Reader

“Когато държавата се превърне в отечество, тя се готви да убива.”

---

Куче се отглежда, за да те “лае” по пътя ти в отвъдния свят. ~prof.

---

Global Goth: Mens Gothic Clothing Influences from Around the World

Gothic fashion may have started in the underground scenes of 1980s England, but it has since evolved into a global movement — reshaping how men express darkness, rebellion, and elegance through clothing. Today, mens gothic clothing isn’t limited to one region or one look. From Japan’s visual kei to Berlin’s industrial chic, men’s goth style draws inspiration from a variety of global subcultures, each with its own take on the aesthetic.

Europe: The Birthplace of Classic Goth Western Europe, particularly the UK and Germany, played a central role in the rise of gothic fashion. British punk and post-punk bands like Bauhaus, The Cure, and Siouxsie and the Banshees helped define early goth visuals — dark trench coats, platform boots, lace shirts, and statement accessories.

Meanwhile, Berlin added its own twist. Known for its gritty street style and industrial edge, German goth fashion introduced militaristic tailoring, distressed fabrics, and cyber-goth elements that still influence today's gothic clothing mens trends.

Asia: Precision, Drama, and Modern Edge Japan’s goth scene stands out for its unique blend of tradition and futuristic fantasy. The Visual Kei subculture — with roots in Japanese rock — mixes Victorian elements, heavy makeup, and high-drama silhouettes. In contrast, Tokyo’s street goth is more minimalistic, built on oversized fits, platform boots, and avant-garde design.

Korea’s goth-inspired fashion leans toward sleek and clean aesthetics, which makes it appealing to those interested in a refined yet bold look. Designers often focus on layering, monochrome palettes, and asymmetric cuts — creating the perfect balance between goth and minimalism.

This influence is clear in modern goth clothes men styles that incorporate Korean structure and Japanese creativity with Western darkness.

North America: A Melting Pot of Subcultures In the U.S. and Canada, gothic clothing has evolved by blending with other alternative movements like punk, metal, and grunge. American goth fashion is often more casual — think graphic tees, ripped jeans, leather jackets — but still rooted in nonconformity.

California’s deathrock scene and New York’s underground clubs created a more urban approach to goth. Here, everyday wear meets rebellion — making it easier for men to incorporate dark style into their regular wardrobe.

North America is also home to many inclusive fashion brands, which is essential for expanding the reach of gothic clothing mens across body types, genders, and ethnicities.

Latin America & Beyond: Cultural Fusions In Latin America, gothic fashion is deeply tied to cultural identity and music. Scenes in Mexico, Brazil, and Argentina combine goth with local traditions and religious imagery — like crosses, veils, and hand-embroidered garments — for a spiritual and often romantic aesthetic.

Similarly, in the Middle East and Africa, goth fashion is quietly growing. While social norms may challenge outward expression, underground communities continue to shape a version of gothic fashion that speaks to both cultural history and personal identity.

Global Takeaway: Style Without Borders The future of mens gothic clothing is global, inclusive, and diverse. From Seoul to São Paulo, today’s goths are blending classic elements with local traditions, modern silhouettes, and personal expression. This worldwide influence makes gothic fashion not only more accessible, but more meaningful.

Whether you're wearing tailored jackets in Paris, draped layers in Tokyo, or street-style goth in LA, you’re part of a global style conversation. What connects all these expressions is a shared aesthetic: dark, thoughtful, and bold.

So next time you build your wardrobe, remember — goth clothes men wear today are no longer confined to one look or one place. The world is your inspiration.

Being an anarchist is often misunderstood. Many people think it's about breaking all rules and creating chaos. Additionally in my country, even mainstream media are mistakenly saying vandalism is equal to anarchism. This make me shake my head as they don't understand what anarchism really is. I've been practically doing anarchism value in my immediate social circles. I contribute to education, I reject about structural group in college especially for making decisions and I educate people about abstaining from political participation because no politicians can truly be trusted. I often share my thoughts on social issues from an anarchist point of view. Like most anarchists, I believe in building a society aligned with anarchist values. But still, I don't want anarchism to be applied in our society yet, in any state. Why?

Too Extreme for People to Accept

Anarchism is seen as “too far left” ideology, unlike socialism or communism, we reject hierarchical rulers. Everyone should be treated equally and all opinions should matter (as long as they're logically sound). But most countries today are run by conservatives who uphold capitalism, which is the complete opposite anarchism. These governments are elected by the conservative citizens, so the system and the people share the same ideology. Which makes it harder to spread anarchist values. By definition, conservatism is a commitment to traditional values and ideas with opposition to change or innovation. Capitalism has been dominant for over a century. That's why people fear radical change. Which leads to the next point.

Historical Failures of Leftist Ideas

The Soviet Union was once the biggest leftist state in the world and it collapsed. Many people now see that as proof that leftist ideologies don’t work. They say systems like socialism or anarchism are too utopian to survive in the real world. Because of that fear, anarchism is seen as unrealistic, even dangerous.

Anarchism Is Misunderstood

This ties into ignorance and media literacy. Many people think anarchism means “no rules” e.g. total chaos, violence, people killing each other. That’s NOT what anarchism is. As I mentioned earlier, the media here even label May Day protests as “anarchic” just because of vandalism or people spray-painting walls. That’s not anarchism, that’s just destruction. These false narratives shape public misunderstanding.

Bad People Still Exist

This is the main reason I don't think anarchism can work right now. There are still people who will take advantage of others if laws don’t exist. Legal systems, even if flawed, can still restrain some bad behavior. But in a world without written laws? Those people would feel free to exploit, harm, or abuse others. It’s like saying morals come from religion. If religion disappears, would some people suddenly start robbing, raping, or killing? That’s the scary part.

People today still need to learn how to be decent human beings and open themselves to new perspectives. Only then can we start introducing anarchist values in a real, meaningful way.

via Jürgen Hubert – @juergen_hubert@mementomori.social

Not far from the village of Retzin, which lies about one and a half miles away from Penkun, there is a long, tall hill and beneath it lies a lake commonly known as the Leichensee (“corpse lake”). On the hill, which is now overgrown with shrubs, there used to be a bandits' castle, whose remains can be spotted now and then amidst the shrubbery. The whole hill is therefore still called the Burgwall (“castle wall”)[1]. The bandits who lived in the castle threw the corpses of those they slew into the lake, from which the lake derives its name. The murdered and the murderers are said to haunt the lake and its environs in some nights, and nobody likes to visit the area after dark. Another tale gives us more details: The Leichensee is in the middle of two spots where two castles used to stand, and where now the villages of Lökenitz and Ramin can be found. These two castles belonged to a villainous robber knight named Hans von Ramin. The river Randow, which flows through the lake, was traversable by ships in those days[2] and thus it was common for ships to pass through the lake. The knight with his bandits only waited for those moments, and he had constructed an ingenious contraption which aided him in capturing those ships. He had put down two chains across the lake which were about 50 feet apart, and which were about two inches above the water when they were stretched taut. Whenever he saw a ship approaching in the distance he and his bandits hid in the reeds at the shore of the lake and left the first chain slacken so that it would be below the surface of the water. But when the ship had passed over it, he pulled it taut again. And thus the ship was stuck between the two chains and could go neither backwards nor forwards, and he and his bandits swarmed over it, slaughtered the crew, and took all of its goods. The corpses were thrown into the lake, on the side of the long hill[3]. It frequently occurred that the bandits discovered a larger crew on the ship than they had anticipated. In these cases they rang a large bell, which they had hung up at the shore for this very purpose. Then reinforcements would arrive from both castles. This bell fell into the lake after the death of the knight. It remains there, and at noon on St. John's Day it is still possible to hear its ringing. Source: Temme, J. D. H. Die Volkssagen von Pommern und Rügen, 1840. P. 202-204.

A weekly shortlist of cyber security highlights. The short summaries are AI generated! If something is wrong, please let me know!

