Podcasts about ssh

Ya sea que gestiones una instancia de Syncthing, un backend de Obsidian con Docker, o tu proxy inverso con Traefik, sabes que la necesidad de revisar logs o reiniciar un contenedor puede surgir en cualquier momento. La solución habitual es la Terminal SSH, lo que te obliga a sacar el portátil o lidiar con interfaces incómodas en el móvil.En este episodio, te presento Docker Manager, una aplicación gratuita y open source construida con Flutter y un hermoso diseño Material Design. Esta herramienta es tu centro de comando definitivo para Docker, diseñado específicamente para pantallas pequeñas, permitiéndote abandonar el tedio del SSH para el 99% de las tareas diarias. Es una solución de productividad pura, muy en la línea de lo que buscamos en atareao con Linux: soluciones prácticas para "cualquier cosa que quieras hacer con Linux".Este episodio es un tutorial práctico paso a paso para que puedas poner Docker Manager en marcha y sacarle el máximo partido:Conexión Segura Multiserver: Explicaremos detalladamente cómo configurar la conexión a múltiples hosts Linux (VPS, Raspberry Pi, máquinas virtuales) y por qué debes utilizar la autenticación por clave privada SSH para mantener tu infraestructura segura. La app se integra perfectamente con tu pila de red móvil, lo que significa que funciona sin problemas a través de VPNs como WireGuard o Tailscale.Control Total de Contenedores: La facilidad para realizar operaciones esenciales: Start, Stop, Restart, Inspect y Remove con un solo toque. Haremos hincapié en el filtrado por Docker Compose Stacks, esencial para quien gestiona múltiples servicios como bases de datos o instancias de Rust alojadas en contenedores.Diagnóstico Avanzado en Movimiento:Logs en Vivo: Revisar los logs en tiempo real es vital para el debugging de emergencia.Estadísticas del Contenedor: Ver el uso de CPU y memoria al instante para identificar cuellos de botella.Shell Interactivo: La característica estrella. Te mostraremos cómo iniciar un shell (bash) dentro de un contenedor o en el host Linux mismo. Esto te da la libertad de usar herramientas como redis-cli o revisar configuraciones rápidas sin abrir un cliente SSH.Mantenimiento y Limpieza del Sistema: Analizaremos la función System Cleanup (Pruning) para deshacernos de esas imágenes y volúmenes "colgantes" que roban espacio.Gestión de Imágenes, Redes y Volúmenes: Un vistazo a cómo la aplicación simplifica la visualización y gestión de estos componentes clave de Docker. Incluso hablaremos de la flexibilidad para configurar el Docker CLI Path, lo que abre la puerta a la gestión de Podman también.Docker Manager es una herramienta indispensable que libera tu escritorio Linux y te da el poder de administración en tu bolsillo. Ya no tendrás que interrumpir tu flujo de trabajo en Neovim o cerrar tu sesión de escritorio GNOME para hacer una comprobación rápida. Es la solución perfecta para mantener tus servicios (desde un servidor web hasta una instancia de Obsidian) funcionando sin problemas 24/7.Más información y enlaces en las notas del episodio

Topics covered in this episode: Possibility of a new website for Django aiosqlitepool deptry browsr Extras Joke Watch on YouTube About the show Sponsored by us! Support our work through: Our courses at Talk Python Training The Complete pytest Course Patreon Supporters Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky) Brian: @brianokken@fosstodon.org / @brianokken.bsky.social Show: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: Possibility of a new website for Django Current Django site: djangoproject.com Adam Hill's in progress redesign idea: django-homepage.adamghill.com Commentary in the Want to work on a homepage site redesign? discussion Michael #2: aiosqlitepool

The MOSH tool aids the use of SSH-secured sessions, especially across different systems. Jason unpacks the security of this system and how it uses encryption and shared secrets.

Topics covered in this episode: The PSF has withdrawn a $1.5 million proposal to US government grant program A Binary Serializer for Pydantic Models T-strings: Python's Fifth String Formatting Technique? Cronboard Extras Joke Watch on YouTube About the show Sponsored by us! Support our work through: Our courses at Talk Python Training The Complete pytest Course Patreon Supporters Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky) Brian: @brianokken@fosstodon.org / @brianokken.bsky.social Show: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: The PSF has withdrawn a $1.5 million proposal to US government grant program Related post from Simon Willison ARS Technica: Python plan to boost software security foiled by Trump admin's anti-DEI rules The Register: Python Foundation goes ride or DEI, rejects government grant with strings attached In Jan 2025, the PSF submitted a proposal for a US NSF grant under the Safety, Security, and Privacy of Open Source Ecosystems program. After months of work by the PSF, the proposal was recommended for funding. If the PSF accepted it, however, they would need to agree to the some terms and conditions, including, affirming that the PSF doesn't support diversity. The restriction wouldn't just be around the security work, but around all activity of the PSF as a whole. And further, that any deemed violation would give the NSF the right to ask for the money back. That just won't work, as the PSF would have already spent the money. The PSF mission statement includes "The mission of the Python Software Foundation is to promote, protect, and advance the Python programming language, and to support and facilitate the growth of a diverse and international community of Python programmers." The money would have obviously been very valuable, but the restrictions are just too unacceptable. The PSF withdrew the proposal. This couldn't have been an easy decision, that was a lot of money, but I think the PSF did the right thing. Michael #2: A Binary Serializer for Pydantic Models 7× Smaller Than JSON A compact binary serializer for Pydantic models that dramatically reduces RAM usage compared to JSON. The library is designed for high-load systems (e.g., Redis caching), where millions of models are stored in memory and every byte matters. It serializes Pydantic models into a minimal binary format and deserializes them back with zero extra metadata overhead. Target Audience: This project is intended for developers working with: high-load APIs in-memory caches (Redis, Memcached) message queues cost-sensitive environments where object size matters Brian #3: T-strings: Python's Fifth String Formatting Technique? Trey Hunner Python 3.14 has t-strings. How do they fit in with the rest of the string story? History percent-style (%) strings - been around for a very long time string.Template - and t.substitute() - from Python 2.4, but I don't think I've ever used them bracket variables and .format() - Since Python 2.6 f-strings - Python 3.6 - Now I feel old. These still seem new to me t-strings - Python 3.14, but a totally different beast. These don't return strings. Trey then covers a problem with f-strings in that the substitution happens at definition time. t-strings have substitution happen later. this is essentially “lazy string interpolation” This still takes a bit to get your head around, but I appreciate Trey taking a whack at the explanation. Michael #4: Cronboard Cronboard is a terminal application that allows you to manage and schedule cronjobs on local and remote servers. With Cronboard, you can easily add, edit, and delete cronjobs, as well as view their status. ✨ Features ✔️ Check cron jobs ✔️ Create cron jobs with validation and human-readable feedback ✔️ Pause and resume cron jobs ✔️ Edit existing cron jobs ✔️ Delete cron jobs ✔️ View formatted last and next run times ✔️ Accepts special expressions like @daily, @yearly, @monthly, etc. ✔️ Connect to servers using SSH, using password or SSH keys ✔️ Choose another user to manage cron jobs if you have the permissions to do so (sudo) Extras Brian: PEP 810: Explicit lazy imports, has been unanimously accepted by steering council Lean TDD book will be written in the open. TOC, some details, and a 10 page introduction are now available. Hoping for the first pass to be complete by the end of the year. I'd love feedback to help make it a great book, and keep it small-ish, on a very limited budget. Joke: You are so wrong!

The biggest failure in seven years, right before a trip. What broke, how Chris pulled it back together, and how Wes would fix it right.Sponsored By:Managed Nebula: Meet Managed Nebula from Defined Networking. A decentralized VPN built on the open-source Nebula platform that we love. 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. CrowdHealth: This open enrollment, take your power back. Join CrowdHealth to get started today for $99 for your first three months using code UNPLUGGED. Support LINUX UnpluggedLinks:

This week on Linux Out Loud, we're plugging into the source! We kick things off with a look at the wild world of robotics competitions, from the destructive Norwalk Havoc Robot League to updates on our local FLL and FTC teams. Then, we dive into a heated discussion on the great Endianness debate shaking up the RISC-V community and what the 90-10 rule means for kernel support. Plus, we've got updates on a retro 3D printing project, a pro tip for backing up your SSH keys, and a horror story about Nate's poor Commodore 64x. Find the rest of the show notes at: https://tuxdigital.com/podcasts/linux-out-loud/lol-116/ Visit the Tux Digital Merch Store: https://store.tuxdigital.com/ Special Guest: Bill.

