Scopri come riconquistare il controllo del tuo tempo e della tua attenzione con il protocollo B.E.L.L.A. e impara a usare la tecnologia in modo consapevole per una vita più equilibrata e libera.
@Informatica (Italy e non Italy 😁) La rotta del G7 Cyber non prevede nuovi obblighi regolatori, ma offre un quadro di riferimento condiviso: una roadmap per autorità, istituzioni finanziarie e fornitori tecnologici, declinata in sei fasi principali della
Recently, [Vinnie] aka [vinthewrench] moved from Oregon to Arkansas to start a farmstead. This is a style of farming that focuses not just on a profitable farm where produce is sold at market, but also on a homestead where much of one’s own food is grown on the farm as well. Like any farm, though, it’s extremely hard work that takes a tremendous amount of time. Automation and other technology can make a huge impact in these situations, and [Vinnie] is rolling out his own software stack to help with this on his farm.
He calls his project the Pi Internet of Things, or PioT, and as its name suggests is based around the Raspberry Pi. Since this will all be outdoors and exposed to the extremes of Arkansas weather, everything built under the auspices of this project prioritizes ruggedness, stability, and long-term support, all while avoiding any cloud service. The system also focuses on being able to ride through power outages. The server side, called piotserver, uses a REST API to give the user access to the automation systems through a web interface
[Vinnie] also goes into detail about why existing systems like Home Assistant and Open Sprinkler wouldn’t work in his situation, and why a ground-up solution like this is more appropriate for his farm. This post is largely an overview of his system, but some of his other posts go into more detail about things like integrating temperature sensors, rainfall monitoring, controlling irrigation systems, and plenty of other farm automation tasks that are useful for any farmer or gardener.
Internals of the 1900 Evershed & Vignoles Ltd 1 ohm resistance standard. (Credit: Three-phase, YouTube) Resistance standards are incredibly useful, but like so many precision references they require regular calibration, maintenance and certification to ensure that they stay within their datasheet tolerances. This raises the question of how well a resistance standard from the year 1900 performs after 125 years, without the benefits of modern modern engineering and standards. Cue the [Three-phase] YouTube channel testing a genuine Evershed & Vignoles Ltdone ohm resistance standard from 1900.
With mahogany construction and brass contacts it sure looks stylish, though the unit was missing the shorting pin that goes in between the two sides. This was a common feature of e.g. resistance decade boxes of the era, where you inserted pins to connect resistors until you hit the desired total. Inside the one ohm standard is a platinoid resistor, which is an alloy of copper, nickel, tungsten, and zinc. Based on the broad arrow mark on the bottom this unit was apparently owned by the UK’s Ordnance Board, which was part of what was then called the War Office.
After a quick gander at the internals, the standard was hooked up to a Keithley DMM7510 digital bench meter. The resistance standard’s ‘datasheet’ is listed on top of the unit on the brass plaques, including the effect of temperature on its accuracy. Adjusting for this, the measured ~1.016 Ω was within 1.6% tolerance, with as sidenote that this was with the unit not having been cleaned or otherwise having had maintenance performed on it since it was last used in service. Definitely not a bad feat.
There are a few types of continuous 3D printing with FDM printers, with a conveyer belt and automatic build plate swapping the most common types. The advantage of build plate swapping is that it automates the bit where normally a human would have to come in to remove finished parts from the build plate. A recent entry here is the Chitu PlateCycler C1M which the [Aurora Tech] YouTube channel had over for a review. This kit bolts onto the Bambu Lab A1 Mini FDM printer and comes with four extra PEI build plates for a not unreasonable $79 (€69).
As also noted in the review video, this is effectively a clone of the original swapmod A1m kit, but a big difference is that the Chitu kit comes with all of the parts and doesn’t require you to print anything yourself.
The different plates are prepared using a special tool that inserts G-code between the plate changes. Moving the bed in a specific way triggers the switch that lifts the finished plate off the magnetic bed by the plastic grip on the plate and loads a fresh plate from the stack. Here it was found that a small tolerance issue prevented the last plate from being used, but some sandpaper fixed this. Other than that it was a fairly painless experience, and for e.g. multi-color prints with separated colors – as demonstrated – it would seem to be a great way to churn out the entire model without manual intervention or a lot of wasted filament.
Perhaps the main issue that is central to all of these build plate swap mods is where the plates go after they’re pulled off the magnetic bed: the padded box is a great idea for the first one or two plates, but after that you get your PEI build plates with parts on them crashing on top of each other.