---

News For All

🤖 ICE Rolls Facial Recognition Tools Out to Officers' Phones privacy – ICE introduces Mobile Fortify, a facial recognition app for agents, raising concerns about privacy and wrongful arrests due to potential inaccuracies and surveillance risks. https://www.wired.com/story/ice-rolls-facial-recognition-tools-out-to-officers-phones/

🚨 BreachForums broken up? French police arrest five members of notorious cybercrime site cybercrime – French police arrest five alleged members of BreachForums, a major cybercrime marketplace, including one sought by the US for selling hacked data worth millions, amid ongoing investigations. https://www.bitdefender.com/en-us/blog/hotforsecurity/breachforums-broken-up-french-police-arrest-five-members-of-notorious-cybercrime-site

🏎️ How we turned a real car into a Mario Kart controller by intercepting CAN data security research – A team converted a Renault Clio into a Mario Kart controller by intercepting its CAN data, enabling real driving controls for a game demo, despite some technical challenges. https://www.pentestpartners.com/security-blog/how-we-turned-a-real-car-into-a-mario-kart-controller-by-intercepting-can-data/

💰 SafePay Ransomware: What You Need To Know security news – SafePay ransomware encrypts files and steals data, demanding cryptocurrency ransoms. Unlike typical ransomware, it doesn't operate as RaaS, focusing on operational security. It's linked to previous notorious groups and has specific language restrictions to avoid certain victims. https://www.fortra.com/blog/safepay-ransomware-what-you-need-know

⚠️ Security pro counts the cost of Microsoft dependency security news – A blog post highlights the risks of heavy reliance on Microsoft, advocating for improved digital sovereignty and quantifying potential security costs to influence decision-makers away from sole dependency on American cloud services. https://www.theregister.com/2025/06/26/cost_of_microsoft_dependency/

🔒 Complaint says Bumble feature connected to OpenAI violates European data privacy rules privacy – A complaint alleges Bumble's Icebreakers feature, powered by OpenAI, breaches GDPR by lacking user consent and transparency regarding data transfers, prompting concerns over privacy and control. https://therecord.media/bumble-for-friends-openai-noyb-complaint-gdpr

🎧 Security Advisory: Airoha-based Bluetooth Headphones and Earbuds vulnerability – Vulnerabilities in Airoha-based Bluetooth devices allow unauthenticated attackers to manipulate and take over devices within Bluetooth range. Users are advised to await firmware patches for remediation. https://insinuator.net/2025/06/airoha-bluetooth-security-vulnerabilities/

⚰️ Qilin ransomware attack on NHS results in confirmed death cybercrime – The NHS confirmed that a ransomware attack by Qilin on Synnovis led to a patient's death due to delays in receiving blood test results, highlighting the serious impact of cyberattacks on healthcare. https://www.theregister.com/2025/06/26/qilin_ransomware_nhs_death/

🖨️ New Vulnerabilities Expose Millions of Brother Printers to Hacking vulnerability – Hundreds of Brother printers and others have serious vulnerabilities allowing hackers to exploit devices without authentication. A critical flaw can expose admin passwords, risking device misuse. https://www.securityweek.com/new-vulnerabilities-expose-millions-of-brother-printers-to-hacking/

💍 Ring can use AI to 'learn the routines of your residence' privacy – Ring's new Video Descriptions feature uses AI to analyze motion activity, providing detailed notifications about detected events. Concerns arise over privacy and security given Ring's history and data handling practices. https://www.theregister.com/2025/06/25/amazons_ring_ai_video_description/

🔓 Russia frees REvil hackers after sentencing security news – Four members of the REvil ransomware group were released from custody after serving time while awaiting trial, despite pleading guilty to fraud and malware charges, with no fines imposed. https://www.theverge.com/news/692582/russia-revil-hacker-group-ransomware-sentencing

🏙️ Glasgow City Council impacted by ‘cyber incident’ data breach – Glasgow City Council is dealing with a cyber incident disrupting online services and potentially involving customer data theft, with affected servers taken offline and residents advised to be cautious. https://therecord.media/glasgow-city-council-cyber-incident

🕯️ What LLMs Know About Their Users privacy – The article discusses a prompt for analyzing user interaction data in detail, highlighting preferences, past conversation topics, and insights into user behavior, raising questions about the capability of AI to build human-readable profiles. https://www.schneier.com/blog/archives/2025/06/what-llms-know-about-their-users.html

☠️ Hackers Are Poisoning Google Search Results for AI Tools to Deliver Infostealer Malware cybercrime – Threat actors are hijacking Google search results for AI tools to distribute malware via trojanized sites, using black hat SEO tactics to redirect users to infected downloads, notably Vidar and Lumma infostealers. https://thecyberexpress.com/poisoning-google-search-results-infostealers/

🔓 Leak of data belonging to 7.4 million Paraguayans traced back to infostealers data breach – Hackers accessed data on 7.4 million Paraguayans via infostealer malware on a government employee's device, leading to massive data leaks from multiple agencies. Paraguay's government plans a National Cybersecurity Strategy in response. https://therecord.media/data-leak-paraguayan-millions-infostealer

👓 Smartglass Ray-Ban Meta: Dauerüberwachung im Sonnenbrillengehäuse privacy – Meta's Ray-Ban Smartglasses, equipped with always-on recording capabilities and AI features, raise significant privacy concerns as they continuously collect data without clear opt-out options for bystanders. https://www.kuketz-blog.de/smartglass-ray-ban-meta-dauerueberwachung-im-sonnenbrillengehaeuse/

---

Some More, For the Curious

🛡️ RedirectionGuard: Mitigating unsafe junction traversal in Windows security news – Microsoft introduces RedirectionGuard in Windows 11 to prevent filesystem redirection attacks, closing a critical security gap and enhancing system integrity against privilege escalation. https://msrc.microsoft.com/blog/2025/06/redirectionguard-mitigating-unsafe-junction-traversal-in-windows/

📜 NIS2 Technical Implementation Guidance security news – ENISA provides practical guidance for implementing the NIS2 Directive, detailing cybersecurity requirements for various entities and offering examples and mappings for compliance. https://www.enisa.europa.eu/publications/nis2-technical-implementation-guidance

🔓 When Backups Open Backdoors: Accessing Sensitive Cloud Data via “Synology Active Backup for Microsoft 365” vulnerability – A leaked credential in Synology's backup tool allowed unauthorized access to sensitive Microsoft 365 data, raising serious security concerns and highlighting vulnerabilities in cloud services. https://modzero.com/en/blog/when-backups-open-backdoors-synology-active-backup-m365/

✈️ FBI, cybersecurity firms say a prolific hacking crew is now targeting airlines and the transportation sector security news – The FBI warns that the hacking group Scattered Spider is now targeting airlines and transportation, employing social engineering and ransomware tactics to compromise sensitive data. https://techcrunch.com/2025/06/28/fbi-cybersecurity-firms-say-scattered-spider-hackers-now-targeting-airlines-transportation-sector/

💻 Microsoft security updates address CrowdStrike crash, kill ‘Blue Screen of Death’ security news – Microsoft announces security updates to prevent future outages caused by third-party software, limiting direct kernel access and enhancing recovery features, including a revamped crash interface. https://cyberscoop.com/microsoft-security-updates-kernel-restrictions-downtime/

🥸 The Age of Integrity security research – Data integrity is crucial in the era of AI and Web 3.0, requiring systems to ensure accurate data throughout its lifecycle. We need to focus on integrous design to address integrity challenges. https://www.schneier.com/blog/archives/2025/06/the-age-of-integrity.html

⚠️ CVE-2024-39914 – Unauthenticated Command Injection in FOG Project’s export.php vulnerability – CVE-2024-39914 is a critical unauthenticated command injection vulnerability in FOG Project versions ≤ 1.5.10.34, allowing attackers to execute system commands or deploy webshells via export.php. https://www.offsec.com/blog/cve-2024-39914/

🔐 Cisco fixes two critical make-me-root bugs vulnerability – Cisco patched two critical vulnerabilities, CVE-2025-20281 and CVE-2025-20282, in its Identity Services Engine, allowing unauthenticated attackers to execute code with root privileges via API flaws. https://www.theregister.com/2025/06/26/patch_up_cisco_fixes_two/

🔑 Common SCCM Misconfigurations Leading to Privilege Escalation cyber defense – Misconfigurations in SCCM can lead to privilege escalation, allowing attackers to exploit Network Access Accounts and Domain Join Accounts to compromise domains. Recommendations include enforcing least privilege and avoiding legacy settings. https://www.truesec.com/hub/blog/sccm-tier-killer

🚨 Sipping from the CVE Firehose: How We Prioritize… cyber defense – The article discusses how security teams prioritize CVEs using a tiered scoring system to identify real-world threats, moving beyond traditional CVSS metrics to focus on attributes that reflect actual impact on customer attack surfaces. https://bishopfox.com/blog/sipping-cve-firehose-how-we-prioritize-emerging-threats-for-real-world-impact

🔒 Hackers deploy fake SonicWall VPN App to steal corporate credentials security research – Hackers are distributing a trojanized SonicWall NetExtender VPN app, dubbed SilentRoute, to steal user credentials by modifying the installer to bypass security checks. Users are advised to download only from official sources. https://securityaffairs.com/179332/hacking/hackers-deploy-fake-sonicwall-vpn-app-to-steal-corporate-credentials.html

📈 Surge in MOVEit Transfer Scanning Activity Could Signal Emerging Threat Activity warning – GreyNoise reports a significant increase in scanning activity targeting MOVEit Transfer systems, with over 300 unique IPs observed daily since May 27, 2025, indicating potential emerging threats and exploitation attempts. https://www.greynoise.io/blog/surge-moveit-transfer-scanning-activity

🦠 New Malware Embeds Prompt Injection to Evade AI Detection malware – A malware sample named Skynet attempts to use prompt injection to manipulate AI models for evasion, but the method fails against current LLMs. The article discusses its features and implications for future threats. https://research.checkpoint.com/2025/ai-evasion-prompt-injection/

🌐 Stealth China-linked ORB network gaining footholds in US, East Asia security research – A China-linked ORB network, dubbed 'LapDogs', has surpassed 1,000 devices, primarily in the US and East Asia, focusing on stealthy operations that complicate detection and attribution for espionage activities. https://cyberscoop.com/orb-network-china-lapdogs/