This show has been flagged as Clean by the host. Hello, this is your host, Archer72 for Hacker Public Radio In this episode, I get a crash course on git, and thought it would make a good episode. Not actually on git itself, but how to use it on Github and Gitlab. First off, I am looking for a job, so I thought it would be a great time to brush up on my git knowledge and make a show too. Of course, I am no git expert by any means, but as it has been said in comments Hacker Public Radio is my memory. You will want to create and ssh key for each Git instance, in this case I will use both Github and Gitlab. A few other sites to host Git files which are Hacker Public Radio's own Gitea on HPR, Notabug and Codeberg Now lets get started. ssh-keygen will create an ed25519 key pair several years ago this was not yet the default add entry to ~/.ssh/config for each git instance Host github.com User git IdentityFile ~/.ssh/github-ricemark20 Host gitlab.com User git IdentityFile ~/.ssh/gitlab-archer72 SSH Keys ssh-add ~/.ssh/git-key (not .pub) Git • GPG - gpg --full-generate-key - gpg --list-public-keys - 40 character string - git config --global user.signingkey XXXXPublicKey - git config --global commit.gpgsign true - gpg --armor --export XXXXPublicKey - copy output to Github or Gitlab, including Gitlab Avatar > Edit Profile > SSH Keys > Add key (on the right side) Gitlab - SSH keys cat ~/.ssh/gitlab-key.pub Add Key git remote set-url origin git@gitlab.com/user/gitlab-repo.git Edit Profile > GPG Keys > Add key (on the right side) Gitlab - GPG keys copy and add public key from gpg --list-public-keys (40 Characters) Github Avatar > Settings > SSH and GPG Keys > New SSH key Github - keys cat ~/.ssh/github-key.pub Github - New SSH key Title, Key > Add SSH key git remote set-url origin git@github.com:user/github-repo.git Avatar > Settings > SSH and GPG Keys > New GPG key Github - New GPG key Title, Key > Add GPG key copy and add public key from gpg --list-public-keys (40 Characters) Create a new repository named something like resume or my-resume Upload your HTML resume file and name it index.html Go to your repository Settings → Pages Under "Source," select "Deploy from a branch" Choose "main" branch and "/ (root)" folder Your resume will be available at https://yourusername.github.io/resume Github.io - ricemark20 Provide feedback on this episode.

Polymorphic Python Malware Xavier discovered self-modifying Python code on Virustotal. The remote access tool takes advantage of the inspect module to modify code on the fly. https://isc.sans.edu/diary/Polymorphic%20Python%20Malware/32354 SSH ProxyCommand Vulnerability A user cloning a git repository may be tricked into executing arbitrary code via the SSH proxycommand option. https://dgl.cx/2025/10/bash-a-newline-ssh-proxycommand-cve-2025-61984 Framelink Figma MCP Server CVE-2025-53967 Framelink Figma s MCP server suffers from a remote code execution vulnerability.

Granted, not as cold as it’s going to be but I was under-dressed for “low 40s” and no sunshine. Talked about fun with SSH, eating with no taste buds, homemade bread, and the trying day ahead with dental in a … Continue reading →