This is where perhaps something like a passive roller conveyer system could provide a nice gentle off-ramp, though this too would increase the footprint of the system. Regardless, the overall system seems to work well enough, allowing one to stack fresh plates in the chute and if you turn on build plate detection in the A1 you can even prevent the printer from trying to print on the magnetic bed.
A lot of retrocomputer enthusiasts have a favourite system, to the point of keeping up 40 year old flame wars over which system was “best”. In spite of the serious, boring nature of the PC/AT and its descendants, those early IBMs have a certain style that Compaq and the Clones never quite matched. Somehow, we live in a world where there are people nostalgic for Big Blue. That’s why [AnneBarela] built a miniature IBM PC using an Adafruit Fruit Jam board.
If you haven’t seen it before, the Fruit Jam board is an RP2350 dev board created specifically to make minicomputers, with its two USB host sockets, DVI-out and 3.5mm jack. [Anne] loaded a PC emulator by [Daft-Freak] called PACE-32 than can emulate an IBM compatible PC with an 80386 and up-to 8 MB of RAM on this particular board. The video is VGA, 640×480 — as god intended– piped to a 5″ LCD [Anne] picked up from AliExpress.
That display is mounted inside a replica monitor designed by [giobbino], and is sitting on top of a replica case. Both are available on Thingiverse, though some modification was required to provide proper mounting for the Fruit Jam board. [giobbino] designed it to house a FabGL ESP32 module– which has us wondering, if an RP2350 can be a 386, what level of PC might the ESP32-P4 be capable of? We’ve seen it pretend to be a Quadra, so a 486 should be possible. It wasn’t that long ago that mini builds of this nature required a Raspberry Pi, after all.
Speculation aside, this diminutive IBM build leaves us but with but one question: if you played Links386 on it, would it count as miniature golf?
Following up on user-reported cases of Battle Born LiFePO4 batteries displaying very hot positive terminals, [Will Prowse] decided to buy a brand new one of these LFP batteries for some controlled cycle testing.
Starting with 30 cycles with a charging current of 49 A and a discharge current of 99 A, this put it well within the 100 A continuous rating for the battery. There is also a surge current rating of 200 A for thirty seconds, but that was not tested here.
What’s interesting about the results here is that instead of the positive terminal getting visibly discolored as with the previous cases that we reported on, [Will] saw severe thermal effects on the side of the negative terminal to the point where the plastic enclosure was deforming due to severe internal heating.
During testing, the first two charge-discharge cycles showed full capacity, but after that the measured capacity became extremely erratic until the battery kept disconnecting randomly. After letting the battery cool down and trying again with 80 A discharge current the negative terminal side of the enclosure began to melt, which was a good hint to stop testing. After this the battery also couldn’t be charged any more by [Will]’s equipment, probably due to the sketchy contact inside the battery.
It’s clear that the plastic spacer inside the terminal bus bar was once again the primary cause, starting a cascade which resulted in not only the enclosure beginning to char and melt, but with heat damage visible throughout the battery. Considering that the battery was used as specified, without pushing its limits, it seems clear that nobody should be using these batteries for anything until Battle Born fixes what appears to be the sketchiest terminal and bus bar design ever seen in a high-current battery.
NEW: Nicholas Moore, a hacker who broke into the systems of the U.S. Supreme Court and the Department of Veteran Affairs, stole the personal data of victims and then posted it online on his @ihackthegovernment Instagram account.
Moore faces a maximum of a year in prison and a fine of up to $100,000.
Nicholas Moore pleaded guilty to stealing victims’ information from the Supreme Court and other federal government agencies, and then posting it on his Instagram @ihackthegovernment.
@Informatica (Italy e non Italy 😁) È stata identificata una nuova campagna di web skimming basata su Magecart che non colpisce il server in modo tradizionale ma punta direttamente al browser dell’utente durante la fase di pagamento, intercettando i dati nel momento esatto in cui
Join Hackaday Editors Elliot Williams and Tom Nardi as they swap their favorite hacks and stories from the week. In this episode, they’ll start off by marveling over the evolution of the “smart knob” and other open hardware input devices, then discuss a futuristic propulsion technology you can demo in your own kitchen sink, and a cheap handheld game system that get’s a new lease on life thanks to the latest version of the ESP32 microcontroller.