🔒 Up next on the KEV? All signs point to 'CitrixBleed 2' vulnerability – Citrix's new critical vulnerability, dubbed 'CitrixBleed 2', affects its NetScaler products, allowing attackers to read sensitive information without authentication. Experts warn of inevitable exploitation and urge immediate patching. https://go.theregister.com/feed/www.theregister.com/2025/06/24/critical_citrix_bug_citrixbleed/

🤔 The ‘16 billion password breach’ story is a farce security news – Recent reports of a 16 billion credential breach lack substantial evidence and are criticized by experts as recycled data from past leaks. The incident highlights the ongoing threat of infostealer malware and the need for better cybersecurity practices. https://cyberscoop.com/colossal-data-breach-16-billion-credentials-no-evidence-media-exaggeration/

💰 The State of Ransomware 2025 security research – The Sophos report reveals that exploited vulnerabilities and compromised credentials are major causes of ransomware attacks. While recovery rates are improving, ransom payments remain high, highlighting ongoing risks for organizations. https://news.sophos.com/en-us/2025/06/24/the-state-of-ransomware-2025/

---

CISA Corner

⚠️ CISA Adds Three Known Exploited Vulnerabilities to Catalog warning – CISA has added three vulnerabilities to its Known Exploited Vulnerabilities Catalog, including CVE-2024-54085, CVE-2024-0769, and CVE-2019-6693, highlighting significant risks to federal networks. https://www.cisa.gov/news-events/alerts/2025/06/25/cisa-adds-three-known-exploited-vulnerabilities-catalog

⚙️ CISA Releases Two Industrial Control Systems Advisories vulnerability – CISA issued two advisories on June 26, 2025, addressing vulnerabilities in Mitsubishi Electric Air Conditioning Systems and TrendMakers Sight Bulb Pro, urging users to review for mitigation details. https://www.cisa.gov/news-events/alerts/2025/06/26/cisa-releases-two-industrial-control-systems-advisories ⚙️ CISA Releases Eight Industrial Control Systems Advisories vulnerability – CISA issued eight ICS advisories on June 24, 2025, addressing vulnerabilities in various systems including Schneider Electric and Mitsubishi Electric, urging users to review for mitigation strategies. https://www.cisa.gov/news-events/alerts/2025/06/24/cisa-releases-eight-industrial-control-systems-advisories

🔒 New Guidance Released for Reducing Memory-Related Vulnerabilities security news – CISA and NSA released a guide to reduce memory-related vulnerabilities in software, advocating for the adoption of memory safe languages (MSLs) to enhance security in development practices. https://www.cisa.gov/news-events/alerts/2025/06/24/new-guidance-released-reducing-memory-related-vulnerabilities

---

While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun... Most of the articles are in English, but some current warnings might be in German.

“Комуникацията е жизненоважният мост между човешките съзнания – нейното отсъствие ражда бездни от недоразумения, в които се погубват мисли, чувства и намерения. Колко му е хората да започнат да си споделят повече притесненията и емоциите? “

Да споделиш е да се отвориш, да се отключиш, да се отдадеш. Всяко малко отдаване причинява страх, който все по-дълбоко копае навътре в черупката на комфорта и спокойствието. От друга страна, липсата на емоционална връзка със света те прави уязвим и склонен към крайности.

Ето какво казва Ursula K. Le Guin в The wave in the Mind за комуникацията:

“Кутия А и кутия В са свързани с тръба. Кутия А съдържа единица информация. Кутия А е предавателят, изпращачът. Тръбата е начинът, по който се предава информацията – тя е средата. А кутия В е приемникът. Те могат да редуват ролите си. Изпращачът, кутия А, кодира информацията по начин, подходящ за средата – в двоични битове, или пиксели, или думи, или каквото и да е, и я предава чрез средата на приемника, кутия В, който я получава и декодира.

А и В могат да се разглеждат като машини, например компютри. Те могат да се разглеждат и като умове. Или едната може да е машина, а другата – ум.

В повечето случаи на хора, които действително разговарят помежду си, човешката комуникация не може да бъде сведена до информация. Съобщението не само включва, то е връзка между говорещия и слушащия. Средата, в която е вградено съобщението, е изключително сложна, безкрайно повече от код: тя е език, функция на общество, култура, в която езикът, говорещият и слушащият са вградени.

В човешкия разговор, в живата, действителна комуникация между или сред човешки същества, всичко „предадено“ – всичко казано – е оформено по време на говорене от действителен или очакван отговор.

Живата човешка комуникация лице в лице е интерсубективна. Интерсубективността включва много повече от машинно-медиирания тип стимул-реакция, наричан в момента „интерактивен“. Изобщо не е стимул-реакция, нито механично редуване на предварително кодирано изпращане и получаване. Интерсубективността е взаимна. Тя е непрекъснат обмен между две съзнания. Вместо редуване на роли между кутия А и кутия В, между активен субект и пасивен обект, това е непрекъсната интерсубективност, която тече двупосочно през цялото време.

Моят личен модел за интерсубективност, или комуникация чрез реч, или разговор, е амеби, които се репродуцират. Както знаете, амебите обикновено се размножават, като просто тихо се оттеглят в ъгъла и се разделят на две амеби; но понякога условията показват, че малко генетичен обмен може да подобри местната популация и две от тях се събират, буквално, и се протягат една към друга и сливат псевдоподите си в малка тръбичка или канал, който ги свързва.

След това амеба А и амеба В обменят генетична „информация“, тоест буквално си дават вътрешни части от телата си, чрез канал или мост, който е направен от външни части на телата им. Те прекарват доста време, изпращайки части от себе си напред-назад, взаимно отговаряйки си.

Това е много подобно на това как хората се съединяват и си дават части от себе си – вътрешни части, умствени, а не телесни части – когато говорят и слушат.

Две амеби, които се съединяват по този начин, или двама души, които говорят, образуват общност от двама. Хората също могат да образуват общности от много, чрез постоянно изпращане и получаване на части от себе си и другите – тоест чрез говорене и слушане. Говоренето и слушането в крайна сметка са едно и също нещо.

Речта ни свързва толкова непосредствено и жизненоважно, защото тя е физически, телесен процес. Ако монтирате два стенни часовникови махала едно до друго на стената, те постепенно ще започнат да се люлеят заедно. Те се синхронизират взаимно, като улавят малки вибрации, които всеки предава през стената.

Всякакви две неща, които осцилират с приблизително един и същ интервал, ако са физически близо едно до друго, постепенно ще имат тенденцията да се „заключат“ и да пулсират точно с един и същ интервал. Нещата са лениви. Изисква по-малко енергия да пулсират съвместно, отколкото да пулсират в опозиция. Физиците наричат тази красива, икономична леност взаимно фазово синхронизиране, или „увличане“.

Всички живи същества са осцилатори. Ние вибрираме. Амеба или човек, ние пулсираме, движим се ритмично, променяме се ритмично; ние поддържаме ритъм. Можете да го видите в амебата под микроскоп, вибрираща в честоти на атомно, молекулярно, субклетъчно и клетъчно ниво. Това постоянно, деликатно, сложно туптене е самият процес на живота, направен видим.

Ние, огромните многоклетъчни същества, трябва да координираме милиони различни осцилационни честоти и взаимодействия между честотите в телата ни и нашата среда. Повечето от координацията се осъществява чрез синхронизиране на импулсите, чрез привеждане на ударите в главен ритъм, чрез „увличане“.

Подобно на двете махала, макар и чрез по-сложни процеси, двама души заедно могат взаимно да се фазово синхронизират. Успешните човешки взаимоотношения включват увличане – влизане в синхрон. Ако това не се случи, връзката е или некомфортна, или катастрофална. “

---

Катастрофата се получава, когато страна А или B не е предразположена към такъв обмен и се опитва да се отскубне от връзката с тръбата, ако въобще е била поставена. Това се случва (може би) по-лесно в XXI век, тъй като масовата култура подкрепя затвореността, нишовостта, разделението.

Divide et impera!

И все пак, не можем да спрем да се опитваме да говорим с хора, а особено трябва да вземем присърце и опитите (често синоним на провалите) да комуникираме и с по-затворените хора, които често имат толкова много да кажат.

---

As a profession, cyber/information security has been telling itself that it is “risk-based”, but often fails to live up to that in practice. We see this from hyping threats because they're cool and make for a good conference talk, to having to make a market for a new Gartner product category.

We therefore often mistake the possible for the probable, and the PoC for a Production threat we have to invest to fix. Nowhere is this more extreme than in post quantum cryptography (PQC) and the false urgency of fixing it now, just in case.

Crypto Agility and PQC

Don't get me wrong. Crypto agility and PQC are good things. It is good to know which libraries in your code provide crypto functions so you can keep them up-to-date, whether for PQC or otherwise. That is not the debate. What I have trouble with is the urgency on a problem that everybody agrees to isn't real yet. There are no working quantum computers. Estimates are 5 (optimistic) to 10 (more realistic) to 20 (maybe) years out. Are we still doing risk-based infosec if we're spending time and effort on a problem that realistically won't occur for years?

Are we, when most organizations can't even keep on top of known vulnerabilities or running an effective CSPM program? Between your phishing defense, ransomware resilience and XDR adoption, where does this rate?

“Harvest Now, Decrypt Later” isn't Real

“Oh, but adversaries could capture TLS traffic, store it till a later date and decrypt when quantum computers are viable”.