Curious about what really goes on inside a cloud data center?   In this episode, Lois Houston and Nikita Abraham chat with Principal OCI Instructor Orlando Gentil about how cloud data centers are transforming the way organizations manage technology.   They explore the differences between traditional and cloud data centers, the roles of CPUs, GPUs, and RAM, and why operating systems and remote access matter more than ever.   Cloud Tech Jumpstart: https://mylearn.oracle.com/ou/course/cloud-tech-jumpstart/152992   Oracle University Learning Community: https://education.oracle.com/ou-community   LinkedIn: https://www.linkedin.com/showcase/oracle-university/   X: https://x.com/Oracle_Edu   Special thanks to Arijit Ghosh, David Wright, Kris-Ann Nansen, Radhika Banka, and the OU Studio Team for helping us create this episode. ------------------------------------- Episode Transcript: 00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started! 00:25 Lois: Hello and welcome to the Oracle University Podcast! I'm Lois Houston, Director of Innovation Programs with Oracle University, and with me is Nikita Abraham, Team Lead: Editorial Services.   Nikita: Hi everyone! Today, we're covering the fundamentals you need to be successful in a cloud environment. If you're new to cloud, coming from a SaaS environment, or planning to move from on-premises to the cloud, you won't want to miss this. With us today is Orlando Gentil, Principal OCI Instructor at Oracle University. Hi Orlando! Thanks for joining us.   01:01 Lois: So Orlando, we know that Oracle has been a pioneer of cloud technologies and has been pivotal in shaping modern cloud data centers, which are different from traditional data centers. For our listeners who might be new to this, could you tell us what a traditional data center is?  Orlando: A traditional data center is a physical facility that houses an organization's mission critical IT infrastructure, including servers, storage systems, and networking equipment, all managed on site.   01:32 Nikita: So why would anyone want to use a cloud data center?  Orlando: The traditional model requires significant upfront investment in physical hardware, which you are then responsible for maintaining along with the underlying infrastructure like physical security, HVAC, backup power, and communication links.  In contrast, cloud data centers offer a more agile approach. You essentially rent the infrastructure you need, paying only for what you use. In the traditional data center, scaling resources up and down can be a slow and complex process.  On cloud data centers, scaling is automated and elastic, allowing resources to adjust dynamically based on demand. This shift allows business to move their focus from the constant upkeep of infrastructure to innovation and growth.  The move represents a shift from maintenance to momentum, enabling optimized costs and efficient scaling. This fundamental shift is how IT infrastructure is managed and consumed, and precisely what we mean by moving to the cloud.  02:39 Lois: So, when we talk about moving to the cloud, what does it really mean for businesses today?  Orlando: Moving to the cloud represents the strategic transition from managing your own on-premise hardware and software to leveraging internet-based computing services provided by a third-party.  This involves migrating your applications, data, and IT operations to a cloud environment. This transition typically aims to reduce operational overhead, increase flexibility, and enhance scalability, allowing organizations to focus more on their core business functions.    03:17 Nikita: Orlando, what's the “brain” behind all this technology?  Orlando: A CPU or Central Processing Unit is the primary component that performs most of the processing inside the computer or server. It performs calculations handling the complex mathematics and logic that drive all applications and software.  It processes instructions, running tasks, and operations in the background that are essential for any application. A CPU is critical for performance, as it directly impacts the overall speed and efficiency of the data center.  It also manages system activities, coordinating user input, various application tasks, and the flow of data throughout the system. Ultimately, the CPU drives data center workloads from basic server operations to powering cutting edge AI applications.  04:10 Lois: To better understand how a CPU achieves these functions and processes information so efficiently, I think it's important for us to grasp its fundamental architecture. Can you briefly explain the fundamental architecture of a CPU, Orlando?  Orlando: When discussing CPUs, you will often hear about sockets, cores, and threads. A socket refers to the physical connection on the motherboard where a CPU chip is installed.  A single server motherboard can have one or more sockets, each holding a CPU. A core is an independent processing unit within a CPU. Modern CPUs often have multiple cores, enabling them to handle several instructions simultaneously, thus increasing processing power.  Think of it as having multiple mini CPUs on a single chip. Threads are virtual components that allow a single CPU core to handle multiple sequence of instructions or threads concurrently. This technology, often called hyperthreading, makes a single core appear as two logical processors to the operating system, further enhancing efficiency.  05:27 Lois: Ok. And how do CPUs process commands?  Orlando: Beyond these internal components, CPUs are also designed based on different instruction set architectures which dictate how they process commands.   CPU architectures are primarily categorized in two designs-- Complex Instruction Set Computer or CISC and Reduced Instruction Set Computer or RISC. CISC processors are designed to execute complex instructions in a single step, which can reduce the number of instructions needed for a task, but often leads to a higher power consumption.  These are commonly found in traditional Intel and AMD CPUs. In contrast, RISC processors use a simpler, more streamlined set of instructions. While this might require more steps for a complex task, each step is faster and more energy efficient. This architecture is prevalent in ARM-based CPUs.  06:34 Are you looking to boost your expertise in enterprise AI? Check out the Oracle AI Agent Studio for Fusion Applications Developers course and professional certification—now available through Oracle University. This course helps you build, customize, and deploy AI Agents for Fusion HCM, SCM, and CX, with hands-on labs and real-world case studies. Ready to set yourself apart with in-demand skills and a professional credential? Learn more and get started today! Visit mylearn.oracle.com for more details.     07:09 Nikita: Welcome back! We were discussing CISC and RISC processors. So Orlando, where are they typically deployed? Are there any specific computing environments and use cases where they excel?  Orlando: On the CISC side, you will find them powering enterprise virtualization and server workloads, such as bare metal hypervisors in large databases where complex instructions can be efficiently processed. High performance computing that includes demanding simulations, intricate analysis, and many traditional machine learning systems.  Enterprise software suites and business applications like ERP, CRM, and other complex enterprise systems that benefit from fewer steps per instruction. Conversely, RISC architectures are often preferred for cloud-native workloads such as Kubernetes clusters, where simpler, faster instructions and energy efficiency are paramount for distributed computing.  Mobile device management and edge computing, including cell phones and IoT devices where power efficiency and compact design are critical. Cost optimized cloud hosting supporting distributed workloads where the cumulative energy savings and simpler design lead to more economical operations.  The choice between CISC and RISC depends heavily on the specific workload and performance requirements. While CPUs are versatile generalists, handling a broad range of tasks, modern data centers also heavily rely on another crucial processing unit for specialized workloads.  08:54 Lois: We've spoken a lot about CPUs, but our conversation would be incomplete without understanding what a Graphics Processing Unit is and why it's important. What can you tell us about GPUs, Orlando?  Orlando: A GPU or Graphics Processing Unit is distinct from a CPU. While the CPU is a generalist excelling at sequential processing and managing a wide variety of tasks, the GPU is a specialist.  It is designed specifically for parallel compute heavy tasks. This means it can perform many calculations simultaneously, making it incredibly efficient for workloads like rendering graphics, scientific simulations, and especially in areas like machine learning and artificial intelligence, where massive parallel computation is required.  In the modern data center, GPUs are increasingly vital for accelerating these specialized, data intensive workloads.   09:58 Nikita: Besides the CPU and GPU, there's another key component that collaborates with these processors to facilitate efficient data access. What role does Random Access Memory play in all of this?  Orlando: The core function of RAM is to provide faster access to information in use. Imagine your computer or server needing to retrieve data from a long-term storage device, like a hard drive. This process can be relatively slow.  RAM acts as a temporary high-speed buffer. When your CPU or GPU needs data, it first checks RAM. If the data is there, it can be accessed almost instantaneously, significantly speeding up operations.  This rapid access to frequently used data and programming instructions is what allows applications to run smoothly and systems to respond quickly, making RAM a critical factor in overall data center performance.  While RAM provides quick access to active data, it's volatile, meaning data is lost when power is off, or persistent data storage, the information that needs to remain available even after a system shut down.   11:14 Nikita: Let's now talk about operating systems in cloud data centers and how they help everything run smoothly. Orlando, can you give us a quick refresher on what an operating system is, and why it is important for computing devices?  Orlando: At its core, an operating system, or OS, is the fundamental software that manages all the hardware and software resources on a computer. Think of it as a central nervous system that allows everything else to function.  It performs several critical tasks, including managing memory, deciding which programs get access to memory and when, managing processes, allocating CPU time to different tasks and applications, managing files, organizing data on storage devices, handling input and output, facilitate communication between the computer and its peripherals, like keyboards, mice, and displays. And perhaps, most importantly, it provides the user interface that allows us to interact with the computer.  12:19 Lois: Can you give us a few examples of common operating systems?  Orlando: Common operating system examples you are likely familiar with include Microsoft Windows and MacOS for personal computers, iOS and Android for mobile devices, and various distributions of Linux, which are incredibly prevalent in servers and increasingly in cloud environments.  12:41 Lois: And how are these operating systems specifically utilized within the demanding environment of cloud data centers?  Orlando: The two dominant operating systems in data centers are Linux and Windows. Linux is further categorized into enterprise distributions, such as Oracle Linux or SUSE Linux Enterprise Server, which offer commercial support and stability, and community distributions, like Ubuntu and CentOS, which are developed and maintained by communities and are often free to use.  On the other side, we have Windows, primarily represented by Windows Server, which is Microsoft's server operating system known for its robust features and integration with other Microsoft products. While both Linux and Windows are powerful operating systems, their licensing modes can differ significantly, which is a crucial factor to consider when deploying them in a data center environment.  13:43 Nikita: In what way do the licensing models differ?  Orlando: When we talk about licensing, the differences between Linux and Windows become quite apparent. For Linux, Enterprise Distributions come with associated support fees, which can be bundled into the initial cost or priced separately. These fees provide access to professional support and updates. On the other hand, Community Distributions are typically free of charge, with some providers offering basic community-driven support.  Windows server, in contrast, is a commercial product. Its license cost is generally included in the instance cost when using cloud providers or purchased directly for on-premise deployments. It's also worth noting that some cloud providers offer a bring your own license, or BYOL program, allowing organizations to use their existing Windows licenses in the cloud, which can sometimes provide cost efficiencies.  14:46 Nikita: Beyond choosing an operating system, are there any other important aspects of data center management?  Orlando: Another critical aspect of data center management is how you remotely access and interact with your servers. Remote access is fundamental for managing servers in a data center, as you are rarely physically sitting in front of them. The two primary methods that we use are SSH, or secure shell, and RDP, remote desktop.  Secure shell is widely used for secure command line access for Linux servers. It provides an encrypted connection, allowing you to execute commands, transfer files, and manage your servers securely from a remote location. The remote desktop protocol is predominantly used for graphical remote access to Windows servers. RDP allows you to see and interact with the server's desktop interface, just as if you were sitting directly in front of it, making it ideal for tasks that require a graphical user interface.  15:54 Lois: Thank you so much, Orlando, for shedding light on this topic.    Nikita: Yeah, that's a wrap for today! To learn more about what we discussed, head over to mylearn.oracle.com and search for the Cloud Tech Jumpstart course. In our next episode, we'll take a close look at how data is stored and managed. Until then, this is Nikita Abraham…   Lois: And Lois Houston, signing off!   16:16 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.

Si parla di accesso remoto (SSH) su macOS, dei una truffa che è sempre più diffusa, dell'età dei nostri ascoltatori, di come impostare l'ora "grande" nella lockscreen dell'iPhone, di come avere 1 mese gratis di Starlink, di alcuni bug di iOS, di una...

professorjrod@gmail.comDive deep into the essential building blocks of secure enterprise networks with Professor J. Rod in this comprehensive exploration of network architecture, security appliances, and remote access solutions.What makes a truly secure organizational network? It's more than just firewalls and fancy equipment—it's thoughtful design, strategic implementation, and layered defenses. We break down how enterprise networks function as digital blueprints, explaining everything from switching topologies to routing infrastructure in accessible terms. You'll understand why proper segmentation matters and how VLANs create logical separation between departments sharing physical resources.Security isn't about building one impenetrable wall anymore. Modern protection requires defense-in-depth with multiple control types across various network zones. We examine critical security appliances including next-generation firewalls, intrusion detection systems, web application firewalls, and load balancers—explaining not just what they do but where they belong in your architecture. You'll learn the difference between Layer 4 and Layer 7 inspection, why proper device placement matters, and how to choose between fail-open and fail-close configurations based on your organizational needs.With remote work now standard, we tackle virtual private networks and secure access solutions that keep distributed teams connected safely. From TLS tunneling to IPsec implementation, SSH management to jump servers, you'll gain practical insights into protecting your extended network perimeter. The episode concludes with CompTIA-style practice questions to test your understanding of key concepts. Whether you're studying for certification or managing enterprise infrastructure, this episode provides the knowledge foundation to build truly resilient network architectures. Subscribe for more in-depth technology explorations that bridge theory and practical application.Support the showIf you want to help me with my research please e-mail me.Professorjrod@gmail.comIf you want to join my question/answer zoom class e-mail me at Professorjrod@gmail.comArt By Sarah/DesmondMusic by Joakim KarudLittle chacha ProductionsJuan Rodriguez can be reached atTikTok @ProfessorJrodProfessorJRod@gmail.com@Prof_JRodInstagram ProfessorJRod