From there they’ll cover spinning CRTs, creating custom GUIs on Android, and yet another thing you can build of out that old Ender 3 collecting dust in the basement. The episode wraps up with a discussion about putting Valve’s Steam Deck to work and a look at the history-making medical evacuation of the International Space Station.
Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!
When it comes to the term ‘Raspberry Pi clones’, the most that they really clone is the form factor, as nobody is creating clones of Broadcom VideoCore-based SoCs. At least not if they want to stay safe from Broadcom’s vicious legal team. That said, the Walnut Pi 1B single-board computer (SBC) that [Silly Workshop] recently took a gander at seems to be taking a fairly typical approach to a Raspberry Pi 4 form factor compatible board.
Part of Walnut Pi’s line-up, the Allwinner H616/H168-equipped 1B feels like it takes hints from both the RPi 4B and the Asus Tinkerboard, especially with its nicely colored GPIO pins. There’s also a beefier Walnut Pi 2B with an Allwinner T527 SoC that’s not being reviewed here. Translating the Chinese-language documentation for the board suggests that either the H616 or H618 may be installed, with both featuring a quad-core Cortex-A53, so in the ballpark of the Raspberry Pi 3.
There are also multiple RAM configurations, ranging from 1 GB of DDR3 to 4 GB of LPDDR4, with the 1 GB version being fun to try and run benchmarks like GeekBench on. Ultimately the impression was that it’s just another Allwinner SoC-based board, with a half-hearted ‘custom’ Linux image, no hardware acceleration due to missing (proprietary) Allwinner IP block drivers, etc.
While cheaper than a Raspberry Pi SBC, if you need anything more than the basic Allwinner H61* support and Ethernet/WiFi, there clearly are better options, some of which may even involve repurposing an e-waste Android TV box.
An important aspect in software engineering is the ability to distinguish between premature, unnecessary, and necessary optimizations. A strong case can be made that the initial design benefits massively from optimizations that prevent well-known issues later on, while unnecessary optimizations are those simply do not make any significant difference either way. Meanwhile ‘premature’ optimizations are harder to define, with Knuth’s often quoted-out-of-context statement about these being ‘the root of all evil’ causing significant confusion.
We can find Donald Knuth’s full quote deep in the 1974 articleStructured Programming with go to Statements, which at the time was a contentious optimization topic. On page 268, along with the cited quote, we see that it’s a reference to making presumed optimizations without understanding their effect, and without a clear picture of which parts of the program really take up most processing time. Definitely sound advice.
And unlike back in the 1970s we have today many easy ways to analyze application performance and to quantize bottlenecks. This makes it rather inexcusable to spend more time today vilifying the goto statement than to optimize one’s code with simple techniques like zero-copy and binary message formats.
Got To Go Fast
The cache hierarchy of the 2008 Intel Nehalem x86 microarchitecture. (Source: Intel) There’s a big difference between having a conceptual picture of how one’s code interacts with the hardware and having an in-depth understanding. While the basic concept of more lines of code (LoC) translating into more RAM, CPU, and disk resources used is technically true much of the time, the real challenge lies in understanding how individual CPU cores are scheduled by the OS, how core cache synchronization works, and the impact that the L2 and L3 cache have.
Another major challenge is that of simply moving data around between system RAM, caches and registers, which seems obvious at face value, but the impact of certain decisions can have big implications. For example, passing a pointer to a memory address instead of the entire string, and performing aligned memory accesses instead of unaligned can take more or less time. This latter topic is especially relevant on x86, as this ISA allows unaligned memory access with a major performance penalty, while ARM will hard fault the application at the merest misaligned twitch.
I came across a range of these issues while implementing my remote procedure call library NymphRPC. Initially I used a simple and easy to parse binary message format, but saddled it with a naïve parser implementation that involved massive copying of strings, as this was the zero-planning-needed, smooth-brained, ‘safe’ choice. In hindsight this was a design failure with a major necessary optimization omitted that would require major refactoring later.
In this article I’d like to highlight both the benefits of simple binary formats as well as how simple it is to implement a zero-copy parser that omits copying of message data during parsing, while also avoiding memory alignment issues when message data is requested and copied to a return value.
