payload domain cdnportal-us[.]xyz (dynamic PowerShell command URI path)
PowerShell downloads a 16MB encrypted 7z file, checks if 7z is installed and otherwise downloads it to unpack the file and run the contained EXE. The EXE will do some profiling (including refresh rate) and if passes, will drop #NetSupportRAT and run it.
NetSupport C2 178[.]16[.]55[.]191.

TA also has a Mac payload configured, but it seems broken at the moment and ask for a password of some zip file when executed 🤷

Note: ErrTraffic is a ClickFIx-as-a-Service, so other compromised sites can lead to other malware from other affiliates.


Don't look now, but it seems Gizmodo's homepage is now serving up a Clickfix attack.

Basics of the Click-Fix exploit, which causes a pasted URL to fetch malware via Windows Powershell.

krebsonsecurity.com/2025/03/cl…

#clickfix #gizmodo


reshared this

Lorenzo ha ricondiviso questo.

Whoa. @pypi monthly download counts increase 19.8% since March 2026 - **163.8 billion** total downloads in May 2026

Thanks to #ClickHouse for producing this newsletter: clickpy.clickhouse.com/report/…

reshared this

My Computer per Nautilus migliora la gestione di dischi e risorse in GNOME Files

@GNU/Linux Italia

linuxeasy.org/my-computer-naut…

My Computer per Nautilus aggiunge una vista centralizzata per dischi, partizioni e risorse di rete con gestione avanzata della barra laterale
L'articolo My Computer per Nautilus migliora la gestione di dischi e risorse in

Lorenzo ha ricondiviso questo.

Energy Security, Not Climate Goals, Is Now Driving the Clean Power Boom
L: oilprice.com/Alternative-Energ…
C: news.ycombinator.com/item?id=4…
posted on 2026.06.21 at 17:19:21 (c=0, p=3)

reshared this

ZCode l’Agentic Development Environment disponibile anche per Linux

@GNU/Linux Italia

linuxeasy.org/zcode-agentic-de…

ZCode è un nuovo ambiente di sviluppo agentico che integra AI, automazione e gestione di attività complesse per programmatori
L'articolo ZCode l’Agentic Development Environment disponibile anche per Linux proviene da Linux Easy.
E' vietato

Lorenzo ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

Check whether a site supports post quantum crypto* quantumhello.xyz

* Well hybrid PQ key exchange in the form of TLS 1.3 with X25519MLKEM768

reshared this

Fedora 45 verso una versione essenziale di GRUB

@GNU/Linux Italia

linuxeasy.org/fedora-45-versio…

Fedora 45 punta alla sicurezza: in arrivo una versione ridotta di GRUB per il Confidential Computing, ottimizzata per le macchine virtuali e UKI
L'articolo Fedora 45 verso una versione essenziale di GRUB proviene da Linux Easy.
E' vietato riprodurre questo articolo senza

iptop: monitor del traffico IP in tempo reale da terminale

@GNU/Linux Italia

linuxeasy.org/iptop-monitor-tr…

iptop mostra il traffico di rete in tempo reale nel terminale, con statistiche per processo, host, latenza e connessioni.
L'articolo iptop: monitor del traffico IP in tempo reale da terminale proviene da Linux Easy.
E' vietato riprodurre questo

PorteuX 2.7: novità, desktop aggiornati e spinta su prestazioni

@GNU/Linux Italia

linuxeasy.org/porteux-2-7-desk…

PorteuX 2.7 aggiorna kernel, desktop e driver con più velocità, supporto hardware migliorato e nuove ottimizzazioni.
L'articolo PorteuX 2.7: novità, desktop aggiornati e spinta su prestazioni proviene da Linux Easy.
E' vietato riprodurre questo

Giada 1.5.0 Leshy: il nuovo motore di timing tick-based per la produzione musicale live

@GNU/Linux Italia

linuxeasy.org/giada-1-5-0-lesh…

Giada 1.5.0 Leshy introduce un motore audio tick-based, gestione scene avanzata, monitoraggio CPU e miglioramenti MIDI per DJ e musicisti elettronici.
L'articolo Giada 1.5.0 Leshy: il nuovo motore di timing tick-based per la

Lorenzo ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

Don't look now, but it seems Gizmodo's homepage is now serving up a Clickfix attack.

Basics of the Click-Fix exploit, which causes a pasted URL to fetch malware via Windows Powershell.

krebsonsecurity.com/2025/03/cl…

#clickfix #gizmodo

Lorenzo ha ricondiviso questo.

Ubisoft co-founder Claude Guillemot has died in a plane crash
L: bloomberg.com/news/articles/20…
C: news.ycombinator.com/item?id=4…
posted on 2026.06.20 at 10:12:50 (c=0, p=6)

reshared this

RSS Feed l’estensione GNOME Shell che porta le notizie direttamente nel pannello di sistema

@GNU/Linux Italia

linuxeasy.org/rss-feed-estensi…

RSS Feed è un’estensione GNOME Shell che porta feed RSS, Atom e RDF direttamente nel pannello di sistema con notifiche e gestione avanzata.
L'articolo RSS Feed l’estensione GNOME Shell che porta le notizie direttamente nel pannello di sistema

RSS Feed l’estensione GNOME Shell che porta le notizie direttamente nel pannello di sistema

@GNU/Linux Italia

linuxeasy.org/rss-feed-estensi…

RSS Feed è un’estensione GNOME Shell che porta feed RSS, Atom e RDF direttamente nel pannello di sistema con notifiche e gestione avanzata.
L'articolo RSS Feed l’estensione GNOME Shell che porta le notizie direttamente nel pannello di sistema