Bem-vindos a mais um Kubicast! Neste episódio, recebemos Victor Carvalho para destrinchar o Talos Linux como base enxuta e segura para rodar Kubernetes. Nós comparamos a proposta minimalista do Talos com distros generalistas, e debatemos por que um SO "Kubernetes-first" reduz superfície de ataque e acelera a vida de quem opera clusters no dia a dia.Falamos de segurança no detalhe: kernel hardenizado (KSP), SELinux funcionando de verdade com Kubernetes, criptografia de disco com chaves via TPM/KMS, e o modelo API-driven (sem SSH) que muda a forma como operamos nós. Também discutimos operação e upgrades, incluindo o uso do Talos Factory e de Terraform para padronizar imagens, além de estratégias para controlar endpoints e certificados.Fechamos com experiências reais: comparativos de tempo de provisioning, requisitos mínimos, rede (Flannel vs Cilium), dores comuns (certificados/TLS, IP flutuante) e boas práticas de produção — aquela mistura de técnica com bom humor que só a nossa bancada entrega.Links Importantes:- Victor Cardoso - https://www.linkedin.com/in/victorbmcarvalho/- João Brito - https://www.linkedin.com/in/juniorjbn/- Site oficial do Talos Linux - https://talos.dev- Assista ao FilmeTEArapia - https://youtu.be/M4QFmW_HZh0?si=HIXBDWZJ8yPbpflMHashtags#Talos #TalosLinux #Kubernetes #DevOps #DevSecOps #Kubicast #Containers #Getup #K8s #SELinux #KSP #Terraform #Proxmox #Flannel #Cilium #ZeroTrust #Imutabilidade #Homelab #Observabilidade #SBOMO Kubicast é uma produção da Getup, empresa especialista em Kubernetes e projetos open source para Kubernetes. Os episódios do podcast estão nas principais plataformas de áudio digital e no YouTube.com/@getupcloud.

Daniel Stenberg, Swedish Internet protocol expert and founder and lead developer of the Curl project, speaks with SE Radio host Gavin Henry about removing Rust from Curl. They discuss why Hyper was removed from curl, why the last five percent of making it a success was difficult, what the project gained from the 5-year attempt to tackle bringing Rust into a C project, lessons learned for next time, why user support is critical, and the positive long-lasting impact this attempt had. Brought to you by IEEE Computer Society and IEEE Software magazine.

Ep 268Apple nešto smatrao, izgleda još misle da ih plebs većinski blagonaklono gleda. Nope.EU Has 'No Intention' to Repeal DMA Following Apple ChallengeCraig Hockenberry:Here's my guess what happened in the lead up to WWDC25:Apple realized it was deep in the weeds with Apple Intelligence (and associated PR) and needed a tentpole feature that wasn't AI.Liquid Glass was in development for some upcoming edgeless hardware. It needed another year of work, but management/marketing was fucked.A thing that wasn't ready got moved up. Bug fixing took a back seat. Everyone grabbed paint brushes, not screwdrivers.The next year is going to be rough for EVERYONE.Apple pobrojao novostu u iOS 26, iPadOS 26 i macOS 26.Christopher Lawley: iPadOS 26 Walkthrough: THIS Reboots the iPadThe Tech Chap: iPhone Air FULL REVIEW - Not What I Expected...Steve Troughton-Smith:The A19 Pro in the iPhone Air is 50% faster than the M1 in my primary Mac mini in singlecore, 10% faster in multicore, and 13% faster in GPU compute. That's a lot of chip in a tiny slab of glassIt works sideways!Ozbiljno dobar zoom na 17 ProMiki pomenuo PowerPrint.iPhone Satellite Features Remain Free for Another Year - TidBITSApple Drops iCloud Support for iOS 10 and macOS SierraSupport for FireWire Removed from macOS 26 Tahoe - TidBITSRogue Amoeba: Our product lineup is ready for Tahoe, but Tahoe may not be ready for you.Steve Troughton-Smith:You know who wasn't ready on launch day with iOS/macOS 26 versions of all their apps on the App Store?Miguel Arroz: macOS Tahoe UI has a HUGE new feature for folks like me who have 24/7 Mac Minis running and access them remotely: you can now type the boot password remotely via SSH!macOS 26 Tahoe Pushes FileVault Use - TidBITSSteve Troughton-Smith:I'm having a ton of trouble updating apps using the Mac App Store (on Tahoe) if there was a TestFlight version installed.CodeSource: The Untold Story of Databases60 years after Gemini, newly processed images reveal incredible detailsZahvalniceSnimano 16.9.2025.Uvodna muzika by Vladimir Tošić, stari sajt je ovde.Logotip by Aleksandra Ilić.Artwork epizode by Saša Montiljo, njegov kutak na Devianartu

Topics covered in this episode: * pandas is getting pd.col expressions* * Cline, At-Cost Agentic IDE Tooling* * uv cheatsheet* Ducky Network UI Extras Joke Watch on YouTube About the show Sponsored by us! Support our work through: Our courses at Talk Python Training The Complete pytest Course Patreon Supporters Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky) Brian: @brianokken@fosstodon.org / @brianokken.bsky.social Show: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: pandas is getting pd.col expressions Marco Gorelli Next release of Pandas will have pd.col(), inspired by some of the other frameworks I'm guessing Pandas 2.3.3? or 2.4.0? or 3.0.0? (depending on which version they bump?) “The output of pd.col is called an expression. You can think of it as a delayed column - it only produces a result once it's evaluated inside a dataframe context.” It replaces many contexts where lambda expressions were used Michael #2: Cline, At-Cost Agentic IDE Tooling Free and open-source Probably supports your IDE (if your IDE isn't a terminal) VS Code VS Code Insiders Cursor Windsurf JetBrains IDEs (including PyCharm) You pick plan or act (very important) It shows you the price as the AI works, per request, right in the UI Brian #3: uv cheatsheet Rodgrigo at mathspp.com Nice compact cheat sheet of commands for Creating projects Managing dependencies Lifecycle stuff like build, publish, bumping version uv tool (uvx) commands working with scripts Installing and updating Python versions plus venv, pip, format, help and update Michael #4: Ducky Network UI Ducky is a powerful, open-source, all-in-one desktop application built with Python and PySide6. It is designed to be the perfect companion for network engineers, students, and tech enthusiasts, combining several essential utilities into a single, intuitive graphical interface. Features Multi-Protocol Terminal: Connect via SSH, Telnet, and Serial (COM) in a modern, tabbed interface. SNMP Topology Mapper: Automatically discover your network with a ping and SNMP sweep. See a graphical map of your devices, color-coded by type, and click to view detailed information. Network Diagnostics: A full suite of tools including a Subnet Calculator, Network Monitor (Ping, Traceroute), and a multi-threaded Port Scanner. Security Toolkit: Look up CVEs from the NIST database, check password strength, and calculate file hashes (MD5, SHA1, SHA256, SHA512). Rich-Text Notepad: Keep notes and reminders in a dockable widget with formatting tools and auto-save. Customizable UI: Switch between a sleek dark theme and a clean light theme. Customize terminal colors and fonts to your liking. Extras Brian: Where are the cool kids hosting static sites these days? Moving from Netlify to Cloudflare Pages - Will Vincent from Feb 2024 Traffic is a concern now for even low-ish traffic sites since so many bots are out there Netlify free plan is less than 30 GB/mo allowed (grandfathered plans are 100 GB/mo) GH Pages have a soft limit of 100 GB/mo Cloudflare pages says unlimited Michael: PyCon Brazil needs some help with reduced funding from the PSF Get a ticket to donate for a student to attend (at the button of the buy ticket checkout dialog) I upgraded to macOS Tahoe Loving it so far. Only issue I've seen so far has been with alt-tab for macOS Joke: Hiring in 2025 vs 2021 2021: “Do you have an in-house kombucha sommelier?” “Let's talk about pets, are you donkey-friendly?”, “Oh you think this is a joke?” 2025: “Round 8/7” “Out of 12,000 resumes, the AI picked yours” “Binary tree? Build me a foundational model!” “Healthcare? What, you want to live forever?”