Yes. Theoretically. But TLS + storage for 10 years is not free – especially when you consider the volume of TLS traffic that runs across the internet on a continuous basis. Google Search gives me daily internet traffic volumes running from 33 exabytes to 0.4 zettabytes which is quite the range, but enough to make it clear that is “stupid scale”. Therefore, simply due to volume, any HNDL would have to be targeted. Unless you're a foreign government or critical industry, that almost certainly already puts you outside of danger.

But BGP Hijacks...

BGP hijacks do happen, where adversaries route vast traffic volumes through infrastructure they control. This is almost certainly to capture metadata, not to HNDL. Even after filtering, what worth is a snapshot of a few hours or days after a decade? At the very least you'd want a continuous stream.

BGP hijacks would be incredibly wasteful to adversaries – storing data in the hope a fragment of a conversation might one day prove useful.

What About Targeted Organizations or Journalists?

If you're a targeted organization watch your XDR and network detection! If you're a journalist, use safe modes and reboot often as surveillance tools targeting you are already on the market.

You're WRONG, I have Clearance and Know it Happens

Very good. And maybe it is, but that still doesn't mean it's a threat. Those adversaries may believe it and waste their time. And you should still start your crypto agility program if not already done, for reasons nothing to do with PQC. Either way, I am happy to admit I am wrong, if that proves to be the case a decade from now. I'll wear the badge “PQC, The One I Got Wrong”.

But I'll take those chances. At least as long as the front doors remain wide open in most of our organizations.

A weekly shortlist of cyber security highlights. The short summaries are AI generated! If something is wrong, please let me know!

---

News For All

🤔 WhatsApp is officially getting ads privacy – WhatsApp introduces ads in its Updates tab, using limited user data for personalization. While it promises not to misuse personal information, privacy concerns remain. https://www.theverge.com/news/687519/whatsapp-launch-advertising-status-updates

🔓 Hackers Leak Data of 10,000 VirtualMacOSX Customers in Alleged Breach data breach – A data breach at VirtualMacOSX exposed sensitive information of 10,000 customers, including personal and financial details, posing significant security risks and potential account takeovers. https://hackread.com/hackers-leak-virtualmacosx-customers-data-breach/

🎮 Minecraft Players Targeted in Sophisticated Malware Campaign malware – A malware campaign disguises itself as Minecraft mods, stealing sensitive data from players. This threat particularly targets the younger player base, raising significant security concerns. https://blog.checkpoint.com/research/minecraft-players-targeted-in-sophisticated-malware-campaign/

😟 Meta Users Feel Less Safe Since It Weakened ‘Hateful Conduct’ Policy, Survey Finds security news – A survey reveals that users feel increasingly unsafe on Meta platforms following weakened policies against harmful content, with many reporting exposure to hate speech and online harassment. https://www.404media.co/meta-users-feel-less-safe-since-it-weakened-hateful-conduct-policy-survey-finds/

🔒 The WIRED Guide to Protecting Yourself From Government Surveillance privacy – With increased government surveillance, individuals are urged to enhance privacy protections through encrypted communications, secure devices, and careful data management to safeguard against potential threats. https://www.wired.com/story/the-wired-guide-to-protecting-yourself-from-government-surveillance/

🚫 SEC withdraws cyber rules for investment companies, advisers security news – The SEC has retracted proposed cybersecurity regulations for investment firms, citing industry concerns that public disclosures could compromise security and divert focus from actual threats. https://cyberscoop.com/sec-withdrawals-cyber-rules-for-investment-companies-advisers/

🚔 Police dismantle Archetyp dark web drug market, arrest administrator cybercrime – Authorities have shut down Archetyp Market, a major dark web drug marketplace, arresting its administrator and seizing assets worth €7.8 million, disrupting a significant drug trafficking network. https://therecord.media/archetyp-market-dark-web-takedown-europol

🚨 Car-sharing giant Zoomcar says hacker accessed personal data of 8.4 million users data breach – Zoomcar reported a data breach affecting 8.4 million users, with names and phone numbers compromised. The company is enhancing security measures but has not confirmed if customers were notified. https://techcrunch.com/2025/06/16/car-sharing-giant-zoomcar-says-hacker-accessed-personal-data-of-8-4-million-users/

👁️ Emails Reveal the Casual Surveillance Alliance Between ICE and Local Police security news – Emails expose informal collaborations between local Oregon police and federal agencies like ICE, sharing surveillance tools and tactics, raising concerns about privacy and the extent of law enforcement surveillance. https://www.404media.co/emails-reveal-the-casual-surveillance-alliance-between-ice-and-local-police/

💸 Malicious Loan App Removed from iOS and Google Play App Store Posed Severe Risks to Users malware – The 'RapiPlata' app, posing as a loan service, harvested sensitive data from users and threatened them with false debts. It was downloaded by over 150K victims before removal. https://blog.checkpoint.com/research/malicious-loan-app-removed-from-ios-and-google-play-app-store-posed-severe-risks-to-users/

💻 Freedman HealthCare targeted by cyber extortionists data breach – Freedman HealthCare faces threats from an extortion gang claiming to have stolen sensitive data, potentially affecting millions. However, the company asserts that no protected health information was compromised. https://www.theregister.com/2025/06/16/extortionists_claim_freedman_healthcare_hack/

🔍 Minnesota Shooting Suspect Allegedly Used Data Broker Sites to Find Targets’ Addresses security news – The suspect in a Minnesota shooting allegedly used data broker sites to find the addresses of lawmakers he targeted, raising concerns about privacy and the dangers of accessible personal information. https://www.wired.com/story/minnesota-lawmaker-shootings-people-search-data-brokers/

📧 State-sponsored hackers compromised the email accounts of several Washington Post journalists security news – State-sponsored hackers compromised the Microsoft email accounts of several Washington Post journalists, potentially exposing sensitive work emails related to national security and economic policy. https://securityaffairs.com/179065/security/state-sponsored-hackers-compromised-the-email-accounts-of-several-washington-post-journalists.html

📚 AI Scraping Bots Are Breaking Open Libraries, Archives, and Museums security news – AI scraping bots are increasingly targeting libraries, archives, and museums, raising concerns about privacy and the potential misuse of easily accessible personal information. https://www.404media.co/ai-scraping-bots-are-breaking-open-libraries-archives-and-museums/

🎣 Arctic Wolf Observes Social Engineering Campaign Targeting IT Staff of Healthcare Providers to Reset User Credentials security news – The Arctic Wolf Threat Report highlights a social engineering campaign aimed at IT staff in healthcare, seeking to reset user credentials, emphasizing ongoing cybersecurity challenges in the sector. https://arcticwolf.com/resources/blog/arctic-wolf-observes-social-engineering-campaign-targeting-it-staff-of-healthcare-providers-reset-user-credentials/

🩺 More than 5 million affected by data breach at healthcare tech firm Episource data breach – Episource reported a data breach affecting over 5.4 million individuals, with stolen information including Social Security numbers and medical records. The company is working with law enforcement and customers to address the incident. https://therecord.media/5-million-affected-episource-data-breach

💔 A ransomware attack pushed the German napkin firm Fasana into insolvency cybercrime – Fasana, a German napkin manufacturer, filed for insolvency after a ransomware attack paralyzed operations, causing significant financial losses and halting production for two weeks. https://securityaffairs.com/179160/security/ransomware-attack-napkin-firm-fasana-insolvency.html

🔍 Attack on Oxford City Council exposes 21 years of staff data data breach – A cyberattack on Oxford City Council compromised 21 years of staff data related to elections, affecting current and former employees. The council is investigating and has assured the public of limited data access. https://www.theregister.com/2025/06/20/oxford_city_council_breach/

🛡️ Aflac duped by social-engineering attack, marking another hit on insurance industry cybercrime – Aflac disclosed a cyberattack on June 12, linked to social engineering tactics, marking it as the third insurance company targeted in a recent wave of attacks. No ransomware was detected. https://cyberscoop.com/aflac-cyberattack-insurance-sector-scattered-spider/

📞 Netflix, Apple, BofA sites hijacked with fake help numbers cybercrime – Scammers are hijacking search results for major companies like Netflix and Apple, tricking victims into calling fake support numbers to steal personal and financial information through manipulated ads. https://www.theregister.com/2025/06/20/netflix_apple_bofa_websites_hijacked/

---

Some More, For the Curious

🐠 How Long Until the Phishing Starts? About Two Weeks security news – A new Google Workspace account received targeted phishing emails just two weeks after creation, highlighting the need for security training for new hires to combat such threats. https://isc.sans.edu/diary/rss/32052

🤖 Cato CTRL™ Threat Research: WormGPT Variants Powered by Grok and Mixtral security research – Cato CTRL reports on new WormGPT variants that exploit uncensored LLMs for malicious purposes, showcasing how threat actors adapt existing models like Grok and Mixtral for cybercrime. https://www.catonetworks.com/blog/cato-ctrl-wormgpt-variants-powered-by-grok-and-mixtral/

🔐 Path Traversal Vulnerability Discovered in ZendTo vulnerability – A path traversal vulnerability in ZendTo versions 6.15-7 allows attackers to access sensitive user information. Users are urged to upgrade to version 6.15-8 to mitigate risks. https://horizon3.ai/attack-research/attack-blogs/cve-2025-34508-another-file-sharing-application-another-path-traversal/

