NEW: Researchers say hundreds of Cisco customers are vulnerable to the newly revealed Chinese government-backed hacking campaign.
It appears the attacks right now “are targeted,” according to Shadowserver’s chief executive Piotr Kijewski. Censys for now only sees 220 exposed systems.
Cisco warned that Chinese government hackers are exploiting a zero-day in some of its products. Researchers now say there are hundreds of vulnerable Cisco customers.
Hackaday Podcast Episode 350: Damnation for Spreadsheets, Praise for Haiku, and Admiration for the Hacks In Between
This week’s Hackaday Podcast sees Elliot Williams joined by Jenny List for an all-European take on the week, and have we got some hacks for you!
In the news this week is NASA’s Maven Mars Orbiter, which may sadly have been lost. A sad day for study of the red planet, but at the same time a chance to look back at what has been a long and successful mission.
In the hacks of the week, we have a lo-fi camera, a very refined Commodore 64 laptop, and a MIDI slapophone to entertain you, as well as taking a detailed look at neutrino detectors. Then CYMK printing with laser cut stencils draws our attention, as well as the arrival of stable GPIB support for Linux. Finally both staffers let loose; Elliot with an epic rant about spreadsheets, and Jenny enthusiastically describing the Haiku operating system.
Check o
... mostra di più
Hackaday Podcast Episode 350: Damnation for Spreadsheets, Praise for Haiku, and Admiration for the Hacks In Between
This week’s Hackaday Podcast sees Elliot Williams joined by Jenny List for an all-European take on the week, and have we got some hacks for you!
In the news this week is NASA’s Maven Mars Orbiter, which may sadly have been lost. A sad day for study of the red planet, but at the same time a chance to look back at what has been a long and successful mission.
In the hacks of the week, we have a lo-fi camera, a very refined Commodore 64 laptop, and a MIDI slapophone to entertain you, as well as taking a detailed look at neutrino detectors. Then CYMK printing with laser cut stencils draws our attention, as well as the arrival of stable GPIB support for Linux. Finally both staffers let loose; Elliot with an epic rant about spreadsheets, and Jenny enthusiastically describing the Haiku operating system.
Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!
The Kodak Charmera is a tiny keychain camera produced by licencing out the name of the famous film manufacturer, and it’s the current must-have cool trinket among photo nerds. Inside is a tiny sensor and a fixed-focus M7 lens, and unlike many toy cameras it has better quality than its tiny package might lead you to expect. There will always be those who wish to push the envelope though, and [微攝 Macrodeon] is here to fit a lens mount for full-size lenses (Chinese language, subtitle translation available).
The hack involves cracking the camera open and separating the lens mount from the sensor. This is something we’re familiar with from other cameras, and it’s a fiddly process which requires a lot of care. A C-mount is then glued to the front, from which all manner of othe
... mostra di più
Attach a Full Size Lens to a Tiny Camera
The Kodak Charmera is a tiny keychain camera produced by licencing out the name of the famous film manufacturer, and it’s the current must-have cool trinket among photo nerds. Inside is a tiny sensor and a fixed-focus M7 lens, and unlike many toy cameras it has better quality than its tiny package might lead you to expect. There will always be those who wish to push the envelope though, and [微攝 Macrodeon] is here to fit a lens mount for full-size lenses (Chinese language, subtitle translation available).
The hack involves cracking the camera open and separating the lens mount from the sensor. This is something we’re familiar with from other cameras, and it’s a fiddly process which requires a lot of care. A C-mount is then glued to the front, from which all manner of other lenses can be attached using a range of adapters. The focus requires a bit of effort to set up and we’re guessing that every lens becomes extreme telephoto due to the tiny sensor, but we’re sure hours of fun could be had.