Our first look at KDE Linux, then Chris shares the latest on Hyprvibe, while Wes braves his first install.Sponsored By:Managed Nebula: Meet Managed Nebula from Defined Networking. A decentralized VPN built on the open-source Nebula platform that we love. 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. Unraid: A powerful, easy operating system for servers and storage. Maximize your hardware with unmatched flexibility. Support LINUX UnpluggedLinks:

Alarm bells are ringing over a supposed browser zero-day, but is the threat as bad as it sounds? Steve reveals why "clickjacking" might be more whac-a-mole than breaking news, and what that really means for your passwords. • Germany may soon outlaw ad blockers • What's happening in the courts over AI • The U.K. drops its demands of Apple • New Microsoft 365 tenants being throttled • Is Russia preparing to block Google Meet? • Bluesky suspends its service in Mississippi • How to throttle AI • A tricky SSH-busting Go library • Here comes the Linux desktop malware • Apple just patched a doozy of a vulnerability • A trivial Docker escape was found and fixed • Why the recent browser 0-day clickjacking is really just whac-a-mole Show Notes - https://www.grc.com/sn/sn-1040-notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/securitynow zscaler.com/security bigid.com/securitynow uscloud.com

Alarm bells are ringing over a supposed browser zero-day, but is the threat as bad as it sounds? Steve reveals why "clickjacking" might be more whac-a-mole than breaking news, and what that really means for your passwords. • Germany may soon outlaw ad blockers • What's happening in the courts over AI • The U.K. drops its demands of Apple • New Microsoft 365 tenants being throttled • Is Russia preparing to block Google Meet? • Bluesky suspends its service in Mississippi • How to throttle AI • A tricky SSH-busting Go library • Here comes the Linux desktop malware • Apple just patched a doozy of a vulnerability • A trivial Docker escape was found and fixed • Why the recent browser 0-day clickjacking is really just whac-a-mole Show Notes - https://www.grc.com/sn/sn-1040-notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/securitynow zscaler.com/security bigid.com/securitynow uscloud.com

Alarm bells are ringing over a supposed browser zero-day, but is the threat as bad as it sounds? Steve reveals why "clickjacking" might be more whac-a-mole than breaking news, and what that really means for your passwords. • Germany may soon outlaw ad blockers • What's happening in the courts over AI • The U.K. drops its demands of Apple • New Microsoft 365 tenants being throttled • Is Russia preparing to block Google Meet? • Bluesky suspends its service in Mississippi • How to throttle AI • A tricky SSH-busting Go library • Here comes the Linux desktop malware • Apple just patched a doozy of a vulnerability • A trivial Docker escape was found and fixed • Why the recent browser 0-day clickjacking is really just whac-a-mole Show Notes - https://www.grc.com/sn/sn-1040-notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/securitynow zscaler.com/security bigid.com/securitynow uscloud.com

Alarm bells are ringing over a supposed browser zero-day, but is the threat as bad as it sounds? Steve reveals why "clickjacking" might be more whac-a-mole than breaking news, and what that really means for your passwords. • Germany may soon outlaw ad blockers • What's happening in the courts over AI • The U.K. drops its demands of Apple • New Microsoft 365 tenants being throttled • Is Russia preparing to block Google Meet? • Bluesky suspends its service in Mississippi • How to throttle AI • A tricky SSH-busting Go library • Here comes the Linux desktop malware • Apple just patched a doozy of a vulnerability • A trivial Docker escape was found and fixed • Why the recent browser 0-day clickjacking is really just whac-a-mole Show Notes - https://www.grc.com/sn/sn-1040-notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/securitynow zscaler.com/security bigid.com/securitynow uscloud.com

Alarm bells are ringing over a supposed browser zero-day, but is the threat as bad as it sounds? Steve reveals why "clickjacking" might be more whac-a-mole than breaking news, and what that really means for your passwords. • Germany may soon outlaw ad blockers • What's happening in the courts over AI • The U.K. drops its demands of Apple • New Microsoft 365 tenants being throttled • Is Russia preparing to block Google Meet? • Bluesky suspends its service in Mississippi • How to throttle AI • A tricky SSH-busting Go library • Here comes the Linux desktop malware • Apple just patched a doozy of a vulnerability • A trivial Docker escape was found and fixed • Why the recent browser 0-day clickjacking is really just whac-a-mole Show Notes - https://www.grc.com/sn/sn-1040-notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/securitynow zscaler.com/security bigid.com/securitynow uscloud.com

Alarm bells are ringing over a supposed browser zero-day, but is the threat as bad as it sounds? Steve reveals why "clickjacking" might be more whac-a-mole than breaking news, and what that really means for your passwords. • Germany may soon outlaw ad blockers • What's happening in the courts over AI • The U.K. drops its demands of Apple • New Microsoft 365 tenants being throttled • Is Russia preparing to block Google Meet? • Bluesky suspends its service in Mississippi • How to throttle AI • A tricky SSH-busting Go library • Here comes the Linux desktop malware • Apple just patched a doozy of a vulnerability • A trivial Docker escape was found and fixed • Why the recent browser 0-day clickjacking is really just whac-a-mole Show Notes - https://www.grc.com/sn/sn-1040-notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/securitynow zscaler.com/security bigid.com/securitynow uscloud.com

Alarm bells are ringing over a supposed browser zero-day, but is the threat as bad as it sounds? Steve reveals why "clickjacking" might be more whac-a-mole than breaking news, and what that really means for your passwords. • Germany may soon outlaw ad blockers • What's happening in the courts over AI • The U.K. drops its demands of Apple • New Microsoft 365 tenants being throttled • Is Russia preparing to block Google Meet? • Bluesky suspends its service in Mississippi • How to throttle AI • A tricky SSH-busting Go library • Here comes the Linux desktop malware • Apple just patched a doozy of a vulnerability • A trivial Docker escape was found and fixed • Why the recent browser 0-day clickjacking is really just whac-a-mole Show Notes - https://www.grc.com/sn/sn-1040-notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/securitynow zscaler.com/security bigid.com/securitynow uscloud.com

Alarm bells are ringing over a supposed browser zero-day, but is the threat as bad as it sounds? Steve reveals why "clickjacking" might be more whac-a-mole than breaking news, and what that really means for your passwords. • Germany may soon outlaw ad blockers • What's happening in the courts over AI • The U.K. drops its demands of Apple • New Microsoft 365 tenants being throttled • Is Russia preparing to block Google Meet? • Bluesky suspends its service in Mississippi • How to throttle AI • A tricky SSH-busting Go library • Here comes the Linux desktop malware • Apple just patched a doozy of a vulnerability • A trivial Docker escape was found and fixed • Why the recent browser 0-day clickjacking is really just whac-a-mole Show Notes - https://www.grc.com/sn/sn-1040-notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/securitynow zscaler.com/security bigid.com/securitynow uscloud.com

The end of an era: Properly formatted IP addresses in all of our data. When initiall designing DShield, addresses were zero padded , an unfortunate choice. As of this week, datafeeds should no longer be zero padded . https://isc.sans.edu/diary/The%20end%20of%20an%20era%3A%20Properly%20formated%20IP%20addresses%20in%20all%20of%20our%20data./32228 .desktop files used in an attack against Linux Desktops Pakistani attackers are using .desktop files to target Indian Linux desktops. https://www.cyfirma.com/research/apt36-targets-indian-boss-linux-systems-with-weaponized-autostart-files/ Malicious Go Module Disguised as SSH Brute Forcer Exfiltrates Credentials via Telegram A go module advertising its ability to quickly brute force passwords against random IP addresses, has been used to exfiltrate credentials from the person running the module. https://socket.dev/blog/malicious-go-module-disguised-as-ssh-brute-forcer-exfiltrates-credentials Limiting Onmicrosoft Domain Usage for Sending Emails Microsoft is limiting how many emails can be sent by Microsoft 365 users using the onmicrosoft.com domain. https://techcommunity.microsoft.com/blog/exchange/limiting-onmicrosoft-domain-usage-for-sending-emails/4446167