⚠️ Dangerous by default: Insecure GitHub Actions found in MITRE, Splunk, and other open source repositories vulnerability – Sysdig's research reveals critical security gaps in GitHub Actions across popular open source projects, exposing secrets through insecure workflows like pullrequesttarget. Recommendations for securing CI/CD processes are provided. https://sysdig.com/blog/insecure-github-actions-found-in-mitre-splunk-and-other-open-source-repositories/

🛠️ libxml2 Maintainer Ends Embargoed Vulnerability Reports, Citing Unsustainable Burden security news – The maintainer of libxml2 has stopped supporting embargoed vulnerability reports, citing unsustainable demands on unpaid volunteers. This change reflects frustrations with big tech's reliance on open source without adequate support. https://socket.dev/blog/libxml2-maintainer-ends-embargoed-vulnerability-reports

🔒 Critical Vulnerability in Veeam Backup & Replication vulnerability – Veeam has announced a critical vulnerability (CVE-2025-23121) in Backup & Replication, allowing remote code execution by authenticated domain users. Users are urged to update immediately to mitigate risks. https://cert.europa.eu/publications/security-advisories/2025-021/

📞 How to Design and Execute Effective Social Engineering Attacks by Phone hacking write-up – John Malone outlines strategies for executing social engineering attacks via phone, emphasizing confidence, reconnaissance, and crafting believable ruses to manipulate targets into revealing sensitive information. https://www.blackhillsinfosec.com/how-to-design-and-execute-effective-social-engineering-attacks-by-phone/

💼 Qilin Offers “Call a lawyer” Button For Affiliates Attempting To Extort Ransoms From Victims Who Won't Pay cybercrime – The Qilin ransomware group has introduced a 'Call Lawyer' feature for affiliates, providing legal support to enhance ransom negotiations and exert pressure on victims, reflecting a disturbing professionalization of cybercrime. https://www.tripwire.com/state-of-security/qilin-offers-call-lawyer-button-affiliates-attempting-extort-ransoms-victims

🚫 Iran's government says it shut down internet to protect against cyberattacks security news – Iran's government confirmed a national internet blackout was ordered to protect against Israeli cyberattacks, severely limiting communication and information access for citizens amid ongoing conflicts. https://techcrunch.com/2025/06/20/irans-government-says-it-shut-down-internet-to-protect-against-cyberattacks/

🔑 Why Kerberoasting Still Matters for Security Teams cyber defense – Kerberoasting remains a prevalent and effective technique for attackers to gain credentials in Windows environments. Mitigation strategies include using strong passwords and auditing service accounts to reduce vulnerabilities. https://www.varonis.com/blog/kerberoasting-still-matters

🕵️‍♂️ Unusually patient suspected Russian hackers pose as State Department in ‘sophisticated’ attacks on researchers cybercrime – Suspected Russian hackers employed a sophisticated approach to compromise researcher Keir Giles' accounts, using social engineering and app-specific passwords to bypass security measures, showcasing a new level of patience and planning in cyberattacks. https://cyberscoop.com/russian-hackers-state-department-sophisticated-attacks-researchers-citizen-lab/

🔒 Severe Vulnerabilities in Citrix Products vulnerability – Citrix has identified two high-severity vulnerabilities in NetScaler ADC and Gateway, urging users to update to secure versions immediately to prevent exploitation. https://cert.europa.eu/publications/security-advisories/2025-022/

🐧 Linux flaws chain allows Root access across major distributions vulnerability – Researchers found two local privilege escalation vulnerabilities (CVE-2025-6018 and CVE-2025-6019) that can be chained to allow unprivileged users to gain root access on major Linux distributions. Users are urged to apply security patches. https://securityaffairs.com/179174/security/linux-flaws-chain-allows-root-access-across-major-distributions.html

🌐 Record DDoS pummels site with once-unimaginable 7.3Tbps of junk traffic security news – Cloudflare reported a record DDoS attack peaking at 7.3Tbps, flooding a target with 37.4TB of traffic in 45 seconds. The attack utilized UDP floods and reflection techniques, overwhelming the target's resources. https://arstechnica.com/security/2025/06/record-ddos-pummels-site-with-once-unimaginable-7-3tbps-of-junk-traffic/

🔑 Sitecore CMS flaw let attackers brute-force 'b' for backdoor vulnerability – A serious vulnerability in Sitecore CMS allows attackers to exploit hardcoded passwords and path traversal flaws, potentially leading to full system takeover for many high-profile companies. https://www.theregister.com/2025/06/17/sitecore_rce_vulnerabilities/

---

CISA Corner

⚠️ CISA Adds Two Known Exploited Vulnerabilities to Catalog warning – CISA has included two new vulnerabilities, targeting Apple and TP-Link, in its Known Exploited Vulnerabilities Catalog, highlighting active exploitation risks. https://www.cisa.gov/news-events/alerts/2025/06/16/cisa-adds-two-known-exploited-vulnerabilities-catalog ⚠️ CISA Adds One Known Exploited Vulnerability to Catalog warning – CISA has added a new Linux Kernel vulnerability to its Known Exploited Vulnerabilities Catalog, urging all organizations to prioritize remediation. https://www.cisa.gov/news-events/alerts/2025/06/17/cisa-adds-one-known-exploited-vulnerability-catalog

⚙️ CISA Releases Five Industrial Control Systems Advisories vulnerability – CISA issued five advisories on June 17, 2025, addressing vulnerabilities in Industrial Control Systems by Siemens, LS Electric, Fuji and Dover, urging users to review them for security details and mitigation strategies. https://www.cisa.gov/news-events/alerts/2025/06/17/cisa-releases-five-industrial-control-systems-advisories

---

While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun... Most of the articles are in English, but some current warnings might be in German.

One of the symptoms I hate the most in fibromyalgia is how it messes with my internal temperature perception. Whatever the season we're in, if I'm in pain, I'm sweating. If I do something that my body interprets as physical effort, I transform into a human sweat waterfall. Sometimes, things get even worse, and I feel so hot that I have trouble breathing.

Let me use today as an example. When I woke up, I brushed my teeth and then cleaned Chico's toilet. In a matter of seconds, my t-shirt was soaked in sweat, and my eyes were burning from the perspiration dripping from my forehead and into my eyes.

But it gets worse. Sometimes, I feel so hot that I have trouble breathing. And today was another example of that.

All of this because I woke up, got out of bed, brushed my teeth, and cleaned my cat's toilet. Just this.

There's an upside to this, though [I'm trying to look on the bright side of this, ok...]. Occasionally, before I start feeling the pain increasing, I start feeling crazy hot and sweating. This allows me to at least have a few moments to prepare myself for the upcoming pain increase. Those few moments can go from a few seconds to a few minutes, but never more than that, unfortunately.

Better than nothing, though 🤷.

#ChronicPain #Fibromyalgia #Pain

A weekly shortlist of cyber security highlights. The short summaries are AI generated! If something is wrong, please let me know!

---

News For All

🎭 Over 20 Malicious Crypto Wallet Apps Found on Google Play, CRIL Warns security research – More than 20 malicious apps on Google Play impersonate popular crypto wallets, tricking users into revealing their mnemonic phrases and risking their digital assets. https://thecyberexpress.com/new-crypto-phishing-campaign/

💾 US air traffic control still runs on Windows 95 and floppy disks security news – The FAA plans to replace outdated air traffic control systems still using Windows 95 and floppy disks, citing critical infrastructure needs despite skepticism about timely modernization. https://arstechnica.com/information-technology/2025/06/faa-to-retire-floppy-disks-and-windows-95-amid-air-traffic-control-overhaul/

☎️ A Researcher Figured Out How to Reveal Any Phone Number Linked to a Google Account vulnerability – A researcher exploited a vulnerability to uncover any Google account's linked phone number, raising privacy concerns for users at risk of SIM swapping. Google has since fixed the issue. https://www.wired.com/story/a-researcher-figured-out-how-to-reveal-any-phone-number-linked-to-a-google-account/

✈️ Airlines Don't Want You to Know They Sold Your Flight Data to DHS privacy – Major airlines sold U.S. travelers' flight data, including personal and financial details, to Customs and Border Protection, raising privacy concerns over surveillance and data transparency. https://www.404media.co/airlines-dont-want-you-to-know-they-sold-your-flight-data-to-dhs/

📹 40,000 cameras expose feeds to datacenters, health clinics privacy – Security researchers accessed 40,000 exposed cameras globally, including those in sensitive locations, raising privacy and espionage concerns as vulnerabilities could be exploited by both criminals and state actors. https://www.theregister.com/2025/06/10/40000_iot_cameras_exposed/

🛒 Ongoing cyberattack at US grocery distributor giant UNFI affecting customer orders cybercrime – UNFI is grappling with a cyberattack that disrupts operations and customer orders, leading to limited shipping and potential shortages in grocery stores. The company is working to restore systems. https://techcrunch.com/2025/06/10/ongoing-cyberattack-at-us-grocery-distributor-giant-unfi-affecting-customer-orders/