KISS
Perhaps the biggest advantage of binary message formats is that they’re very simple, very small, and extremely low in calories. In the case of NymphRPC its message format features a standard header, a message-specific body, and a terminator. For a simple NymphRPC message call for example we would see something like: uint32 Signature: DRGN (0x4452474e) uint32 Total message bytes following this field. uint8 Protocol version (0x00). uint32 Method ID: identifier of the remote function. uint32 Flags (see _Flags_ section). uint64 Message ID. Simple incrementing global counter. <..> Serialised values. uint8 Message end. None type (0x01). The very first value is a 32-bit unsigned integer that when interpreted as characters identifies this as a valid NymphRPC message. (‘DRGN’, because dragonfly nymph.) This is followed by another uint32 that contains the number of bytes that follow in the message. We’re now eight bytes in and we already have done basic validation and know what size buffer to allocate.
Serializing the values is done similarly, with an 8-bit type code followed by the byte(s) that contain the value. This is both easy to parse without complex validation like XML or JSON, and about as light-weight as one can make a format without adding something like compression.
Only If Needed
When we receive the message bytes on the network socket, we read it into a buffer. Because the second 32-bit value which we read earlier contained the message size, we can make sure to allocate a buffer that’s large enough to fit the rest of the message’s bytes. The big change with zero-copy parsing commences after this, where the naïve approach is to copy the entire byte buffer into e.g. a std::string for subsequent substring parsing.
Instead of such a blunt method, the byte buffer is parsed in-place with the use of a moving index pointer into the buffer. The two key methods involved with the parsing can be found in [url=https://github.com/MayaPosch/NymphRPC/blob/master/src/nymph_message.cpp]nymph_message.cpp[/url] and [url=https://github.com/MayaPosch/NymphRPC/blob/master/src/nymph_types.cpp]nymph_types.cpp[/url], with the former providing the NymphMessage constructor and the basic message parser. After parsing the header, the NymphType class provides a parseValue() function that takes a value type code, a reference to the byte buffer and the current index. This function is called until the terminating NYMPH_TYPE_NONE is found, or some error occurs.
Looking at parseValue() in more detail, we can see two things of note: the first is that we are absolutely copying certain data despite the ‘zero-copy’ claim, and the liberal use of memcpy() instead of basic assignment statements. The first item is easy to explain: the difference between either copying the memory address or the value of a simple integer/floating point type is so minimal that we trip head-first into the same ‘premature optimization’ thing that Mr. Knuth complained about back in 1974.
Ergo we just copy the value and don’t break our pretty little heads about whether doing the same thing in a more convoluted way would net us a few percent performance improvement or loss. This is different with non-trivial types, such as strings. These are simply a char* pointer into the byte buffer, leaving the string’s bytes in peace and quiet until the application demands either that same character pointer via the API or calls the convenience function that assembles a readily-packaged std::string.
Memcpy Is Love
Although demonizing ‘doing things the C way’ appears to be a popular pastime, if you want to write code that works with the hardware instead of against it, you really want to be able to write some highly performative C code and fully understand it. When I had written the first zero-copy implementation of NymphRPC and had also written up what I thought was a solid article on how well optimized the project now was, I had no idea that I had a “fun” surprise waiting for me.
As I happily tried running the new code on a Raspberry Pi SBC after doing the benchmarking for the article on an x86 system, the first thing it did was give me a hard fault message in the shell along with a strongly disapproving glare from the ARM CPU. As it turns out, doing a direct assignment like this is bound to get you into trouble: methodId = *((uint32_t*) (binmsg + index)); This line casts the current index into the byte buffer as a uint32_t type before dereferencing it and assigning the value to the variable. When you’re using e.g. std::string the alignment issues sort themselves out somewhere within the depths of the STL, but with direct memory access like this you’re at the mercy of the underlying platform. Which is a shame, because platforms like ARM do not know the word ‘mercy’.
Fortunately this is easy to fix: memcpy(&methodId, (binmsg + index), 4); Instead of juggling pointers ourselves, we simply tell memcpy what the target address is, where it should copy from and how many bytes are to be copied. Among all the other complex scenarios that this function has to cope with, doing aligned memory address access for reading and writing is probably among its least complex requirements.
Hindsight
Looking back on the NymphRPC project so far, it’s clear that some necessary optimizations that ought to have been there from the very beginning weren’t there. At least as far as unnecessary and premature optimizations go, I do feel that I have successfully dodged these, but since these days we’re still having annual flamewars about the merits of using goto I very much doubt that we will reach consensus here.
What is clear from the benchmarking that I have done on NymphRPC before and after this major refactoring is that zero-copy makes a massive difference, with especially operations involving larger data (string) chunks becoming multiple times faster, with many milliseconds shaved off and the Callgrind tool of Valgrind no longer listing __memcpy_avx_unaligned_erms as the biggest headache due to std::string abuse.