Airtel Router Scans and Mislabeled Usernames A quick summary of some odd usernames that show up in our honeypot logs https://isc.sans.edu/diary/Airtel%20Router%20Scans%2C%20and%20Mislabeled%20usernames/32216 Apple Patches 0-Day CVE-2025-43300 Apple released an update for iOS, iPadOS and MacOS today patching a single, already exploited, vulnerability in ImageIO. https://support.apple.com/en-us/124925 Microsoft Copilot Audit Logs A user retrieving data via copilot obscures the fact that the user may have had access to data in a specific file https://pistachioapp.com/blog/copilot-broke-your-audit-log Password Managers Susceptible to Clickjacking Many password managers are susceptible to clickjacking, and only few have fixed the problem so far https://marektoth.com/blog/dom-based-extension-clickjacking/

Guest: Craig H. Rowland, Founder and CEO, Sandfly Security Topics: When it comes to Linux environments – spanning on-prem, cloud, and even–gasp–hybrid setups – where are you seeing the most significant blind spots for security teams today?  There's sometimes a perception that Linux is inherently more secure or less of a malware target than Windows. Could you break down some of the fundamental differences in how malware behaves on Linux versus Windows, and why that matters for defenders in the cloud? 'Living off the Land' isn't a new concept, but on Linux, it feels like attackers have a particularly rich set of native tools at their disposal. What are some of the more subtly abused but legitimate Linux utilities you're seeing weaponized in cloud attacks, and how does that complicate detection? When you weigh agent-based versus agentless monitoring in cloud and containerized Linux environments, what are the operational trade-offs and outcome trade-offs security teams really need to consider?  SSH keys are the de facto keys to the kingdom in many Linux environments. Beyond just 'use strong passphrases,' what are the critical, often overlooked, risks associated with SSH key management, credential theft, and subsequent lateral movement that you see plaguing organizations, especially at scale in the cloud? What are the biggest operational hurdles teams face when trying to conduct incident response effectively and rapidly across such a distributed Linux environment, and what's key to overcoming them? Resources: EP194 Deep Dive into ADR - Application Detection and Response EP228 SIEM in 2025: Still Hard? Reimagining Detection at Cloud Scale and with More Pipelines  

Erlang OTP SSH Exploits A recently patched and easily exploited vulnerability in Erlang/OTP SSH is being exploited. Palo Alto collected some of the details about this exploit activity that they observed. https://unit42.paloaltonetworks.com/erlang-otp-cve-2025-32433/ WinRAR Exploited WinRAR vulnerabilities are actively being exploited by a number of threat actors. The vulnerability allows for the creation of arbitrary files as the archive is extracted. https://thehackernews.com/2025/08/winrar-zero-day-under-active.html Citrix Netscaler Exploit Updates The Dutch Center for Cyber Security is updating its guidance on recent Citrix Netscaler attacks. Note that the attacks started before a patch became available, and attackers are actively hiding their tracks to make it more difficult to detect a compromise. https://www.ncsc.nl/actueel/nieuws/2025/07/22/casus-citrix-kwetsbaarheid https://www.bleepingcomputer.com/news/security/netherlands-citrix-netscaler-flaw-cve-2025-6543-exploited-to-breach-orgs/ OpenSSH Post Quantum Encryption Starting in version 10.1, OpenSSH will warn users if they are using quantum-unsafe algorithms https://www.openssh.com/pq.html

Microsoft and Google among most affected as zero day exploits jump 46% Vietnamese hackers use PXA Stealer, hit 4,000 IPs and steal 200,000 passwords globally New Plague Linux malware stealthily maintains SSH access Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

If you like what you hear, please subscribe, leave us a review and tell a friend!

We're throwing a party in Vegas! Someone called it SCWPodCon last year, and the name stuck. It's sponsored by Teleport, the infrastructure identity company. Get SSO for SSH! If Thomas was here, I'm sure he'd tell you that Fly.io uses Teleport internally. Oh also there's some thing called Black..pill? Black Pool? Something like that happening in Vegas, with crypto talks, so we chatted about them a bit, plus some other stuffSCWPodCon 2025: https://securitycryptographywhatever.com/events/blackhatTranscript: https://securitycryptographywhatever.com/2025/07/29/vegas-baby/Links:- Fault Injection attacks on PQCS signatures: https://www.blackhat.com/us-25/briefings/schedule/index.html#bypassing-pqc-signature-verification-with-fault-injection-dilithium-xmss-sphincs-46362- Another attack on TETRA: https://www.blackhat.com/us-25/briefings/schedule/index.html#2-cops-2-broadcasting-tetra-end-to-end-under-scrutiny-46143- Attacks on SCADA / ICS protocols (OPC UA): https://www.blackhat.com/us-25/briefings/schedule/index.html#no-vpn-needed-cryptographic-attacks-against-the-opc-ua-protocol-44760- Attacks on Nostr:  https://www.blackhat.com/us-25/briefings/schedule/index.html#not-sealed-practical-attacks-on-nostr-a-decentralized-censorship-resistant-protocol-45726- https://signal.org/blog/the-ecosystem-is-moving/- https://en.wikipedia.org/wiki/Nostr- https://eurosp2025.ieee-security.org/program.html- https://cispa.de/en/research/publications/84648-attacking-and-fixing-the-android-protected-confirmation-protocol- https://hal.science/hal-05038009v2/file/main.pdf- 8-bit, abacus, and a dog: https://eprint.iacr.org/2025/1237.pdf- https://www.youtube.com/watch?v=Dlsa9EBKDGI- https://www.quantamagazine.org/computer-scientists-figure-out-how-to-prove-lies-20250709/- https://eprint.iacr.org/2025/118"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)

Send us a textThe BCIT simulation team shares their transformative journey from siloed departments to a unified center of excellence, culminating in their recent SSH accreditation as Canada's fourth accredited program. Carrie Meager and Heather Epp reveal how leadership support, psychological safety, and human-centered approaches created their successful simulation community.• Evolution from fragmented lab-based learning across 11 buildings to a coordinated simulation program with standardized practices• Moving beyond skills training to develop critical thinking, communication, teamwork, and clinical decision-making• Building psychological safety at every level creates an environment where innovation thrives• SSH accreditation process provided structure while identifying areas for quality improvement• Focus on human elements through their 40+ simulated participant program addressing communication challenges• Creative approaches like "cakeable moments" and SimPath faculty development promote psychological safety• Leadership support from deans and directors was crucial for success• Innovative virtual simulations address costly consumables in programs like Med Lab SciencesThe BCIT simulation team welcomes connections through LinkedIn or email and can be found at conferences like SimExpo and IMSH. They're happy to share resources and support others building simulation programs.Innovative SimSolutions.Your turnkey solution provider for medical simulation programs, sim centers & faculty design.

SSH Tunneling in Action: direct-tcp requests Attackers are compromising ssh servers to abuse them as relays. The attacker will configure port forwarding direct-tcp connections to forward traffic to a victim. In this particular case, the Yandex mail server was the primary victim of these attacks. https://isc.sans.edu/diary/SSH%20Tunneling%20in%20Action%3A%20direct-tcp%20requests%20%5BGuest%20Diary%5D/32094 Fortiguard FortiWeb Unauthenticated SQL injection in GUI (CVE-2025-25257) An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in FortiWeb may allow an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests. https://www.fortiguard.com/psirt/FG-IR-25-151 Ruckus Virtual SmartZone (vSZ) and Ruckus Network Director (RND) contain multiple vulnerabilities Ruckus products suffer from a number of critical vulnerabilities. There is no patch available, and users are advised to restrict access to the vulnerable admin interface. https://kb.cert.org/vuls/id/613753