🛠️ Microsoft Patch Tuesday addresses 66 vulnerabilities, including an actively exploited zero-day vulnerability – Microsoft's latest security update fixed 66 vulnerabilities, including a zero-day exploited by the Stealth Falcon group for targeted attacks. Users are urged to patch systems due to widespread risks. https://cyberscoop.com/microsoft-patch-tuesday-june-2025/

🌐 DNS4EU: Die EU startet eigenen DNS-Resolver-Dienst mit optionalen Filtern privacy – Die EU hat DNS4EU eingeführt, einen eigenen DNS-Resolver-Dienst, der digitale Unabhängigkeit fördern soll. Nutzer können zwischen verschiedenen Filteroptionen wählen, während Datenschutz versprochen wird. https://www.kuketz-blog.de/dns4eu-die-eu-startet-eigenen-dns-resolver-dienst-mit-optionalen-filtern/

💼 Crooks posing as job hunters to malware-infect recruiters cybercrime – Cybercriminals from FIN6 are targeting recruiters by posing as job seekers and directing them to fake portfolio sites that deliver malware, enabling remote access and credential theft. https://www.theregister.com/2025/06/11/crooks_posing_job_hunters_target_recruiters/

🤖 AI Therapy Bots Are Conducting 'Illegal Behavior,' Digital Rights Organizations Say security news – Digital rights groups are urging the FTC to investigate Character.AI and Meta for unlicensed therapy bots misleading users about credentials and confidentiality, raising serious ethical concerns. https://www.404media.co/ai-therapy-bots-meta-character-ai-ftc-complaint/

⚠️ Angriffe mit manipulierten SVG warning – CERT.at warnt vor Phishing-Angriffen, die manipulierte SVG-Dateien als Anhänge nutzen, um JavaScript auszuführen und sensible Informationen zu stehlen. Sicherheitsmaßnahmen sind dringend erforderlich. https://www.cert.at/de/warnungen/2025/6/phishing-angriffe-mit-manipulierten-svg-dateien-vorsicht-geboten

🔒 Apple fixes new iPhone zero-day bug used in Paragon spyware hacks vulnerability – Apple has patched a zero-day vulnerability exploited by Paragon spyware to hack iPhones of two journalists, revealing the flaw was fixed in the February iOS update but not disclosed until now. https://techcrunch.com/2025/06/12/apple-fixes-new-iphone-zero-day-bug-used-in-paragon-spyware-hacks/

📢 How to Protest Safely in the Age of Surveillance privacy – With rising surveillance during protests, individuals should consider both physical and digital security. Key strategies include limiting phone use, using encrypted communication, and being cautious about online activity. https://www.wired.com/story/how-to-protest-safely-surveillance-digital-privacy/

🎣 “Anmeldung mit nicht erkanntem Gerät”: Phishing warning – Phishing attacks are using fake websites that mimic official ones, often with subtle changes in the URL, such as replacing a letter, to deceive victims into revealing sensitive information. https://www.watchlist-internet.at/news/phishing-attacke-paypal/

💻 Bert Ransomware: What You Need To Know cybercrime – Bert ransomware encrypts files and demands payment for decryption, also exfiltrating data. Victims are advised to contact hackers for recovery, emphasizing the need for strong cybersecurity measures. https://www.fortra.com/blog/bert-ransomware-what-you-need-know

👮 Dutch police identify users as young as 11-year-old on Cracked.io hacking forum security news – Dutch police identified 126 users from the dismantled Cracked.io hacking forum, including an 11-year-old, highlighting the involvement of young individuals in cybercrime. Authorities aim to educate and warn them about potential consequences. https://www.bitdefender.com/en-us/blog/hotforsecurity/dutch-police-cracked-io-hacking-forum

🎮 Exploiting Heroes of Might and Magic V vulnerability – The article discusses a vulnerability in Heroes of Might and Magic V related to how the game handles map files, allowing attackers to exploit the game's zip file processing to execute arbitrary code. https://www.synacktiv.com/publications/exploiting-heroes-of-might-and-magic-v.html

---

Some More, For the Curious

👾 Internet infamy drives The Com’s crime sprees cybercrime – The Com, a youth-driven cybercrime group, thrives on notoriety, engaging in serious crimes like sextortion and violence, fueled by economic pressures and a need for belonging. https://cyberscoop.com/the-com-subculture-infamy-crimes/

🔎 LinkedIn for OSINT: tips and tricks – Compass Security Blog hacking write-up – LinkedIn is a rich source for open-source intelligence, offering insights into individuals and companies. Caution is advised to maintain privacy while gathering useful data for assessments. https://blog.compass-security.com/2025/06/linkedin-for-osint-tips-and-tricks/

🏢 Breaking down ‘EchoLeak’, the First Zero-Click AI Vulnerability Enabling Data Exfiltration from Microsoft 365 Copilott vulnerability – Aim Labs discovered a zero-click AI vulnerability called EchoLeak in Microsoft 365 Copilot, enabling attackers to exfiltrate sensitive data without user interaction, highlighting critical security risks in AI applications. https://www.aim.security/lp/aim-labs-echoleak-blogpost

⚠️ High Severity Vulnerabilities in Gitlab Products vulnerability – GitLab released security updates addressing multiple high-severity vulnerabilities, including account takeover and XSS issues. Users are urged to update affected installations promptly. https://cert.europa.eu/publications/security-advisories/2025-020/

🛡️ Cyber resilience begins before the crisis security news – Microsoft's Deputy CISO emphasizes the importance of proactive planning and communication for cyber resilience, highlighting misconceptions, actionable steps, and the role of AI in improving response to cyber incidents. https://www.microsoft.com/en-us/security/blog/2025/06/12/cyber-resilience-begins-before-the-crisis/

🔐 Mitigating prompt injection attacks with a layered defense strategy cyber defense – Google addresses the rising threat of indirect prompt injection attacks on AI systems by implementing a layered defense strategy, including content classifiers, user confirmation, and URL redaction to enhance security. https://security.googleblog.com/2025/06/mitigating-prompt-injection-attacks.html

🪂 Paraguay is Being Targeted by Cybercriminals – 7.4 Million Citizen Records for Sale data breach – A significant data breach in Paraguay has exposed 7.4 million citizen records for sale on the dark web, linked to cybercriminals who demand a ransom. The incident highlights increasing cybersecurity threats in the region. https://www.resecurity.com/blog/article/paraguay-is-being-targeted-by-cybercriminals-74-million-citizen-records-for-sale

🪩 NTLM reflection is dead, long live NTLM reflection! – An in-depth analysis of CVE-2025-33073 security research – The article analyzes CVE-2025-33073, a vulnerability allowing NTLM reflection attacks, detailing its exploitation, patching process, and emphasizing the importance of SMB signing for enhanced security. https://www.synacktiv.com/en/publications/ntlm-reflection-is-dead-long-live-ntlm-reflection-an-in-depth-analysis-of-cve-2025.html

🔧 the Microsoft way (part 89): user group policies don't deserve tamper protection vulnerability – The article discusses vulnerabilities in user group policies on Windows, highlighting how unprivileged users can bypass restrictions by manipulating registry files. Recommendations for countermeasures are provided. https://seclists.org/fulldisclosure/2025/Jun/13

🎮 Hijacked Trust: How Malicious Actors Exploited Discord’s Invite System to Launch Global Multi-Stage Attacks cybercrime – Attackers hijacked expired Discord invite links to redirect users to malicious servers, using fake bots and phishing sites to steal credentials and deploy malware, primarily targeting cryptocurrency users. https://blog.checkpoint.com/research/hijacked-trust-how-malicious-actors-exploited-discords-invite-system-to-launch-global-multi-stage-attacks/

🏖️ Check Point Research Warns of Holiday-Themed Phishing Surge as Summer Travel Season Begins cybercrime – Phishing scams spike with over 39,000 new vacation-related domains; cybercriminals mimic trusted platforms to steal personal and payment information from travelers. https://blog.checkpoint.com/research/check-point-research-warns-of-holiday-themed-phishing-surge-as-summer-travel-season-begins/

🔌 The Growing Risk of Malicious Browser Extensions security research – Malicious browser extensions are increasingly hijacking user sessions and manipulating content, posing serious risks to privacy and security, with recent campaigns targeting sensitive data and financial information. https://socket.dev/blog/the-growing-risk-of-malicious-browser-extensions

🪞 Reflective Kerberos Relay Attack Against Domain vulnerability – The Reflective Kerberos Relay Attack allows low-privileged users to gain NT AUTHORITY\SYSTEM privileges on domain-joined Windows systems without SMB signing, posing a high security risk. A patch is available. https://www.redteam-pentesting.de/en/advisories/rt-sa-2025-002/

---

CISA Corner

💁 Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software Provider security news- CISA warns that ransomware actors are exploiting unpatched vulnerabilities in SimpleHelp RMM to compromise utility billing software providers, urging immediate action for software updates and mitigations. https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-163a

⚠️ CISA Adds Two Known Exploited Vulnerabilities to Catalog warning – CISA has added two vulnerabilities in Erlang/OTP SSH Server and Roundcube Webmail to their catalog. https://www.cisa.gov/news-events/alerts/2025/06/09/cisa-adds-two-known-exploited-vulnerabilities-catalog ⚠️ CISA Adds Two Known Exploited Vulnerabilities to Catalog warning – CISA has added two vulnerabilities in Wazuh and WebDAV to its KEV Catalog. https://www.cisa.gov/news-events/alerts/2025/06/10/cisa-adds-two-known-exploited-vulnerabilities-catalog

⚙️ CISA Releases Four Industrial Control Systems Advisories vulnerability – CISA issued four advisories addressing vulnerabilities in industrial control systems by SinoTrack, Hitachi, MicroDicom and Assured Telematics. https://www.cisa.gov/news-events/alerts/2025/06/10/cisa-releases-four-industrial-control-systems-advisories ⚙️ CISA Releases Ten Industrial Control Systems Advisories vulnerability – CISA has published ten advisories addressing vulnerabilities in various industrial control systems by Siemens, AVEVA and PTZOptics. https://www.cisa.gov/news-events/alerts/2025/06/12/cisa-releases-ten-industrial-control-systems-advisories

---

While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun... Most of the articles are in English, but some current warnings might be in German.