Perhaps the most important lesson from optimizing a library like NymphRPC is that aside from it being both frustrating and fun, it’s also a humbling experience that makes it clear that even as a purported senior developer there’s always more to learn. Even if putting yourself out there with a new experience like porting a lock-free ring buffer to a language like Ada and getting corrected by others stings a little.
After all, we are here to write performant software that’s easy to maintain and have fun while doing it, with sharing optimization tips and other tricks just being part of the experience.
La Cina consiglia alle aziende di interrompere l'utilizzo di software di sicurezza informatica di fornitori statunitensi e israeliani per motivi di sicurezza nazionale.
Scoperta una vulnerabilità critica in AWS CodeBuild che potrebbe compromettere gli ambienti cloud dei clienti. La falla, chiamata CodeBreach, è stata corretta da Amazon.
One of the joys of writing for Hackaday comes in following the world of new semiconductor devices, spotting interesting ones while they are still just entries on manufacturer websites, and then waiting for commonly-available dev boards. With Chinese parts there’s always a period in which Chinese manufacturers and nobody else has them, and then they quietly appear on AliExpress.
All of which brings us to the WCH CH32M030, a chip that’s been on the radar for a while and has finally broken cover. It’s the CH32 RISC-V microcontroller you may be familiar with, but with a set of four half-bridge drivers on board for running motors. A handy, cheap, and very smart motor controller, if you will.
There’s been at least one Chinese CH32M030 dev board (Chinese language) online for a while now, but the one listed on AliExpress appears to be a different design. At the time of writing the most popular one is still showing fewer than 20 sales, so we’re getting in at the ground floor here.
We think this chip is of interest because it has the potential to be used in low price robotic projects, replacing as it does a couple of parts or modules in one go. If you use it, we’d like to hear from you!
Sony’s original Playstation wasn’t huge, and they did shrink it for re-release later as the PSOne, but even that wasn’t small enough for [Secret Hobbyist]. You may have seen the teaser video a while back where his palm-size Playstation went viral, but now he’s begun a series of videos on how he redesigned the vintage console.
Luckily for [Secret Hobbyist], the late-revision PSOne he started with is only a two-layer PCB, which made reverse engineering the traces a lot easier. Between probing everything under the microscope and cleaning the board off to follow all the traces in copper, [Hobbyist] was able to reproduce the circuit in KiCAD. (Reverse engineering starts at about 1:18 in the vid.)
With a schematic in hand, drafting a smaller PCB than Sony built is made easier by the availability of multi-layer PCBs. In this case [Hobbyist] was able to get away with a four-layer board. He was also able to ditch one of the ICs from the donor mainboard, which he called a “sub-CPU” as its functionality was recreated on the “PSIO” board that’s replacing the original optical drive. The PSIO is a commercial product that has been around for years now, allowing Playstations to run from SD cards– but it’s not meant for the PSOne so just getting it working here is something of a hack. He’s also added on a new DAC for VGA output, but otherwise the silicon is all original SONY.
This is the first of a series about this build, so if you’re into retro consoles you might want to keep an eye on [Secret Hobbyist] on YouTube to learn all the details as they are released.
@Informatica (Italy e non Italy 😁) I ricercatori hanno scoperto una vulnerabilità critica nel plugin Modular DS per WordPress che ha permesso a hacker di compromettere oltre 40.000 siti con un metodo sorprendentemente semplice. La vulnerabilità CVE-2026-23550 Il plugin Modular DS, installato su
I ricercatori hanno scoperto una vulnerabilità critica nel plugin Modular DS per WordPress che ha permesso a hacker di compromettere oltre 40.000 siti con un metodo sorprendentemente semplice.
La vulnerabilità CVE-2026-23550
Il plugin Modular DS, installato su decine di migliaia di siti WordPress, presentava una falla di privilege escalation classificata con un punteggio CVSS di 10.0, il massimo livello di severità. Questa debolezza, identificata come CVE-2026-23550 e catalogata nel database di Positive Technologies, riguardava le versioni 2.5.1 e 2.5.2 e derivava da una mancanza di autenticazione adeguata nell’endpoint API /apimodular-connector/login. Gli attaccanti potevano inviare una richiesta GET a questo endpoint senza credenziali, sfruttando parametri come login, server-information e manager per elevare i privilegi e ottenere accesso amministrativo completo, inclusi moduli per il login, la gestione del server e i backup.
