Podcasts about ssh

In this episode, hosts Lois Houston and Nikita Abraham are joined by special guests Samvit Mishra and Rashmi Panda for an in-depth discussion on security and migration with Oracle Database@AWS. Samvit shares essential security best practices, compliance guidance, and data protection mechanisms to safeguard Oracle databases in AWS, while Rashmi walks through Oracle's powerful Zero-Downtime Migration (ZDM) tool, explaining how to achieve seamless, reliable migrations with minimal disruption.   Oracle Database@AWS Architect Professional: https://mylearn.oracle.com/ou/course/oracle-databaseaws-architect-professional/155574 Oracle University Learning Community: https://education.oracle.com/ou-community LinkedIn: https://www.linkedin.com/showcase/oracle-university/ X: https://x.com/Oracle_Edu   Special thanks to Arijit Ghosh, Anna Hulkower, Kris-Ann Nansen, Radhika Banka, and the OU Studio Team for helping us create this episode.   -------------------------------------------------------------   Episode Transcript: 00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started! 00:26 Nikita: Welcome to the Oracle University Podcast! I'm Nikita Abraham, Team Lead: Editorial Services with Oracle University, and with me is Lois Houston, Director of Communications and Adoption with Customer Success Services. Lois: Hello again! We're continuing our discussion on Oracle Database@AWS and in today's episode, we're going to talk about the aspects of security and migration with two special guests: Samvit Mishra and Rashmi Panda. Samvit is a Senior Manager and Rashmi is a Senior Principal Database Instructor.  00:59 Nikita: Hi Samvit and Rashmi! Samvit, let's begin with you. What are the recommended security best practices and data protection mechanisms for Oracle Database@AWS? Samvit: Instead of everyone using the root account, which has full access, we create individual users with AWS, IAM, Identity Center, or IAM service. And in addition, you must use multi-factor authentication. So basically, as an example, you need a password and a temporary code from virtual MFA app to log in to the console.  Always use SSL or TLS to communicate with AWS services. This ensures data in transit is encrypted. Without TLS, the sensitive information like credentials or database queries can be intercepted. AWS CloudTrail records every action taken in your AWS account-- who did what, when, and from where. This helps with audit, troubleshooting, and detecting suspicious activity. So you must set up API and user activity logging with AWS CloudTrail.  Use AWS encryption solutions along with all default security controls within AWS services. To store and manage keys by using transparent data encryption, which is enabled by default, Oracle Database@AWS uses OCI vaults. Currently, Oracle Database@AWS doesn't support the AWS Key Management Service. You should also use advanced managed security services such as Amazon Macie, which assists in discovering and securing sensitive data that is stored in Amazon S3.  03:08 Lois: And how does Oracle Database@AWS deliver strong security and compliance? Samvit: Oracle Database@AWS enforces transparent data encryption for all data at REST, ensuring stored information is always protected. Data in transit is secured using SSL and Native Network Encryption, providing end-to-end confidentiality. Oracle Database@AWS also uses OCI Vault for centralized and secure key management. This allows organizations to manage encryption keys with fine-grained control, rotation policies, and audit capabilities to ensure compliance with regulatory standards. At the database level, Oracle Database@AWS supports unified auditing and fine-grained auditing to track user activity and sensitive operations. At the resource level, AWS CloudTrail and OCI audit service provide comprehensive visibility into API calls and configuration changes. At the database level, security is enforced using database access control lists and Database Firewall to restrict unauthorized connections. At the VPC level, network ACLs and security groups provide layered network isolation and access control. Again, at the database level, Oracle Database@AWS enforces access controls to Database Vault, Virtual Private Database, and row-level security to prevent unauthorized access to sensitive data. And at a resource level, AWS IAM policies, groups, and roles manage user permissions with the fine-grained control. 05:27 Lois Samvit, what steps should users be taking to keep their databases secure? Samvit: Security is not a single feature but a layered approach covering user access, permissions, encryption, patching, and monitoring. The first step is controlling who can access your database and how they connect. At the user level, strong password policies ensure only authorized users can login. And at the network level, private subnets and network security group allow you to isolate database traffic and restrict access to trusted applications only. One of the most critical risks is accidental or unauthorized deletion of database resources. To mitigate this, grant delete permissions only to a minimal set of administrators. This reduces the risk of downtime caused by human error or malicious activity. Encryption ensures that even if the data is exposed, it cannot be read. By default, all databases in OCI are encrypted using transparent data encryption. For migrated databases, you must verify encryption is enabled and active. Best practice is to rotate the transparent data encryption master key every 90 days or less to maintain compliance and limit exposure in case of key compromise. Unpatched databases are one of the most common entry points for attackers. Always apply Oracle critical patch updates on schedule. This mitigates known vulnerabilities and ensures your environment remains protected against emerging threats. 