Amigos de Mastodon, se va terminando esta jornada de Viernes, por tanto llega el instante adecuado para descansar. Ojalá cada uno de ustedes hayan aprovechado de la mejor forma esta jornada. Saludos.🤗🤗🤗🤗
Surplus Industrial Robot Becomes two-ton 3D Printer
As the saying goes — when life gives you lemons, you make lemonade. When life gives you a two-ton surplus industrial robot arm, if you’re [Brian Brocken], you apparently make a massive 3D printer.
The arm in question is an ABB IRB6400, a serious machine that can sling 100 to 200 kilograms depending on configuration. Compared to that, the beefiest 3D printhead is effectively weightless, and the Creality Sprite unit he’s using isn’t all that beefy. Getting the new hardware attached uses (ironically) a 3D printed mount, which is an easy enough hack. The hard work, as you might imagine, is in software.
As it turns out, there’s no profile in Klipper for this bad boy. It’s 26-year-old contr
... mostra di più
Surplus Industrial Robot Becomes two-ton 3D Printer
As the saying goes — when life gives you lemons, you make lemonade. When life gives you a two-ton surplus industrial robot arm, if you’re [Brian Brocken], you apparently make a massive 3D printer.
The arm in question is an ABB IRB6400, a serious machine that can sling 100 to 200 kilograms depending on configuration. Compared to that, the beefiest 3D printhead is effectively weightless, and the Creality Sprite unit he’s using isn’t all that beefy. Getting the new hardware attached uses (ironically) a 3D printed mount, which is an easy enough hack. The hard work, as you might imagine, is in software.
As it turns out, there’s no profile in Klipper for this bad boy. It’s 26-year-old controller doesn’t even speak G-code, requiring [Brian] to feed the arm controller the “ABB RAPID” dialect it expects line-by-line, while simultaneously feeding G-code to the RAMPS board controlling the extruder. If you happen to have the same arm, he’s selling the software that does this. Getting that synchronized reliably was the biggest challenge [Brian] faced. Unfortunately that means things are slowed down compared to what the arm would otherwise be able to do, with a lot of stop-and-start on complex models, which compromises print quality. Check the build page above for more pictures, or the video embedded below.
[Brian] hopes to fix that by making better use of the ABB arm’s controller, since it does have enough memory for a small buffer, if not a full print. Still, even if it’s rough right now, it does print, which is not something the engineers at ABB probably ever planned for back before Y2K. [Brian]’s last use of the arm, carving a DeLorean out of styrofoam, might be closer to the original design brief.
As one might expect, it all starts with a Server Side Request Forgery (SSRF). That’s a flaw where sending traffic to a server can manipulate something on the server side to send a request somewhere else. The trick here is that a webhook worker can be primed to po
... mostra di più
This Week in Security: PostHog, Project Zero Refresh, and Thanks For All the Fish
As one might expect, it all starts with a Server Side Request Forgery (SSRF). That’s a flaw where sending traffic to a server can manipulate something on the server side to send a request somewhere else. The trick here is that a webhook worker can be primed to point at localhost by sending a request directly to a system API.
One of the systems that powers a PostHog install is the Clickhouse database server. This project had a problem in how it sanitized SQL requests, namely attempting to escape a single quote via a backslash symbol. In many SQL servers, a backslash would properly escape a single quote, but Clickhouse and other Postgresql servers don’t support that, and treat a backslash as a regular character. And with this, a read-only SQL API is vulnerable to SQL injection.
These vulnerabilities together just allow for injecting an SQL string to create and run a shell command from within the database, giving an RCE and remote shell. The vulnerabilities were reported through ZDI, and things were fixed earlier this year.
FreePBX
Speaking of SQL injections, FreePBX recently fixed a handful of SQL injections and an authentication bypass, and researchers at horizon3.ai have the scoop. None of these particular issues are vulnerable without either questionable configuration changes, or access to a valid PHP session ID token. The weakness here seems to be a very similar single quote injection.