Patchstack ha rilevato le prime exploitation il 13 gennaio 2026 alle 02:00 UTC, con richieste anomale provenienti da IP come 45.11.89.19 e 185.196.0.11, che puntavano proprio a quell’endpoint vulnerabile. La tecnica non richiedeva payload complessi né exploit zero-day elaborati: bastava una semplice chiamata HTTP per bypassare i controlli e iniettare un account amministratore, permettendo l’esecuzione di comandi arbitrari sul server sottostante.
Il trucco con l’header Origin
Gli hacker hanno affinato l’attacco aggiungendo un header HTTP "Origin: mo.", una stringa apparentemente innocua che il plugin Modular DS interpretava come indicatore di una richiesta legittima proveniente dal dominio “originmo”. Questo header, combinato con la mancanza di validazione sull’API apimodular-connector, convinceva il sistema a trattare la chiamata come interna, eludendo ulteriori verifiche di sicurezza. In pratica, l’attaccante simulava una richiesta dal pannello di controllo del plugin stesso, ottenendo accesso istantaneo a funzionalità sensibili come la gestione dei backup e le informazioni sul server.
Tale approccio, definito il “metodo più pigro” dagli analisti, ha colpito siti vulnerabili in modo massivo perché non necessitava di scansioni personalizzate o tool avanzati: una semplice modifica all’header in una richiesta GET standard era sufficiente per compromettere l’intero ambiente WordPress. Positive Technologies ha dettagliato come questo meccanismo permettesse non solo l’elevazione di privilegi ma anche l’inserimento di backdoor persistenti, con potenziali ramificazioni su database e file system.
Impatto e risposta
L’exploit ha interessato circa 40.000 installazioni attive del plugin, esponendo siti a rischi di defacement, furto dati e ulteriore propagazione di malware tramite i manager di backup integrati. Patchstack ha rilasciato una patch urgente nella versione 2.5.2, che introduce validazioni rigorose sugli header Origin e sull’autenticazione API, bloccando richieste non autorizzate attraverso controlli nonce e verifica IP whitelisting.
Gli amministratori di WordPress devono verificare immediatamente la presenza del plugin Modular DS, aggiornarlo alla versione corretta e monitorare i log di accesso per endpoint sospetti come /apimodular-connector/.
Questa discussione è aperta anche su Feddit in @informatica
I ricercatori hanno scoperto una vulnerabilità critica nel plugin Modular DS per WordPress che ha permesso a hacker di compromettere oltre 40.000 siti con un metodo sorprendentemente semplice.
La vulnerabilità CVE-2026-23550
Il plugin Modular DS, installato su decine di migliaia di siti WordPress, presentava una falla di privilege escalation classificata con un punteggio CVSS di 10.0, il massimo livello di severità. Questa debolezza, identificata come CVE-2026-23550 e catalogata nel database di Positive Technologies, riguardava le versioni 2.5.1 e 2.5.2 e derivava da una mancanza di autenticazione adeguata nell’endpoint API /apimodular-connector/login. Gli attaccanti potevano inviare una richiesta GET a questo endpoint senza credenziali, sfruttando parametri come login, server-information e manager per elevare i privilegi e ottenere accesso amministrativo completo, inclusi moduli per il login, la gestione del server e i backup.
Patchstack ha rilevato le prime exploitation il 13 gennaio 2026 alle 02:00 UTC, con richieste anomale provenienti da IP come 45.11.89.19 e 185.196.0.11, che puntavano proprio a quell’endpoint vulnerabile. La tecnica non richiedeva payload complessi né exploit zero-day elaborati: bastava una semplice chiamata HTTP per bypassare i controlli e iniettare un account amministratore, permettendo l’esecuzione di comandi arbitrari sul server sottostante.
Il trucco con l’header Origin
Gli hacker hanno affinato l’attacco aggiungendo un header HTTP "Origin: mo.", una stringa apparentemente innocua che il plugin Modular DS interpretava come indicatore di una richiesta legittima proveniente dal dominio “originmo”. Questo header, combinato con la mancanza di validazione sull’API apimodular-connector, convinceva il sistema a trattare la chiamata come interna, eludendo ulteriori verifiche di sicurezza. In pratica, l’attaccante simulava una richiesta dal pannello di controllo del plugin stesso, ottenendo accesso istantaneo a funzionalità sensibili come la gestione dei backup e le informazioni sul server.
