Lorenzo ha ricondiviso questo.

mastodon - Collegamento all'originale

Magento online stores are being targeted using a recently patched vulnerability known as PolyShell.

According to Sansec, attacks have entered the mass-exploitation phase, with hundreds of stores being hacked every hour.

sansec.io/research/polyshell-m…

Mass PolyShell attack wave hits 471 stores in one hour

Sansec detected 471 stores compromised in a single hour as attackers exploit the PolyShell vulnerability at scale. The attack injects obfuscated JavaScript f...
Sansec Forensics Team (Sansec)

reshared this

Lorenzo ha ricondiviso questo.

mastodon - Collegamento all'originale

My favorite thing to do over the past months has been to watch Battlefield players and content creators slowly realize that EA, a company known for its predatory p2w games, has turned BF6 into a pay-to-win game

I love watching people slowly falling into despair

youtube.com/watch?v=tizFmlUvkm…

WHY Battlefield 6 Still Feels Like It's Failing The Players.

Profitez des vidéos et de la musique que vous aimez, mettez en ligne des contenus originaux, et partagez-les avec vos amis, vos proches et le monde entier.
Westie (YouTube)

reshared this

Lorenzo ha ricondiviso questo.

mastodon - Collegamento all'originale
The media in this post is not displayed to visitors. To view it, please go to the original post.

A group of North Korean hackers engaged in Contagious Interview campaigns left one of their web consoles exposed on the internet

opensourcemalware.com/blog/con…

Contagious Interview gets an upgrade for 2026 - A comprehensive analysis by OpenSourceMalware

A single NPM package that led us to the Lazarus Groups latest campaign targeting software engineers using fake recruiters on LinkedIn, Fiverr and UpWork.
opensourcemalware.com

reshared this

Lorenzo ha ricondiviso questo.

mastodon - Collegamento all'originale

One of the most popular JavaScript packages on earth Axios has been compromised

opensourcemalware.com/blog/axi…

One of the most popular JavaScript packages on earth Axios has been compromised

The Axios NPM package has been compromised and the maintainer of the project has been locked out of their account. This will go down in history as one of the most successful software supply chain attacks ever
opensourcemalware.com

reshared this

friendica (DFRN) - Collegamento all'originale

DeDECTive porta la scansione DECT wideband e la decodifica vocale G.721

@GNU/Linux Italia

linuxeasy.org/dedective-porta-…

DeDECTive porta scansione DECT wideband e decodifica vocale G.721 su Linux con HackRF, con call following e analisi avanzata.
L'articolo DeDECTive porta la scansione DECT wideband e la

@GNU/Linux Italia

reshared this

Lorenzo ha ricondiviso questo.

mastodon - Collegamento all'originale
The media in this post is not displayed to visitors. To view it, please go to the original post.

Sekoia looks at a new Phishing-as-a-Service platform named EvilTokens that has been spotted running campaigns since February.

The platform is one of the few that can run device-code phishing operations against Microsoft accounts, so expect this to become very popular in the coming months.

blog.sekoia.io/new-widespread-…

New widespread EvilTokens kit: device code phishing as-a-service - Part 1

Uncover the new sophisticated EvilTokens device code phishing as-a-service, with AI-augmented features facilitating BEC fraud
Quentin Bourgue and Sekoia TDR (Sekoia.io Blog)

reshared this

Lorenzo ha ricondiviso questo.

mastodon - Collegamento all'originale

The ISO C++ committee has completed work on the C++26 specification of the C++ programming language.

This will be the biggest overhaul to C++ since the 2011 specification.

herbsutter.com/2026/03/29/c26-…

C++26 is done! — Trip report: March 2026 ISO C++ standards meeting (London Croydon, UK)

News flash: C++26 is done! 🎉 On Saturday, the ISO C++ committee completed technical work on C++26 in (partly) sunny London Croydon, UK. We resolved the remaining international comments on the C++26…
Herb Sutter (Sutter’s Mill)

reshared this

Lorenzo ha ricondiviso questo.

mastodon - Collegamento all'originale

Lorenzo Meacci introduces InsomniacUnwinding, a new technique to hide and sleep malicious code, even from EDR solutions that continuously scan the memory for malicious code

lorenzomeacci.com/unwind-data-…

Unwind Data Can't Sleep - Introducing InsomniacUnwinding | Lorenzo Meacci

Hi all, in this blog we will discuss sleep masking in detail, the default assumptions that come with it, and how we are going to break those assumptions with a novel approach called InsomniacUnwinding.
Lorenzo Meacci

reshared this

Lorenzo ha ricondiviso questo.