Another fun SQL injection in FreePBX requires the authorization type swapped to webserver. But with that setting in place, an injected authentication header with only a valid user name is enough to pull off an SQL injection. The attack chosen for demonstration was to add a new user to the users table. This same authentication header spoof can be used to upload arbitrary files to the system, leading to an easy webshell.
Google Project Zero’s Refresh
We’ve often covered Google’s Project Zero on this column, as their work is usually quite impressive. As their blog now points out, the homepage design left something to be desired. That’s changed now, with a sleek and modern new look! And no, that’s not actually newsworthy here; stop typing those angry comments. The real news is the trio of new posts that came with the refresh.
The most recent is coverage of a VirtualBox VM excape via the NAT network driver. It’s covering a 2017 vulnerability, so not precisely still relevant, but still worth a look. The key here is a bit of code that changes the length of the data structure based on the length of the IP header. Memory manipulation from an untrusted value. The key to exploitation is to manipulate memory to control some of the memory where packets are stored. Then use IP fragmentation packets to interleave that malicious data together and trigger the memory management flaw.
The second post is on Windows exploitation through race conditions and path lookups. This one isn’t an exploit, but an examination of techniques that you could use to slow the Windows kernel down, when doing a path lookup, to exploit a race condition. The winner seems to be a combination of nested directories, with shadow directories and symbolic links. This combination can cost the kernel a whopping three minutes just to parse a path. Probably enough time.
The third entry is on an image-based malware campaign against Samsung Android phones. Malicious DNG files get processed by the Quram image processing library on Samsung devices. DNG images are a non-proprietary replacement for .raw image files, and the DNG format even includes features like embedding lens correction code right in the file format. This correction code is in the form of opcodes, that are handled very much like a script or small program on the host device. The Quram library didn’t handle those programs safely, allowing them to write outside of the allocated memory for the image.
Bits and Bytes
The E-note domain and servers have been seized by law enforcement. It’s believed that $70 million worth of ransomware and cryptocurrency theft has passed through this exchange service, as part of a money laundering operation. A Russian national has been named as the man behind the service, and an indictment has been made, but it seems that no actual arrests have been made.
And lastly, on a personal note: Thank you to all the readers of this column over the last six years, and to the Hackaday editors for making it happen. I’ve found myself in the position of having four active careers at once, and with the birth of my son in November, I have four children as well. Something has to give, and it’s not going to be any of the kids, so it’s time for me to move on from a couple of those careers. This Week in Security has been a blast, ever since the first installment back in May of 2019. With any luck, another writer will pick up the mantle early next year. (Editor’s note: We’re working on it, but we’ll miss you!)
Vulnerabilità critica in FreeBSD: eseguibile codice arbitrario via IPv6
Una nuova vulnerabilità nei componenti FreeBSD responsabili della configurazione IPv6 consente l’esecuzione remota di codice arbitrario su un dispositivo situato sulla stessa rete locale dell’aggressore. Il problema riguarda tutte le versioni supportate del sistema operativo e richiede un’azione immediata per proteggere i dispositivi.
È stata scoperta una vulnerabilità nelle utility “rtsold” e “rtsol“, utilizzate per elaborare i messaggi pubblicitari del router come parte del meccanismo di configurazione automatica degli indirizzi IPv6. È stato scoperto che questi programmi non convalidano il parametro del suffisso di dominio passato in tali messaggi, inviandolo di
... mostra di più
Vulnerabilità critica in FreeBSD: eseguibile codice arbitrario via IPv6
Una nuova vulnerabilità nei componenti FreeBSD responsabili della configurazione IPv6 consente l’esecuzione remota di codice arbitrario su un dispositivo situato sulla stessa rete locale dell’aggressore. Il problema riguarda tutte le versioni supportate del sistema operativo e richiede un’azione immediata per proteggere i dispositivi.