Tale approccio, definito il “metodo più pigro” dagli analisti, ha colpito siti vulnerabili in modo massivo perché non necessitava di scansioni personalizzate o tool avanzati: una semplice modifica all’header in una richiesta GET standard era sufficiente per compromettere l’intero ambiente WordPress. Positive Technologies ha dettagliato come questo meccanismo permettesse non solo l’elevazione di privilegi ma anche l’inserimento di backdoor persistenti, con potenziali ramificazioni su database e file system.
Impatto e risposta
L’exploit ha interessato circa 40.000 installazioni attive del plugin, esponendo siti a rischi di defacement, furto dati e ulteriore propagazione di malware tramite i manager di backup integrati. Patchstack ha rilasciato una patch urgente nella versione 2.5.2, che introduce validazioni rigorose sugli header Origin e sull’autenticazione API, bloccando richieste non autorizzate attraverso controlli nonce e verifica IP whitelisting.
Gli amministratori di WordPress devono verificare immediatamente la presenza del plugin Modular DS, aggiornarlo alla versione corretta e monitorare i log di accesso per endpoint sospetti come /apimodular-connector/.
Questa discussione è aperta anche su Feddit in @informatica
CORSO NIS2 SENZA SEGRETI: LA FORMAZIONE PER AZIENDE E PROFESSIONISTI FIRMATA RED HOT CYBER!
📌 𝗔𝗰𝗰𝗲𝘀𝘀𝗼 𝗳𝗹𝗲𝘀𝘀𝗶𝗯𝗶𝗹𝗲: corso in e-learning con contenuti sempre disponibili 📌 𝗟𝗶𝘃𝗲𝗹𝗹𝗼: Base 📌 𝗣𝗿𝗲𝗿𝗲𝗾𝘂𝗶𝘀𝗶𝘁𝗶 𝗽𝗲𝗿 𝗶𝗹 𝗰𝗼𝗿𝘀𝗼: conoscenza base della valutazione del rischio 📌 𝗦𝘂𝗽𝗽𝗼𝗿𝘁𝗼 𝗮𝗹 𝗰𝗼𝗿𝘀𝗼: docente disponibile via mail
👉Iscriviti all'Academy per vedere l'anteprima gratuita del corso academy.redhotcyber.com/course… 👉Scrivici ad academy@redhotcyber.com o Whatsapp al 3791638765
Google Gemini to power entire Apple ecosystem - My Interview with TRT youtube.com/watch?v=fyJE6542d9… - Apple has announced a multi-year partnership with Google to use the company's AI models. It's all aimed at revamping Siri and projects like Apple Intelligence. Pierluigi Paganini, CEO Cybhorus and Cybersecurity has more
Profitez des vidéos et de la musique que vous aimez, mettez en ligne des contenus originaux, et partagez-les avec vos amis, vos proches et le monde entier.
Scopo primario della guerra è “l’abbattimento dell’avversario, e quindi, l’annientamento delle sue forze armate” che “deve costituire lo scopo principale di tutta l’azione bellica”. L'articolo LA GUERRA: ALCUNE SUE DEFINIZIONI E CARATTERISTICHE (SECONDA PARTE) proviene da
The rocket design is rather simple — essentially just 3D printed fins glued onto a motor with a nose-cone for avionics. A single servo and trim tab provide a modicum of roll control, and a parachute is mounted in the nose along with a homing beacon for faster recovery. Seemingly, the only thing different about this flight is properly validated telemetry and GPS antennae.
After a final ground check of the telemetry and GPS signal quality, everything is ready for what seems like a routine launch. However, somewhere around Mach 1.8, the parachute prematurely deploys, ripping apart the Kevlar rope holding together the three rocket sections. Fortunately, the booster and avionics sections could be recovered from the desert.
But this begs the question, what could possibly have caused a parachute deployment at nearly twice the speed of sound?[BPS.space] had made a quick untested change to the flight control software, in an attempt to get more accurate speed data. By feeding into the flight controller barometric altitude changes during the decent stage, it should be able to more accurately estimate its position. However, direct static pressure readings at supersonic speeds are not an accurate way of measuring altitude. So, during the boost phase, the speed estimation function should only rely on accelerometer data. The line in question. However, a simple mistake in boolean logic resulted in the accelerometer velocity being passed into the velocity estimate function during the boost phase. This gave an erroneous velocity value below zero triggering the parachute deployment. Nevertheless, the test was successful in proving antenna choice resulted in poor telemetry and GPS readings on earlier launches.