Sudo patch your Linux systems. Cisco has removed a critical backdoor account that gave remote attackers root privileges. The Hunters International ransomware group rebrands and closes up shop. The Centers for Medicare and Medicaid Services (CMS) notifies 103,000 people that their personal data was compromised. NimDoor is a sophisticated North Korean cyber campaign targeting macOS. Researchers uncover a massive phishing campaign using thousands of fake retail websites. The FBI's top cyber official says Salt Typhoon is largely contained. Microsoft tells customers to ignore Windows Firewall error warnings. A California jury orders Google to pay $314 million for collecting Android user data without consent. Ben Yelin shares insights from this year's Supreme Court session. Ransomware negotiations with a side of side hustle. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today our guest is Ben Yelin from UMD CHHS, who is sharing a wrap up of this year's Supreme Court session. If you want to hear more from Ben, head on over to the Caveat podcast, where he is co-host with Dave as they discuss all things law and privacy.  Selected Reading Linux Users Urged to Patch Critical Sudo CVE (Infosecurity Magazine) Cisco warns that Unified CM has hardcoded root SSH credentials (Bleeping Computer) Hunters International ransomware shuts down after World Leaks rebrand (Bleeping Computer) Feds Notify 103,000 Medicare Beneficiaries of Scam, Breach (Data Breach Today) N Korean Hackers Drop NimDoor macOS Malware Via Fake Zoom Updates (Hackread) China-linked hackers spoof big-name brand websites to steal shoppers' payment info (The Record) Top FBI cyber official: Salt Typhoon ‘largely contained' in telecom networks (CyberScoop) Microsoft asks users to ignore Windows Firewall config errors (Bleeping Computer) California jury orders Google to pay $314 million over data transfers from Android phones (The Record) US Probes Whether Negotiator Took Slice of Hacker Payments (Bloomberg) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Sudo chroot Elevation of Privilege The sudo chroot option can be leveraged by any local user to elevate privileges to root, even if no sudo rules are defined for that user. https://www.stratascale.com/vulnerability-alert-CVE-2025-32463-sudo-chroot Polymorphic ZIP Files A zip file with a corrupt End of Central Directory Record may extract different data depending on the tool used to extract the files. https://hackarcana.com/article/yet-another-zip-trick Cisco Unified Communications Manager Static SSH Credentials Vulnerability A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that cannot be changed or deleted. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-ssh-m4UBdpE7

In this episode, recorded live at PSConfEU, Andrew catches up with some of the PowerShell team from Microsoft to talk all things PowerShell—from AIShell to PSResourceGet to the future of DSC and OpenSSH.   First up is Steven Bucher, Product Manager on the PowerShell team, who discusses the massive scale of PowerShell usage, the state of PowerShell 7, and the team's focus on security and reliability. He also gives an exciting walkthrough of AIShell and how it's helping users stay in the terminal while getting AI-driven help, error resolution, and integration with providers like Azure OpenAI and AI Foundry.   Then we hear from Anam, a software engineer working on PSResourceGet, PowerShell Gallery, and security. She shares details on the rewrite of PowerShellGet, performance improvements, and new features like container registry support. She also dives into Microsoft's Artifact Registry (MAR) and offers her take on coding as a creative, artistic endeavor.   Lastly, Tess joins the conversation to talk about OpenSSH and Desired State Configuration (DSC). She highlights the native cross-platform capabilities of DSC v3, its decoupling from PowerShell, and the move toward supporting resource development in languages like Python. Tess also shares the significance of SSH server availability in Windows Server 2025 and reflects on her open-source journey and love of outdoor sports.   Whether you're managing packages, remoting with SSH, exploring AI integrations, or just want to know more about some of the people behind PowerShell, this episode delivers valuable insights from the team building the tools you use.    Links and Mentions: https://www.linkedin.com/in/anamnavied/ https://www.linkedin.com/in/tess-gauthier-a43a368a/ https://www.linkedin.com/in/stevenabucher/ https://andrewpla.tech/links https://github.com/PowerShell/PowerShell https://github.com/PowerShell/AIShell https://github.com/PowerShell/PSResourceGet https://github.com/PowerShell/Win32-OpenSSH https://github.com/microsoft/DSC The PowerShell Podcast on YouTube: https://youtu.be/F4mVUHinjf4 The PowerShell Podcast: https://pdq.com/the-powershell-podcast Guests: Stephen Bucher – Product Manager II on the PowerShell Team Anam Navied – Software Engineer 2 @ Microsoft Tess Gauthier – Software Engineer @ Microsoft | OpenSSH

PhoneBoy discusses the latest TechTalk on AI Agents, Threat Prevention Performance Boost in R82, R82 JHF 25, SAML and Secondary Connect, SSH to a given VS, and the generic-object API.

This week: You got a Bad box, again Cameras are expose to the Internet EU and connected devices Hydrophobia NVRAM variables Have you heard about IGEL Linux? SSH and more NVRAM AI skeptics are nuts, and AI doesn't make you more efficient Trump Cybersecurity orders I think I can root my Pixel 6 Decentralized Wordpres plugin manager Threat actor naming conventions I have the phone number linked to your Google account Fortinet flaws exploited in ransomeware attacks (and how lack of information sharing is killing us) retiring floppy disks fault injection for the masses there is no defender AI blackmails Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-878

In memoriam: Bill Atkinson Meta native apps & JavaScript collude for a localhost local mess. The EU rolls out its own DNS4EU filtered DNS service. Ukraine DDoS's Russia's Railway DNS ... and... so what? The Linux Foundation creates an alternative Wordpress package manager. Court tells OpenAI it must NOT delete ANYONE's chats. Period! :( A CVSS 10.0 in Erlang/OTP's SSH library. Can Russia intercept Telegram? Perhaps. Spain's ISPs mistakenly block Google sites. Reddit sues Anthropic. Twitter's new encrypted DM's are as lame as the old ones. The Login.gov site may not have any backups. Apple explores the question of recent Large Reasoning Models "thinking" Show Notes - https://www.grc.com/sn/SN-1029-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow threatlocker.com for Security Now uscloud.com canary.tools/twit - use code: TWIT

In memoriam: Bill Atkinson Meta native apps & JavaScript collude for a localhost local mess. The EU rolls out its own DNS4EU filtered DNS service. Ukraine DDoS's Russia's Railway DNS ... and... so what? The Linux Foundation creates an alternative Wordpress package manager. Court tells OpenAI it must NOT delete ANYONE's chats. Period! :( A CVSS 10.0 in Erlang/OTP's SSH library. Can Russia intercept Telegram? Perhaps. Spain's ISPs mistakenly block Google sites. Reddit sues Anthropic. Twitter's new encrypted DM's are as lame as the old ones. The Login.gov site may not have any backups. Apple explores the question of recent Large Reasoning Models "thinking" Show Notes - https://www.grc.com/sn/SN-1029-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow threatlocker.com for Security Now uscloud.com canary.tools/twit - use code: TWIT

In memoriam: Bill Atkinson Meta native apps & JavaScript collude for a localhost local mess. The EU rolls out its own DNS4EU filtered DNS service. Ukraine DDoS's Russia's Railway DNS ... and... so what? The Linux Foundation creates an alternative Wordpress package manager. Court tells OpenAI it must NOT delete ANYONE's chats. Period! :( A CVSS 10.0 in Erlang/OTP's SSH library. Can Russia intercept Telegram? Perhaps. Spain's ISPs mistakenly block Google sites. Reddit sues Anthropic. Twitter's new encrypted DM's are as lame as the old ones. The Login.gov site may not have any backups. Apple explores the question of recent Large Reasoning Models "thinking" Show Notes - https://www.grc.com/sn/SN-1029-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow threatlocker.com for Security Now uscloud.com canary.tools/twit - use code: TWIT

In memoriam: Bill Atkinson Meta native apps & JavaScript collude for a localhost local mess. The EU rolls out its own DNS4EU filtered DNS service. Ukraine DDoS's Russia's Railway DNS ... and... so what? The Linux Foundation creates an alternative Wordpress package manager. Court tells OpenAI it must NOT delete ANYONE's chats. Period! :( A CVSS 10.0 in Erlang/OTP's SSH library. Can Russia intercept Telegram? Perhaps. Spain's ISPs mistakenly block Google sites. Reddit sues Anthropic. Twitter's new encrypted DM's are as lame as the old ones. The Login.gov site may not have any backups. Apple explores the question of recent Large Reasoning Models "thinking" Show Notes - https://www.grc.com/sn/SN-1029-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow threatlocker.com for Security Now uscloud.com canary.tools/twit - use code: TWIT

In memoriam: Bill Atkinson Meta native apps & JavaScript collude for a localhost local mess. The EU rolls out its own DNS4EU filtered DNS service. Ukraine DDoS's Russia's Railway DNS ... and... so what? The Linux Foundation creates an alternative Wordpress package manager. Court tells OpenAI it must NOT delete ANYONE's chats. Period! :( A CVSS 10.0 in Erlang/OTP's SSH library. Can Russia intercept Telegram? Perhaps. Spain's ISPs mistakenly block Google sites. Reddit sues Anthropic. Twitter's new encrypted DM's are as lame as the old ones. The Login.gov site may not have any backups. Apple explores the question of recent Large Reasoning Models "thinking" Show Notes - https://www.grc.com/sn/SN-1029-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow threatlocker.com for Security Now uscloud.com canary.tools/twit - use code: TWIT