È stata scoperta una vulnerabilità nelle utility “rtsold” e “rtsol“, utilizzate per elaborare i messaggi pubblicitari del router come parte del meccanismo di configurazione automatica degli indirizzi IPv6. È stato scoperto che questi programmi non convalidano il parametro del suffisso di dominio passato in tali messaggi, inviandolo direttamente all’utility “resolvconf“, responsabile dell’aggiornamento della configurazione DNS.
Tuttavia, “resolvconf” è scritto come uno script shell e non filtra i dati in arrivo. L’assenza di escape implica che qualsiasi codice dannoso passato tramite il parametro domain list può essere eseguito sul sistema. Pertanto, un aggressore sulla stessa subnet può eseguire comandi sul dispositivo di destinazione senza richiedere privilegi di amministratore o interazioni precedenti.
Secondo gli sviluppatori di FreeBSD , il problema è limitato alle reti locali, poiché gli annunci del router non vengono instradati e non possono attraversare i confini dei segmenti di rete. Tuttavia, riguarda tutti i sistemi che utilizzano l’autoconfigurazione IPv6, in particolare le interfacce con il flag “ACCEPT_RTADV” abilitato, verificabile tramite “ifconfig“.
Per gli utenti che non utilizzano IPv6, non vi è alcun rischio. In caso contrario, si consiglia di aggiornare urgentemente il sistema all’ultima versione.
Gli aggiornamenti sono ora disponibili per tutte le branch di FreeBSD supportate, incluse le versioni 15.0, 14.3 e 13.5. L’aggiornamento è possibile sia tramite il meccanismo di patching binario integrato sia applicando modifiche al codice sorgente.
L’identificatore della vulnerabilità registrata è CVE-2025-14558. Le correzioni sono state pubblicate il 16 dicembre 2025 e sono incluse nei rami stabile e di rilascio di FreeBSD.
Cybersicurezza, senza cultura digitale l’Italia preda dei pirati” Rubrica Pillole di Eta Beta andata in onda su Rai Radio 1 alle 11.45, con ospite Arturo Di Corinto, consigliere dell’Agenzia per la cybersicurezza nazionale
@Politica interna, europea e internazionale Dal 23 al 25 gennaio il Palazzo Ducale di Genova ospiterà “Democrazia alla prova”, una tre giorni di dibattiti organizzata dal Forum Disuguaglianze e Diversità e dal Palazzo Ducale e curata in particolare dall’ex ministro Fabrizio Barca (co-coordinatore
Proviamo anche NodeBB. Anzi, proviamole tutte. Ogni strumento è un ponte possibile, ogni tentativo è un passo in più per far sedere gli admin delle istanze italiane allo stesso tavolo — non per “vincere” una discussione, ma per costruire collaborazione.
Proviamo anche NodeBB. Anzi, proviamole tutte. Ogni strumento è un ponte possibile, ogni tentativo è un passo in più per far sedere gli admin delle istanze italiane allo stesso tavolo — non per “vincere” una discussione, ma per costruire collaborazione. Perché ricordiamocelo, il vero problema non siamo noi. Non è “tra di noi” che si gioca la partita. Il fastidio lo diamo altrove, a quei social commerciali che prosperano su rumore, dipendenza e recinti dorati. E se gli diamo fastidio… significa che stiamo facendo qualcosa di giusto. 😄 Quindi basta con le zavorre, lasciamo dietro il passato. Mettiamo davanti l’unica cosa che conta, il futuro. E già che ci siamo… facciamolo esistere. Perché sì, se ne avremo uno, dipende anche da quanto siamo capaci di parlarci, coordinarci, e remare nella stessa direzione.
follow #hashtags, using #Channels; or a better way?