When I started university, I expected challenges, but not from my teammates. In my university, we had basic physics, chemistry, and calculus before continuing to more focused degree courses. I took a gap year after high school, so I worried I’d forgotten some of it. But I managed fine.

The surprise? My younger groupmates from industrial and environmental engineering — fresh out of high school — had forgotten even the basics. During physics and chemistry practicums, lab assistants would ask simple questions before we began (like formulas for free-fall motion). Out of six people in our group, only two of us could answer: me and one other. Worse, some didn’t even know how to zip files for task submission. But the problem wasn’t just my groupmates – some of the lab assistants were also clueless. I even debated with them because they were teaching students the wrong way to calculate error percentages during practicum. I reported them to the lecturer the next day. The lecturer accepted my complaint, but in class the following week he just told us to “understand the assistants” because they’re students too and can make mistakes. That wasn’t the point. I had already shown the assistants the correct method, but they were too arrogant – they insisted I was the one who couldn’t do math. I was furious. Imagine how many students had been taught the wrong thing by these people.

On social media, I see the same pattern: teens unable to answer basic questions like “What’s the capital of Central Java?” or “What’s 12 × 12?”. Sure, I was lazy in school too — people called me wasted potential — but I wasn’t this bad.

Young Indonesians are stuck at the lowest level of Bloom’s taxonomy:

• ✅ Remembering facts
• ❌ Understanding concepts
• ❌ Applying knowledge
• ❌ Analyzing ideas
• ❌ Evaluating situations
• ❌ Creating something new

Our schools drill memorization. That’s it. No focus on thinking, questioning, or solving problems.

From my perspective, the main causes are:

• Social media + online game addiction –> meaningless consumption –> weaker memory, impulsivity, anxiety, less empathy [source]. The deeper problem? Parents, teachers and even the government aren't prepared to guide healthy digital habits. They're trapped in the same cycle.
• No reading culture –> no curiosity, no new ideas [source]. But this also has a deeper problem. In my country, books are relatively expensive and are harder to reach for grass-roots. Making it hard to contain new information from analog writings.
• Black-and-white thinking –> no room for nuance or creativity. Our education system and media oversimplify complex issues. Critical thought is never encouraged.
• Cultural pressure to stay quiet –> Eastern values teach politeness and respect for authority, so students avoid asking questions or debating because they fear being seen as rude or attention-seeking. This value is so deeply rooted that breaking it risks social rejection, even when the intention is to learn.

See: Indonesian kids don’t know how stupid they are

#thoughts #society #education

To me, a web framework should make web development easy. What I call “easy” is being able to work alone and/or with other people — especially if I have front-end teammates. Since AdonisJS uses TypeScript, both the back-end and front-end can easily understand each other’s code without learning a new language they’ve never seen before.

I’m also looking for a fast framework at runtime. AdonisJS uses Node.js as its runtime, making it fast and offering better performance than frameworks based on popular scripting languages like Python, Ruby, or PHP. The libraries provided by the AdonisJS team on Adonis packages can also fulfill my basic needs for building a web app — though they’re not as rich as what other frameworks like Laravel offer.

AdonisJS also has out-of-the-box support for InertiaJS, which I always use to make full-stack development easy and fun, without needing separate configs to get the front-end and back-end working together. Want a minimal version, like API-only? AdonisJS has templates for that too.

Community is also a key part of what I want in a framework. The community on Discord is quite helpful, even though it’s not huge. A small community is a plus for me, since I can contribute packages and learn more about web engineering — not just be a web developer. Deployment is easy too; it just needs Docker to ship, and there’s a minimal Docker setup in the docs.

I’ve tried several frameworks like Express.js, Django, and Laravel. What I don’t like about Express.js is that it’s so minimal — I have to do everything by hand, which makes development slow (bad DX). It also uses plain JavaScript without types, which can raise runtime errors. I love Django, especially its “batteries included” philosophy, but I don’t enjoy writing Python. If there were an official Python that used braces instead of indentation, I might go back to Django. But since it uses Python, it doesn’t fit my definition of “easy” from the first paragraph — especially when working with front-end teammates who use JavaScript/TypeScript.

Laravel is good — AdonisJS is inspired by Laravel — but the team behind AdonisJS wanted a TypeScript version of Laravel. Personally, I don’t enjoy coding in PHP; using dollar signs for variables is bad DX for me.

I’d like to see the community grow so more people can contribute, improve packages, and enhance the documentation.

#learned #webdev

A weekly shortlist of cyber security highlights. The short summaries are AI generated! If something is wrong, please let me know!

---

News For All

😩 Teachers Are Not OK security news – Teachers express frustration over AI's impact on education, revealing challenges like grading AI-generated work, maintaining academic integrity, and witnessing students' declining critical thinking skills. https://www.404media.co/teachers-are-not-ok-ai-chatgpt/

🔒 Google fixed the second actively exploited Chrome zero vulnerability – Google patched three vulnerabilities in Chrome, including one actively exploited zero-day that allows attackers to trigger heap corruption via crafted HTML. Users should update to the latest version. https://securityaffairs.com/178560/hacking/google-fixed-the-second-actively-exploited-chrome-zero-day-since-the-start-of-the-year.html

🐊 Crocodilus malware adds fake entries to victims' contact lists in new scam campaign malware – Crocodilus, an evolving Android banking trojan, now inserts fake contacts to impersonate trusted sources, facilitating scams. It's spreading through malicious ads targeting financially stable users across multiple regions. https://therecord.media/crocodilus-android-malware-banking-fraud

❎ Twitter launches 'XChat' encrypted DMs with big caveats security news – Elon Musk's X platform introduces 'XChat' with encryption and file-sharing features, but experts doubt its security claims, citing potential lack of true end-to-end encryption and centralized data control. https://www.theregister.com/2025/06/03/xs_new_encrypted_xchat_feature/

🤬 Meta and Yandex are de-anonymizing Android users’ web browsing identifiers privacy – Meta and Yandex are using tracking code to de-anonymize Android users by exploiting browser protocols, allowing them to link web activity to app identities. Google is investigating these practices. https://arstechnica.com/security/2025/06/meta-and-yandex-are-de-anonymizing-android-users-web-browsing-identifiers/

🧑‍🌾 How the Farm Industry Spied on Animal Rights Activists and Pushed the FBI to Treat Them as Bioterrorists security news – Internal documents reveal a collaboration between the agricultural industry and the FBI to surveil animal rights activists, branding them as bioterrorists while using corporate spies to infiltrate their groups. https://www.wired.com/story/fbi-wmdd-dxe-animal-agriculture-alliance/

💍 Cartier disclosed a data breach following a cyber attack data breach – Cartier reported a data breach that exposed limited customer information, including names and email addresses, following a cyberattack. The company is enhancing security and cooperating with authorities. https://securityaffairs.com/178601/data-breach/cartier-disclosed-a-data-breach-following-a-cyber-attack.html

💼 Google warns of cybercriminals targeting Salesforce app to steal data, extort companies cybercrime – Cybercriminals, known as UNC6040, are exploiting Salesforce's Data Loader tool to steal sensitive data and extort companies. The group uses vishing tactics to trick employees into granting access. https://therecord.media/google-warns-cybercriminals-targeting-salesforce-apps

🔍 Apple Gave Governments Data on Thousands of Push Notifications privacy – Apple disclosed that it provided governments with data on thousands of push notifications, revealing device identities and sometimes unencrypted content, highlighting the extent of governmental data requests. https://www.404media.co/apple-gave-governments-data-on-thousands-of-push-notifications/

💻 Feds seize 145 domains associated with BidenCash cybercrime platform cybercrime – U.S. authorities seized 145 domains and cryptocurrency funds linked to BidenCash, a cybercrime marketplace that trafficked over 15 million stolen credit card numbers, generating $17 million in illicit revenue. https://cyberscoop.com/bidencash-marketplace-domains-seized/

🎸 Musikhaus Thomann: Kriminelle locken in Fake warning – The official Thomann online store is only accessible at thomann.de, with country-specific versions available at respective domains. Any other addresses are fake sites attempting to deceive users. https://www.watchlist-internet.at/news/musikhaus-thomann-fake-shops/