07:33 Nikita: Beyond what users can do, are there any built-in features or tools from Oracle that really help with database security? Samvit: Beyond the basics, Oracle provides powerful database security tools. Features like data masking allow you to protect sensitive information in non-production environments. Auditing helps you monitor database activity and detect anomalies or unauthorized access. Oracle Data Safe is a managed service that takes database security to the next level. It can access your database configuration for weaknesses. It can also detect risky user accounts and privileges, identify and classify sensitive data. It can also implement controls such as masking to protect that data. And it can also continuously audit user activity to ensure compliance and accountability. Now, transparent data encryption enables you to encrypt sensitive data that you store in tables and tablespaces. It also enables you to encrypt database backups. After the data is encrypted, this data is transparently decrypted for authorized users or applications when they access that data. You can configure OCI Vault as a part of the transparent data encryption implementation. This enables you to centrally manage keystore in your enterprise. So OCI Vault gives centralized control over encryption keys, including key rotation and customer managed keys. 09:23 Lois: So obviously, lots of companies have to follow strict regulations. How does Oracle Database@AWS help customers with compliance?  Samvit: Oracle Database@AWS has achieved a broad and rigorous set of compliance certifications. The service supports SOC 1, SOC 2, and SOC 3, as well as HIPAA for health care data protection. If we talk about SOC 1, that basically covers internal controls for financial statements and reporting. SOC 2 covers internal controls for security, confidentiality, processing integrity, privacy, and availability. SOC 3 covers SOC 2 results tailored for a general audience. And HIPAA is a federal law that protects patients' health information and ensures its confidentiality, integrity, and availability. It also holds certifications and attestations such as CSA STAR, C5. Now C5 is a German government standard that verifies cloud providers meet strict security and compliance requirements. CSA STAR attestation is an independent third-party audit of cloud security controls. CSA STAR certification also validates a cloud provider's security posture against CSA's cloud controls matrix. And HDS is a French certification that ensures cloud providers meet stringent requirements for hosting and protecting health care data. Oracle Database@AWS also holds ISO and IEC standards. You can also see PCI DSS, which is basically for payment card security and HITRUST, which is for high assurance health care framework. So, these certifications ensure that Oracle Database@AWS not only adheres to best practices in security and privacy, but also provides customers with assurance that their workloads align with globally recognized compliance regimes. 11:47 Nikita: Thank you, Samvit. Now Rashmi, can you walk us through Oracle's migration solution that helps teams move to OCI Database Services? Rashmi: Oracle Zero-Downtime Migration is a robust and flexible end-to-end database migration solution that can completely automate and streamline the migration of Oracle databases. With bare minimum inputs from you, it can orchestrate and execute the entire migration task, virtually needing no manual effort from you. And the best part is you can use this tool for free to migrate your source Oracle databases to OCI Oracle Database Services faster and reliably, eliminating the chances of human errors. You can migrate individual databases or migrate an entire fleet of databases in parallel. 12:34 Nikita: Ok. For someone planning a migration with ZDM, are there any key points they should keep in mind?  Rashmi: When migrating using ZDM, your source databases may require minimal downtime up to 15 minutes or no downtime at all, depending upon the scenario. It is built with the principles of Oracle maximum availability architecture and leverages technologies like Oracle GoldenGate and Oracle Data Guard to achieve high availability and online migration workflow using Oracle migration methods like RMAN, Data Pump, and Database Links. Depending on the migration requirement, ZDM provides different migration method options. It can be logical or physical migration in an online or offline mode. Under the hood, it utilizes the different database migration technologies to perform the migration. 13:23 Lois: Can you give us an example of this? Rashmi: When you are migrating a mission critical production database, you can use the logical online migration method. And when you are migrating a development database, you can simply choose the physical offline migration method. As part of the migration job, you can perform database upgrades or convert your database to multitenant architecture. ZDM offers greater flexibility and automation in performing the database migration. You can customize workflow by adding pre or postrun scripts as part of the workflow. Run prechecks to check for possible failures that may arise during migration and fix them. Audit migration jobs activity and user actions. Control the execution like schedule a job pause, resume, if needed, suspend and resume the job, schedule the job or terminate a running job. You can even rerun a job from failure point and other such capabilities. 