Corso in Live Class di Cyber Offensive Fundamentals: scopri penetration testing, vulnerabilità e strumenti pratici per la sicurezza informatica offensiva.
Cerchiamo l’anima. Perché è sempre più difficile fidarsi di quello che vediamo online. Per questo tutti stanno cercando altro, stanno cercando l’anima umana. Seguitemi fino alla fine perché vi spiego cosa sta succedendo alla nostra percezione.
Cerchiamo l’anima. Perché è sempre più difficile fidarsi di quello che vediamo online. Per questo tutti stanno cercando altro, stanno cercando l’anima umana. Seguitemi fino alla fine perché vi spiego cosa sta succedendo alla nostra percezione.
Un cittadino olandese di 33 anni è stato arrestato per aver gestito AVCheck, una piattaforma online di test anti-malware utilizzata da criminali informatici.
X ha introdotto nuove restrizioni che, in alcune località, impediscono di generare, con il chatbot di intelligenza artificiale Grok, immagini sessualizzate di persone reali a loro insaputa. wired.com/story/elon-musks-gro…
L'app autonoma di Grok continua, tuttavia, a permettere la rimozione digitale degli indumenti. washingtonpost.com/technology/…
È stato scoperto un nuovo framework di infezione Linux chiamato VoidLink, che si distingue per la sua architettura modulare avanzata e l'ampia gamma di funzionalità.
There’s an adage coined by [Ian Betteridge] that any headline ending in a question mark can be answered by the word “No”. However, Lorentz invariance – the theory that the same rules of physics apply in the same way in all frames of reference, and an essential component of special relativity – has been questioned for some time by researchers trying to unify general relativity and quantum field theory into a theory of quantum gravity. Many theories of quantum gravity break Lorentz invariance by giving photons with different energy levels very slightly different speeds of light – a prediction which now looks less likely since researchers recently analyzed gamma ray data from pulsed astronomical sources, and found no evidence of speed variation (open-access paper).
The researchers specifically looked for the invariance violations predicted by the Standard-Model Extension (SME), an effective field theory that unifies special relativity with the Standard Model. The variations in light speed which it predicts are too small to measure directly, so instead, the researchers analyzed gamma ray flare data collected from pulsars, active galactic nuclei, and gamma-ray bursts (only sources that emitted gamma rays in simultaneous pulses could be used). Over such great distances as these photons had traveled, even slight differences in speed between photons with different energy levels should have added up to a detectable delay between photons, but none was found.
This work doesn’t disprove the SME, but it does place stricter bounds on the Lorentz invariance violations it allows, about one and a half orders of magnitude stricter than those previously found. This study also provides a method for new experimental data to be more easily integrated into the SME. Fair warning to anyone reading the paper: the authors call their work “straightforward,” from which we can only conclude that the word takes on a new meaning after a few years studying mathematics.
Whenever you buy used computers there is a risk that they come with unpleasant surprises that are not of the insect variant. From Apple hardware that is iCloud-locked with the original owner MIA to PCs that have BIOS passwords, some of these are more severe than others. In the case of BIOS passwords, these tend to be more of an annoyance that’s easily fixed by clearing the CMOS memory, but this isn’t always the case as [Casey Bralla] found with a former student-issued HP ProBook laptop purchased off Facebook Marketplace.
Maybe it’s because HP figured that locking down access to the BIOS is essential on systems that find their way into the hands of bored and enterprising students, but these laptops write the encrypted password and associated settings to a separate Flash memory. Although a master key purportedly exists, HP’s policy here is to replace the system board. Further, while there are some recovery options that do not involve reflashing this Flash memory, they require answers to recovery questions.
This led [Casey] to try brute-force cracking, starting with a Rust-based project on GitHub that promised much but failed to even build. Undeterred, he tasked the Claude AI to write a Python script to do the brute-forcing via the Windows-based HP BIOS utility. The chatbot was also asked to generate multiple lists of unique passwords to try that might be candidates based on some human guesses.
Six months later of near-continuous attempts at nine seconds per try, this method failed to produce a hit, but at least the laptop can still be used, just without BIOS access. This may require [Casey] to work up the courage to do some hardware hacking and erase that pesky UEFI BIOS administrator password, proving at least that apparently it’s fairly good BIOS security.
👊🇺🇸🔥
in reply to Lorenzo Franceschi-Bicchierai • • •