💰 DOJ seizes $7.7M from crypto funds linked to North Korea’s IT worker scheme security news – Federal authorities seized $7.74 million linked to North Korean IT workers illegally employed abroad, funneling wages to the regime. The operation exploits remote contracting and cryptocurrency to evade U.S. sanctions. https://cyberscoop.com/doj-seizure-crypto-north-korea-it-workers/

🚫 OpenAI takes down ChatGPT accounts linked to state-backed hacking, disinformation cybercrime – OpenAI banned accounts using ChatGPT for illicit activities, including malware refinement, social media disinformation, and employment scams tied to North Korea. The operations exploited ChatGPT for various cybercriminal purposes. https://therecord.media/openai-takes-down-chatgpt-accounts-hacking

💔 Marks & Spencer's ransomware nightmare – more details emerge cybercrime – Marks & Spencer suffered a severe ransomware attack, disrupting operations and leading to £40 million in lost sales weekly. The DragonForce group claimed responsibility, stealing customer data and highlighting M&S's cybersecurity vulnerabilities. https://www.bitdefender.com/en-us/blog/hotforsecurity/marks-spencers-ransomware-nightmare-more-details-emerge

🦠 Millions of low-cost Android devices turn home networks into crime platforms cybercrime – The FBI warns that millions of low-cost Android devices are infected with BadBox malware, turning home networks into crime platforms. Users are urged to evaluate and potentially replace suspicious devices. https://arstechnica.com/security/2025/06/millions-of-low-cost-android-devices-turn-home-networks-into-crime-platforms/

🧑‍⚖️ Italian lawmakers say Italy used spyware to target phones of immigration activists, but not against journalist privacy – An Italian parliamentary committee confirmed the government used Paragon spyware to target immigration activists but found no evidence against journalist Francesco Cancellato. The investigation raises questions about who targeted him and the use of spyware in Italy. https://techcrunch.com/2025/06/06/italian-lawmakers-say-italy-used-spyware-to-target-phones-of-immigration-activists-but-not-against-journalist/

😨 Ransomware scum leak patient data after disrupting services cybercrime – Kettering Health faces potential patient data leaks following a ransomware attack by Interlock, which disrupted services and canceled appointments. The leaked data reportedly includes sensitive information, though verification is pending. https://www.theregister.com/2025/06/04/ransomware_scum_leak_kettering_patient_data/

---

Some More, For the Curious

🛠️ Experts published a detailed analysis of Cisco IOS XE WLC flaw CVE vulnerability – A critical vulnerability in Cisco IOS XE WLC could allow remote attackers to upload files and execute commands. Users should disable the affected feature until a fix is applied. https://securityaffairs.com/178497/security/cisco-ios-xe-wlc-flaw-cve-2025-20188.html

💰 Illicit crypto-miners pouncing on insecure DevOps tools cybercrime – A campaign by attackers named JINX–0132 exploits misconfigured DevOps tools like HashiCorp Nomad, Consul, Docker API, and Gitea, risking theft of cloud resources for cryptocurrency mining. https://www.theregister.com/2025/06/03/illicit_miners_hashicorp_tools/

🐳 How to find container-based threats in host-based logs security research – Containers pose security risks despite their isolation, as they share the host kernel. This article outlines methods for threat hunters to analyze host logs to identify container-based threats. https://securelist.com/host-based-logs-container-based-threats/116643/

❤️‍🔥 The strange tale of ischhfd83: When cybercriminals eat their own security research – Sophos X-Ops uncovered a scheme where the Sakura RAT, designed to target cybercriminals, was itself backdoored, revealing a network of malicious repositories aimed at unsuspecting users, particularly gamers and novice hackers. https://news.sophos.com/en-us/2025/06/04/the-strange-tale-of-ischhfd83-when-cybercriminals-eat-their-own/

⚠️ HPE StoreOnce Faces Critical CVE-2025-37093 Vulnerability — Urges Immediate Patch Upgrade vulnerability – HPE disclosed eight vulnerabilities in StoreOnce, with CVE-2025-37093 being critical due to authentication bypass. Users are urged to upgrade to version 4.3.11 immediately to mitigate risks. https://thecyberexpress.com/cve-2025-37093-hits-hpe-storeonce-systems/

🗨️ The Texting Network for the End of the World security news – This article highlights key topics on online privacy protection, the Matter smart home standard, deepfake scams, Google searches in criminal cases, and updates from Google's I/O 2025 conference. https://www.wired.com/story/youre-not-ready-for-phone-dead-zones/

🔒 Critical flaw in Cisco ISE impacts cloud deployments on AWS, Microsoft Azure, and Oracle Cloud Infrastructure vulnerability – Cisco fixed a critical vulnerability (CVE-2025-20286) in its Identity Services Engine, allowing unauthenticated attackers to exploit shared credentials across cloud deployments on AWS, Azure, and OCI. Administrators are urged to implement mitigations. https://securityaffairs.com/178659/uncategorized/critical-flaw-in-cisco-ise-impacts-cloud-deployments-on-aws-microsoft-azure-and-oracle-cloud-infrastructure.html

💻 Attackers exploit Fortinet flaws to deploy Qilin ransomware security news – Qilin ransomware is exploiting Fortinet vulnerabilities, including CVE-2024-21762 and CVE-2024-55591, to gain remote code execution and target organizations, particularly in Spanish-speaking countries. The group uses double extortion tactics. https://securityaffairs.com/178736/hacking/attackers-exploit-fortinet-flaws-to-deploy-qilin-ransomware.html

⚙️ RCEs and more in the KUNBUS GmbH Revolution Pi PLC vulnerability – Four new vulnerabilities in KUNBUS GmbH's Revolution Pi PLC were discovered, two allowing unauthenticated remote code execution. Users are advised to implement mitigations and upgrade firmware to enhance security. Comment: my former colleagues should take a look at this ;) https://www.pentestpartners.com/security-blog/rces-and-more-in-the-kunbus-gmbh-revolution-pi-plc/

💳 Root Shell on Credit Card Terminal hacking write-up – The article details a security research project on the Worldline Yomani XR payment card terminal, revealing vulnerabilities, tamper protections, and an exposed root shell. The findings highlight significant security concerns in embedded systems. https://stefan-gloor.ch/yomani-hack

🎮 Blitz Malware: A Tale of Game Cheats and Code Repositories malware – Blitz malware, discovered in 2024, exploits backdoored game cheats for distribution and utilizes Hugging Face for command and control infrastructure. The malware operates in two stages: a downloader and a bot payload, with functions including keylogging and cryptocurrency mining. https://unit42.paloaltonetworks.com/blitz-malware-2025/

😱 Camera and Microphone Spying Using Chromium Browsers security research – A dangerous Chromium command allows websites to access cameras and microphones without user consent, enabling continuous recording without any visible indication. https://mrd0x.com/spying-with-chromium-browsers-camera/

---

CISA Corner

⚠️ CISA Adds Five Known Exploited Vulnerabilities to Catalog warning – CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, highlighting serious risks to federal networks and urging timely remediation for all organizations. https://www.cisa.gov/news-events/alerts/2025/06/02/cisa-adds-five-known-exploited-vulnerabilities-catalog ⚠️ CISA Adds Three Known Exploited Vulnerabilities to Catalog warning – CISA has added three Qualcomm vulnerabilities to its Known Exploited Vulnerabilities Catalog, emphasizing their significant risk to federal networks and urging timely remediation. https://www.cisa.gov/news-events/alerts/2025/06/03/cisa-adds-three-known-exploited-vulnerabilities-catalog ⚠️ CISA Adds One Known Exploited Vulnerability to Catalog warning – CISA added CVE-2025-5419, a critical out-of-bounds vulnerability in Google Chromium's V8, to its Known Exploited Vulnerabilities Catalog, urging organizations to prioritize remediation to mitigate risks. https://www.cisa.gov/news-events/alerts/2025/06/05/cisa-adds-one-known-exploited-vulnerability-catalog

⚙️ CISA Releases Three Industrial Control Systems Advisories vulnerability – CISA has issued three advisories addressing vulnerabilities in Schneider Electric and Mitsubishi Electric ICS products. Users are urged to review the advisories for security measures and technical details. https://www.cisa.gov/news-events/alerts/2025/06/03/cisa-releases-three-industrial-control-systems-advisories ⚙️ CISA Releases Seven Industrial Control Systems Advisories vulnerability – CISA has issued seven advisories detailing vulnerabilities and security issues in various Industrial Control Systems, urging users to review for necessary updates and mitigations. https://www.cisa.gov/news-events/alerts/2025/06/05/cisa-releases-seven-industrial-control-systems-advisories

🛡️ Updated Guidance on Play Ransomware security news – CISA, FBI, and ASD's ACSC released updated guidance on Play ransomware, detailing new tactics and IOCs. They recommend multifactor authentication, offline backups, and software updates for mitigation. https://www.cisa.gov/news-events/alerts/2025/06/04/updated-guidance-play-ransomware

---

While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun... Most of the articles are in English, but some current warnings might be in German.

WriteFreely is very similar to and may be a sister project of WordPress. However, after following the Fediverse instances, regardless of potential issues, the truth is that there is no such WordPress.org-based server that supports external accounts thus far.

Welcome to the Fediverse!