mastodon - Collegamento all'originale
The media in this post is not displayed to visitors. To view it, please go to the original post.
Trump convenes "God Squad" to override Endangered Species Act, up oil production
Administration wants to exempt all federally regulated offshore oil from protections.
arstechnica.com/tech-policy/20…

Trump convenes "God Squad" to override Endangered Species Act, up oil production

Inside Climate News (Ars Technica)
Lorenzo ha ricondiviso questo.

mastodon - Collegamento all'originale

CNET is being brought back after the AI articles fiasco

linkedin.com/posts/david-katzm…

News | David Katzmaier | 121 comments

I am proud to announce that CNET News is back. We’ve remained a trusted voice in tech news throughout our nearly 35 year history -- yes, we own news.com -- and today marks the reformation of our official news team led by Jon Reed.
David Katzmaier (LinkedIn)

reshared this

Lorenzo ha ricondiviso questo.

mastodon - Collegamento all'originale

Despite losing the US and EU market, Kaspersky reported a record revenue of $836 million last year

kaspersky.ru/about/press-relea…

«Лаборатория Касперского» представила новый рекорд по размеру глобальной выручки

Продажи решений компании в мире выросли на 4%, а в России и странах СНГ — на 23%
/

reshared this

friendica (DFRN) - Collegamento all'originale

Glate porta Google Translate e sintesi vocale direttamente sul desktop Linux

@GNU/Linux Italia

linuxeasy.org/glate-porta-goog…

Glate porta Google Translate e sintesi vocale sul desktop Linux, con oltre 100 lingue, cronologia, hotkey e download mp3.
L'articolo Glate porta Google Translate e

@GNU/Linux Italia

reshared this

friendica (DFRN) - Collegamento all'originale

Onyx: il reverse proxy moderno, minimale e potente

@GNU/Linux Italia

linuxeasy.org/onyx-il-reverse-…

Onyx è un reverse proxy moderno con dashboard live, rate limiting, plugin API e aggiornamenti senza riavvio.
L'articolo Onyx: il reverse proxy moderno, minimale e potente proviene da Linux Easy.
E' vietato riprodurre questo articolo senza

@GNU/Linux Italia

reshared this

friendica (DFRN) - Collegamento all'originale

Ubuntu MATE cerca un nuovo maintainer

@GNU/Linux Italia

linuxeasy.org/ubuntu-mate-cerc…

Ubuntu MATE cerca un nuovo maintainer: Martin Wimpress lascia la guida e invita nuovi contributori a farsi avanti.
L'articolo Ubuntu MATE cerca un nuovo maintainer proviene da Linux Easy.
E' vietato riprodurre questo articolo senza autorizzazione.
Questo feed RSS è destinato ai

@GNU/Linux Italia

reshared this

friendica (DFRN) - Collegamento all'originale

3uTools il centro di gestione completo per iPhone su Linux

@GNU/Linux Italia

linuxeasy.org/3utools-il-centr…

3uTools offre verifica hardware, flash iOS, gestione dati e app senza Apple ID in un’unica interfaccia completa.
L'articolo 3uTools il centro di gestione completo per iPhone su Linux proviene da Linux Easy.
E' vietato

@GNU/Linux Italia

reshared this

friendica (DFRN) - Collegamento all'originale

Wayland introduce il nuovo protocollo xdg‑session‑management

@GNU/Linux Italia

linuxeasy.org/wayland-introduc…

Wayland ottiene il nuovo protocollo xdg‑session‑management, portando il ripristino delle sessioni e colmando un vuoto storico rispetto a X11.
L'articolo Wayland introduce il nuovo protocollo xdg‑session‑management

@GNU/Linux Italia

reshared this

friendica (DFRN) - Collegamento all'originale

KaOS 2026.03: una ISO rivoluzionaria che segna l’inizio dell’era post‑systemd

@GNU/Linux Italia

linuxeasy.org/kaos-2026-03-una…

KaOS 2026.03 introduce Limine, Dracut, un desktop basato su Niri e Noctalia e prepara la transizione verso Dinit.
L'articolo KaOS 2026.03: una ISO rivoluzionaria che segna

@GNU/Linux Italia

reshared this

friendica (DFRN) - Collegamento all'originale

App Center di Ubuntu 26.04 gestisce anche i pacchetti Deb

@GNU/Linux Italia

linuxeasy.org/app-center-di-ub…

L’App Center di Ubuntu 26.04 introduce la gestione dei pacchetti Deb installati e nuove opzioni per gli snap.
L'articolo App Center di Ubuntu 26.04 gestisce anche i pacchetti Deb proviene da Linux Easy.
E' vietato riprodurre

@GNU/Linux Italia

reshared this

Lorenzo ha ricondiviso questo.

mastodon - Collegamento all'originale
The media in this post is not displayed to visitors. To view it, please go to the original post.