@Friendica Support hello, i would like some help please to understand how to solve my confusion about the "right" way to follow #hashtags, using #Channels ... or otherwise some better way.
i follow a large number of hashtags [as a glance at my profile would attest]. afaict / afaik, fediverse posts bearing these tags appear [or are supposed to] in my "Network" timeline [with "Everybody" Circle & "Latest posts" Channel selected].
of my many tags, possibly my most "important" ones are #AusPol, #FOSS, & #Linux. in order to be able to efficiently locate all posts with these tags each day, rather than have to meticulously scroll down the full "
... mostra di più
@Friendica Support hello, i would like some help please to understand how to solve my confusion about the "right" way to follow #hashtags, using #Channels ... or otherwise some better way.
i follow a large number of hashtags [as a glance at my profile would attest]. afaict / afaik, fediverse posts bearing these tags appear [or are supposed to] in my "Network" timeline [with "Everybody" Circle & "Latest posts" Channel selected].
of my many tags, possibly my most "important" ones are #AusPol, #FOSS, & #Linux. in order to be able to efficiently locate all posts with these tags each day, rather than have to meticulously scroll down the full "Network" timeline [which is dissipated via also having all the other tags, & all my Followed accounts' posts], in Settings i created three dedicated Channels [one for each of those tags, ofc]. then i added each of those custom Channels to my Timelines, in Display Settings.
however, the result is just hopeless; really disappointing & frustrating. over recent years i have had several Friendica accounts, ie, at several instances, & doing the above has never worked properly in any of them, not only my current instance.
using the AusPol Channel for example, as it is the worst by far, every time i check it, its most recent post is several hours old, & often as bad as 12 - 18 hours old, with numerous other posts entirely missing.
i say "missing" because otoh, reviewing my Saved Search for #AusPol shows all these other posts, which therefore also appear, buried, in my full "Network" timeline.
over the months & years in exasperation, i have revisited the dedicated Channels in Settings, & for the Circle/Channel field have tried each of Latest posts, Latest Creation, Global community, & Latest activity, but none of them has solved the problem [indeed, a few make it even worse!].
please, what am i doing wrong? what aspect of Friendica's Settings have i been consistently misunderstanding / misusing, that causes this disappointment?
Fuoriposto, Giarre, Piazza Mazzini, 15, venerdì 26 dicembre alle ore 21:00 CET
𝐕𝐄𝐍𝐄𝐑𝐃Ì 𝟐𝟔 𝐃𝐈𝐂𝐄𝐌𝐁𝐑𝐄 • 𝐃𝐀𝐋𝐋𝐄 𝟐𝟏:𝟎𝟎
Emanuele Piazza, aka 𝗠𝗿. 𝗦𝗾𝘂𝗲𝗿𝗲, è un instancabile sperimentatore: DJ, fonico, musicista elettronico (Panda49) e, soprattutto, un fratello p
Emanuele Piazza, aka 𝗠𝗿. 𝗦𝗾𝘂𝗲𝗿𝗲, è un instancabile sperimentatore: DJ, fonico, musicista elettronico (Panda49) e, soprattutto, un fratello per Fuoriposto.Presenza costante e generosa della scena catanese, metterà a disposizione la sua strumentazione per dare a chiunque la possibilità di far girare i propri vinili più disparati.
Quindi bando alla pigrizia: iniziate a rovistare nei meandri delle vostre dimore 𝗮𝗹𝗹𝗮 𝗿𝗶𝗰𝗲𝗿𝗰𝗮 𝗱𝗶 𝘃𝗶𝗻𝗶𝗹𝗶.
𝗦𝗰𝗲𝗴𝗹𝗶 𝘂𝗻 𝗱𝗶𝘀𝗰𝗼, lo metti in consolle e fai partire la musica: se non l’hai mai fatto, ti spieghiamo come.
𝐏𝐨𝐜𝐡𝐞 𝐫𝐞𝐠𝐨𝐥𝐞:
niente liquidi vicino a consolle e vinili, spazio a tutti per suonare.
📍Giarre, Piazza Mazzini, 15
(di fronte la stazione FS)
👉 𝗜𝗻𝗴𝗿𝗲𝘀𝘀𝗼 𝗿𝗶𝘀𝗲𝗿𝘃𝗮𝘁𝗼 𝗮𝗶 𝘀𝗼𝗰𝗶 𝗔𝗿𝗰𝗶.