In memoriam: Bill Atkinson Meta native apps & JavaScript collude for a localhost local mess. The EU rolls out its own DNS4EU filtered DNS service. Ukraine DDoS's Russia's Railway DNS ... and... so what? The Linux Foundation creates an alternative Wordpress package manager. Court tells OpenAI it must NOT delete ANYONE's chats. Period! :( A CVSS 10.0 in Erlang/OTP's SSH library. Can Russia intercept Telegram? Perhaps. Spain's ISPs mistakenly block Google sites. Reddit sues Anthropic. Twitter's new encrypted DM's are as lame as the old ones. The Login.gov site may not have any backups. Apple explores the question of recent Large Reasoning Models "thinking" Show Notes - https://www.grc.com/sn/SN-1029-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow threatlocker.com for Security Now uscloud.com canary.tools/twit - use code: TWIT

Simple SSH Backdoor Xavier came across a simple SSH backdoor taking advantage of the ssh client preinstalled on recent Windows systems. The backdoor is implemented via an SSH configuration file that instructs the SSH client to connect to a remote system and forward a shell on a random port. This will make the shell accessible to anybody able to connect to the C2 host. https://isc.sans.edu/diary/Simple%20SSH%20Backdoor/32000 Google Chrome to Distrust CAs Google Chrome will remove the Chunghwa Telecom and Netlock certificate authorities from its list of trusted CAs. Any certificates issued after July 31st will not be trusted. Certificates issued before the deadline will be trusted until they expire. https://security.googleblog.com/2025/05/sustaining-digital-certificate-security-chrome-root-store-changes.html Microsoft Emergency Update to Fix Crashes Caused by May Patch Microsoft released an emergency update for a bug caused by one of the patches released in May. Due to the bug, systems may not restart after the patch is applied. This affects, first of all, virtual systems running in Azure and HyperV but apparently has also affected some physical systems. https://learn.microsoft.com/en-us/windows/release-health/status-windows-11-23h2#kb5058405-might-fail-to-install-with-recovery-error-0xc0000098-in-acpi-sys Qualcomm Adreno Graphics Processing Unit Patch (Exploited!) Qualcomm released an update for the driver for its Adreno GPU. The patched vulnerability is already being exploited against Android devices. https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2025-bulletin.html

Document editors take center stage as Mikah and Rosemary show viewers the best apps for editing PDFs and plain text files on iOS devices. The hosts emphasize practical solutions for common document editing needs while showcasing both free built-in tools and premium third-party options for power users. Built-in PDF tool in Notes - Demonstrates how to attach PDFs to Notes documents, use Quick Look for basic annotation, highlighting, and form filling, plus collaborative editing features PDF Expert - Rosemary showcases advanced PDF editing capabilities including text editing, image replacement, adding clickable links to table of contents, redaction tools, and custom stamps Documents - Mikah highlights the comprehensive file management app with PDF tools, conversion options, page management, form filling, and multi-cloud storage integration Textastic - Rosemary gets technical with this specialized plain text editor supporting syntax highlighting for HTML, CSS, JavaScript, Python, and other programming languages, plus SSH terminal access and live preview features News WWDC 2025 announcement - Apple's Worldwide Developers Conference runs June 9-13, with keynote streaming available and exclusive Club TWiT live coverage planned for members Shortcuts Corner Follow-up from episode 751 - Dave from Ohio shares success creating an Apple TV remote shortcut button for his iPhone home screen using Rosemary's previous tutorial App Caps Wipr 2 - Simple, effective Safari content blocker that blocks ads and trackers without overwhelming features, created by solo developer Kaylee Calderolla Tatami - Addictive number puzzle game where players connect numbered blocks in lines and rectangles, free to play with $4.99 unlock option, also by developer Kaylee Calderolla Hosts: Mikah Sargent and Rosemary Orchard Contact iOS Today at iOSToday@twit.tv. Download or subscribe to iOS Today at https://twit.tv/shows/ios-today Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

Document editors take center stage as Mikah and Rosemary show viewers the best apps for editing PDFs and plain text files on iOS devices. The hosts emphasize practical solutions for common document editing needs while showcasing both free built-in tools and premium third-party options for power users. Built-in PDF tool in Notes - Demonstrates how to attach PDFs to Notes documents, use Quick Look for basic annotation, highlighting, and form filling, plus collaborative editing features PDF Expert - Rosemary showcases advanced PDF editing capabilities including text editing, image replacement, adding clickable links to table of contents, redaction tools, and custom stamps Documents - Mikah highlights the comprehensive file management app with PDF tools, conversion options, page management, form filling, and multi-cloud storage integration Textastic - Rosemary gets technical with this specialized plain text editor supporting syntax highlighting for HTML, CSS, JavaScript, Python, and other programming languages, plus SSH terminal access and live preview features News WWDC 2025 announcement - Apple's Worldwide Developers Conference runs June 9-13, with keynote streaming available and exclusive Club TWiT live coverage planned for members Shortcuts Corner Follow-up from episode 751 - Dave from Ohio shares success creating an Apple TV remote shortcut button for his iPhone home screen using Rosemary's previous tutorial App Caps Wipr 2 - Simple, effective Safari content blocker that blocks ads and trackers without overwhelming features, created by solo developer Kaylee Calderolla Tatami - Addictive number puzzle game where players connect numbered blocks in lines and rectangles, free to play with $4.99 unlock option, also by developer Kaylee Calderolla Hosts: Mikah Sargent and Rosemary Orchard Contact iOS Today at iOSToday@twit.tv. Download or subscribe to iOS Today at https://twit.tv/shows/ios-today Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

SSH authorized_keys File One of the most common techniques used by many bots is to add rogue keys to the authorized_keys file, implementing an SSH backdoor. Managing these files and detecting unauthorized changes is not hard and should be done if you operate Unix systems. https://isc.sans.edu/diary/Securing%20Your%20SSH%20authorized_keys%20File/31986 REMOTE COMMAND EXECUTION ON SMARTBEDDED METEOBRIDGE (CVE-2025-4008) Weatherstation software Meteobridge suffers from an easily exploitable unauthenticated remote code execution vulnerability https://www.onekey.com/resource/security-advisory-remote-command-execution-on-smartbedded-meteobridge-cve-2025-4008 https://forum.meteohub.de/viewtopic.php?t=18687 Manageengine ADAuditPlus SQL Injection Zoho patched two SQL Injection vulnerabilities in its ManageEngine ADAuditPlus product https://www.manageengine.com/products/active-directory-audit/cve-2025-41407.html https://www.manageengine.com/products/active-directory-audit/cve-2025-36527.html Dero Miner Infects Containers through Docker API Kaspersky found yet another botnet infecting docker containers to spread crypto coin miners. The initial access happens via exposed docker APIs. https://securelist.com/dero-miner-infects-containers-through-docker-api/116546/

No Internet Access: SSH to the Rescue If faced with restrictive outbound network access policies, a single inbound SSH connection can quickly be turned into a tunnel or a full-blown VPN https://isc.sans.edu/diary/No%20Internet%20Access%3F%20SSH%20to%20the%20Rescue!/31932 SAMSUNG magicINFO 9 Server Flaw Still exploitable The SAMSUNG magicINFO 9 Server Vulnerability we found being exploited last week is apparently still not completely patched, and current versions are vulnerable to the exploit observed in the wild. https://www.huntress.com/blog/rapid-response-samsung-magicinfo9-server-flaw Bring Your Own Installer: Bypassing SentinelOne Through Agent Version Change Interruption SentinelOne s installer is vulnerable to an exploit allowing attackers to shut down the end point protection software https://www.aon.com/en/insights/cyber-labs/bring-your-own-installer-bypassing-sentinelone Commvault Still Exploitable A recent patch for Commvault is apparently ineffective and the PoC exploit published by watchTowr is still working against up to date patched systems https://infosec.exchange/@wdormann/114458913006792356