Telegram says it is not affected by a supposed zero-day in its IM client that can be exploited to run malicious code via a malicious custom sticker

x.com/telegram/status/20380697…

zerodayinitiative.com/advisori…

Upcoming | Zero Day Initiative

www.zerodayinitiative.com

reshared this

friendica (DFRN) - Collegamento all'originale

Riepilogo settimanale Linux Easy – Settimana 13 (23‑29 marzo 2026)

@GNU/Linux Italia

linuxeasy.org/riepilogo-settim…

Riepilogo dei migliori articoli della settimana 13 su Linux Easy: novità Ubuntu, kernel, software e progetti open source.
L'articolo Riepilogo settimanale Linux Easy – Settimana 13 (23‑29 marzo 2026)

@GNU/Linux Italia

reshared this

Lorenzo ha ricondiviso questo.

mastodon - Collegamento all'originale

Security firm Cybereason has open-sourced owLSM, an EDR-like agent for Linux, an eBPF LSM agent to run Sigma rules

github.com/Cybereason-Public/o…

GitHub - Cybereason-Public/owLSM: Sigma Rules Engine inside the Linux Kernel using eBPF. Focusing on prevention capabilities

Sigma Rules Engine inside the Linux Kernel using eBPF. Focusing on prevention capabilities - Cybereason-Public/owLSM
GitHub

reshared this

friendica (DFRN) - Collegamento all'originale

AMD GAIA 0.17 l’interfaccia locale e privata per gestire agenti AI su Ryzen

@GNU/Linux Italia

linuxeasy.org/amd-gaia-0-17-li…

AMD GAIA 0.17 introduce Agent UI, l’interfaccia locale e privata per gestire agenti AI su Ryzen con controllo totale.
L'articolo AMD GAIA 0.17 l’interfaccia locale e privata

@GNU/Linux Italia

reshared this

friendica (DFRN) - Collegamento all'originale

LibreQoS 2.0 gestione intelligente della banda per reti moderne

@GNU/Linux Italia

linuxeasy.org/libreqos-2-0-ges…

LibreQoS 2.0 migliora la gestione della banda su Linux con minore latenza, ottimizzazioni e configurazione semplificata
L'articolo LibreQoS 2.0 gestione intelligente della banda per reti moderne proviene da

@GNU/Linux Italia

reshared this

friendica (DFRN) - Collegamento all'originale

Rilasciato GIMP 3.2.2 migliora livelli e importazione PSD

@GNU/Linux Italia

linuxeasy.org/rilasciato-gimp-…

Rilasciato GIMP 3.2.2 versione che migliora livelli, importazione PSD, tracciati SVG e introduce fix al motore GEGL.
L'articolo Rilasciato GIMP 3.2.2 migliora livelli e importazione PSD proviene da Linux Easy.
E' vietato

@GNU/Linux Italia

reshared this

friendica (DFRN) - Collegamento all'originale

SystemRescue 13 introduce kernel 6.18 LTS e nuovi strumenti

@GNU/Linux Italia

linuxeasy.org/systemrescue-13-…

SystemRescue 13 è stato rilasciato e introduce kernel 6.18 LTS, nuovi strumenti e miglioramenti per il recupero dei sistemi.
L'articolo SystemRescue 13 introduce kernel 6.18 LTS e nuovi strumenti proviene da Linux Easy.

@GNU/Linux Italia

reshared this

Lorenzo ha ricondiviso questo.

mastodon - Collegamento all'originale

Hackers inserted malicious code in the desktop client of Chinese webdev service Apifox.

The attacker compromised JavaScript files hosted in the app's CDN and added code to steal user credentials to a remote server

slowmist.medium.com/security-a…

reshared this

Lorenzo ha ricondiviso questo.

mastodon - Collegamento all'originale

The Balancer DeFi platform has shut down after hackers stole $110 million last November

forum.balancer.fi/t/on-the-fut…

On the Future of Balancer: Shutting Down Balancer Labs, Supporting the Path Forward

Nerite supports balancer! Balancer will come back from this in some form or another. Abandoning veBAL is fine as long as there is another alternative. Tokenomics update is very welcome.
Balancer

reshared this

Lorenzo ha ricondiviso questo.

mastodon - Collegamento all'originale

New, from our @deepfield ERT: found a new botnet dressing its C2 traffic as camera management.

#Drifter names its domains after Hikvision products, blending with surveillance traffic on the same VLAN as the Android TV boxes it infects. DNS queries go through an Australian resolver, which somewhat undermines the cover if your bot is in São Paulo.