(Se non hai ancora la tessera, puoi farla direttamente in sede: costa 8€, vale fino a settembre 2026 ed è valida in tutti i circoli Arci d’Italia.)
Scoperta vulnerabilità critica in FreeBSD che consente esecuzione remota di codice arbitrario tramite IPv6. Aggiornamenti disponibili per tutte le versioni supportate.
@Informatica (Italy e non Italy 😁) Gli LLM hanno l'effetto di accelerare il ciclo di vita del ransomware, ma senza trasformarlo in maniera radicale. Ecco i tre cambiamenti strutturali che si stanno verificando in parallelo L'articolo LLM e ransomware: la minaccia cambia marcia, ma senza
Apple was very smart to send Ivan Krstić, who's been fighting spyware and exploit makers for years now, to Hexacon, a conference attended by a lot of spyware and exploit makers.
We apply a transparency log to a centralized keyserver step-by-step, in less than 500 lines, with privacy protections, anti-poisoning, and witness cosigning.
“Te piace 'o presepe?". Dietro la battuta più celebre di Eduardo si nasconde un volto vero, incontrato per caso a Ischia. Una storia di ossessione reale che divenne teatro.
Люблинский районный суд Москвы приговорил доцента кафедры философии МГТУ имени Баумана Александра Нестеренко к трем годам колонии, сообщает "Медиазона". Преподавателя признали ви... mostra di più
Люблинский районный суд Москвы приговорил доцента кафедры философии МГТУ имени Баумана Александра Нестеренко к трем годам колонии, сообщает "Медиазона". Преподавателя признали виновным по статье о призывах к экстремизму из-за публикации на странице "ВКонтакте" украинских песен. Поводом для уголовного дела стали два видео и три аудиозаписи: "Ми ростем" группы "Воплі Відоплясова" и песни "Зродились ми великої години" и "Батько наш – Бандера, Україна – мати". Прокурор в ходе прений требовал...
Владимир Путин 19 декабря проводил "прямую линию": он отвечал на вопросы жителей России и журналистов на большой пресс-конференции в Москве. Во время этого мероприятия он ожидаемо сдела... mostra di più
Владимир Путин 19 декабря проводил "прямую линию": он отвечал на вопросы жителей России и журналистов на большой пресс-конференции в Москве. Во время этого мероприятия он ожидаемо сделал несколько ложных заявлений о войне, которую Россия ведет в Украине. В прямой линии приняли участие и дети.
🇺🇸 U.S. intelligence reports continue to warn that #Putin intends to capture all of #Ukraine and reclaim parts of #Europe that belonged to the former Soviet empire, Reuters reports.
Свердловчанину, который пожаловался Путину во время прямой линии на дефицит лекарств, перезвонили из местного Минздрава и потребовали «быть лояльнее», пишут СМИ.
Глава Минздрава о
... mostra di più
Свердловчанину, который пожаловался Путину во время прямой линии на дефицит лекарств, перезвонили из местного Минздрава и потребовали «быть лояльнее», пишут СМИ.
Глава Минздрава области уже выступила с заявлением, что препараты у пациента есть. Их должно хватить «ещё на несколько дней».
Путина попросили не отключать интернет диабетикам. Тот в ответ велел им потерпеть ради «безопасности».
Журналистка призвала его внести приложения для мониторинга глюкозы в «белы
... mostra di più
Путина попросили не отключать интернет диабетикам. Тот в ответ велел им потерпеть ради «безопасности».
Журналистка призвала его внести приложения для мониторинга глюкозы в «белый список» Минцифры — чтобы те работали при отключении мобильной сети. Путин ничем не может помочь больным детям и предложил переходить на отечественное ПО, потому что интернет будут и дальше отключать из-за украинских дронов.
Hypolite Petovan
in reply to The Human Capybara • • •