71 KB binary, already linked to attacks exceeding 2 Tbps from 80k sources. At least six operators are now competing for the same devices.

github.com/deepfield/public-re…

#threatintel #ddos

public-research/drifter/report.md at main · deepfield/public-research

DDoS botnet research and indicators of compromise from Nokia Deepfield ERT - deepfield/public-research
GitHub
#DDoS #threatintel #Drifter @Deepfield

reshared this

Lorenzo ha ricondiviso questo.

mastodon - Collegamento all'originale
The media in this post is not displayed to visitors. To view it, please go to the original post.

If the Trivy, RICS, and LiteLLM incidents have confused you, the team at OpenSourceMalware has published a profile of TeamPCP, the group behind the larger attack (as well on how the attack was carried out)

opensourcemalware.com/blog/tea…

OpenSourceMalware.com - Community Threat Intelligence

Security professionals sharing intelligence on malicious packages, repositories, and CDNs to protect the open source ecosystem.
opensourcemalware.com

reshared this

Lorenzo ha ricondiviso questo.

mastodon - Collegamento all'originale

Censys has discovered a custom-built post-exploitation framework.

Named CTRL, the framework is coded in .NET, was used in the wild, and appears to be the work of a Rsusian-speaking developer

censys.com/blog/under-ctrl-dis…

Under CTRL: Dissecting a Previously Undocumented Russian .Net Access Framework - Censys

Censys ARC discovered a previously undocumented, Russian-origin remote access toolkit dubbed "CTRL." Learn about the malware and how it works.
Kate Lake (Censys)

reshared this

friendica (DFRN) - Collegamento all'originale

Hideout cifratura dei file semplice e sicura con un’interfaccia minimale

@GNU/Linux Italia

linuxeasy.org/hideout-cifratur…

Hideout è un app open che porta la cifratura dei file a un livello più semplice: drag‑and‑drop, GnuPG e un design minimale.
L'articolo Hideout cifratura dei file semplice e sicura

@GNU/Linux Italia
Lorenzo ha ricondiviso questo.

mastodon - Collegamento all'originale
Accidental eCall activation in cars lead to 75% false 112 calls in Nederland
L: nltimes.nl/2026/03/28/one-thre…
C: news.ycombinator.com/item?id=4…
posted on 2026.03.28 at 10:22:42 (c=0, p=3)

Accidental eCall activation in cars lead to 75% false 112 calls in Nederland | Hacker News

news.ycombinator.com

reshared this

Lorenzo ha ricondiviso questo.

mastodon - Collegamento all'originale
The media in this post is not displayed to visitors. To view it, please go to the original post.

friendica (DFRN) - Collegamento all'originale

Ubuntu prepara il passaggio a ntpd‑rs per la sincronizzazione oraria

@GNU/Linux Italia

linuxeasy.org/ubuntu-prepara-i…

ntpd‑rs: un nuovo componente Rust per la gestione dell’ora su Ubuntu, pensato per sostituire Chrony, LinuxPTP e GPSD
L'articolo Ubuntu prepara il passaggio a ntpd‑rs per la sincronizzazione

@GNU/Linux Italia

reshared this

friendica (DFRN) - Collegamento all'originale

KDE Plasma 6.7 introduce test del microfono e miglioramenti grafici

@GNU/Linux Italia

linuxeasy.org/kde-plasma-6-7-i…

KDE Plasma 6.7 introduce test del microfono, miglioramenti grafici, supporto ai portali e primi passi verso Vulkan.
L'articolo KDE Plasma 6.7 introduce test del microfono e miglioramenti grafici

@GNU/Linux Italia

reshared this

friendica (DFRN) - Collegamento all'originale

StarStreet Forecast porta astronomia, meteo avanzato e dati planetari in un’unica app

@GNU/Linux Italia

linuxeasy.org/starstreet-forec…

StarStreet Forecast unisce astronomia, meteo avanzato e dati planetari in un’unica app open source precisa e senza traccianti.
L'articolo

@GNU/Linux Italia

reshared this

friendica (DFRN) - Collegamento all'originale

Rilasciato Mixxx 2.5.6 arrivano miglioramenti ai controller e agli effetti

@GNU/Linux Italia

linuxeasy.org/rilasciato-mixxx…

Mixxx 2.5.6 è arrivato con miglioramenti ai controller, effetti più stabili e un motore audio più affidabile.
L'articolo Rilasciato Mixxx 2.5.6 arrivano miglioramenti ai

@GNU/Linux Italia

reshared this

friendica (DFRN) - Collegamento all'originale

CopyQ 14.0.0 porta cifratura delle schede, audio integrato e nuove funzioni di scripting

@GNU/Linux Italia

linuxeasy.org/copyq-14-0-0-por…

CopyQ 14.0.0 porta cifratura delle schede, audio integrato, statistiche avanzate e un supporto migliore per GNOME.
L'articolo CopyQ

@GNU/Linux Italia

reshared this