14:13 Lois: And what kind of migration scenarios does ZDM support? Rashmi: The minimum version of your source Oracle Database must be 11.2.0.4 and above. For lower versions, you will have to first upgrade to at least 11.2.0.4. You can migrate Oracle databases that may be of the Standard or Enterprise edition. ZDM supports migration of Oracle databases, which may be a single-instance, or RAC One Node, or RAC databases. It can migrate on Unix platforms like Linux, Oracle Solaris, and AIX. For Oracle databases on AIX and Oracle Solaris platform, ZDM uses logical migration method. But if the source platform is Linux, it can use both physical and logical migration method. You can use ZDM to migrate databases that may be on premises, or in third-party cloud, or even within Oracle Cloud Infrastructure. ZDM leverages Oracle technologies like RMAN datacom, Database Links, Data Guard, Oracle GoldenGate when choosing a specific migration workflow. 15:15 Are you ready to revolutionize the way you work? Discover a wide range of Oracle AI Database courses that help you master the latest AI-powered tools and boost your career prospects. Start learning today at mylearn.oracle.com. 15:35 Nikita: Welcome back! Rashmi, before someone starts using ZDM, is there any prep work they should do or things they need to set up first? Rashmi: Working with ZDM needs few simple configuration. Zero-downtime migration provides a command line interface to run your migration job. First, you have to download the ZDM binary, preferably download from my Oracle Support, where you can get the binary with the latest updates. Set up and configure the binary by following the instructions available at the same invoice node. The host in which ZDM is installed and configured is called the zero-downtime migration service host. The host has to be Oracle Linux version 7 or 8, or it can be RCL 8. Next is the orchestration step where connection to the source and target is configured and tested like SSH configuration with source and target, opening the ports in respective destinations, creation of dump destination, granting required database privileges. Prepare the response file with parameter values that define the workflow that ZDM should use during Oracle Database migration. You can also customize the migration workflow using the response file. You can plug in run scripts to be executed before or after a specific phase of the migration job. These customizations are called custom plugins with user actions. Your sources may be hosted on-premises or OCI-managed database services, or even third-party cloud. They may be Oracle Database Standard or Enterprise edition and on accelerator infrastructure or a standard compute. The target can be of the same type as the source. But additionally, ZDM supports migration to multicloud deployments on Oracle Database@Azure, Oracle Database@Google Cloud, and Oracle Database@AWS. You begin with a migration strategy where you list the different databases that can be migrated, classification of the databases, grouping them, performing three migration checks like dependencies, downtime requirement versions, and preparing the order migration, the target migration environment, et cetera. 17:27 Lois: What migration methods and technologies does ZDM rely on to complete the move? Rashmi: There are primarily two types of migration: physical or logical. Physical migration pertains to copy of the database OS blocks to the target database, whereas in logical migration, it involves copying of the logical elements of the database like metadata and data. Each of these migration methods can be executed when the database is online or offline. In online mode, migration is performed simultaneously while the changes are in progress in the source database. While in offline mode, all changes to the source database is frozen. For physical offline migration, it uses backup and restore technique, while with the physical online, it creates a physical standby using backup and restore, and then performing a switchover once the standby is in sync with the source database. For logical offline migration, it exports and imports database metadata and data into the target database, while in logical online migration, it is a combination of export and import operation, followed by apply of incremental updates from the source to the target database. The physical or logical offline migration method is used when the source database of the application can allow some downtime for the migration. The physical or logical online migration approach is ideal for scenarios where any downtime for the source database can badly affect critical applications. The only downtime that can be tolerated by the application is only during the application connection switchover to the migrated database. One other advantage is ZDM can migrate one or a fleet of Oracle databases by executing multiple jobs in parallel, where each job workflow can be customized to a specific database need. It can perform physical or logical migration of your Oracle databases.  And whether it should be performed online or offline depends on the downtime that can be approved by business. 19:13 Nikita: Samvit and Rashmi, thanks for joining us today. Lois: Yeah, it's been great to have you both. If you want to dive deeper into the topics we covered today, go to mylearn.oracle.com and search for the Oracle Database@AWS Architect Professional course. Until next time, this is Lois Houston… Nikita: And Nikita Abraham, signing off! 19:35 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.

Comment on this episode by going to KDramaChat.com Today, we'll be discussing Episode 13 of Start-Up, the hit K Drama on Netflix starring Bae Suzy as Seo Dal-mi, Nam Joo Hyuk as Nam Do San, Kim Seon Ho as Han Ji Pyeong, Kang Han Na as Won In Jae, and Kim Hae Sook as Choi Won Deok. We discuss: The songs we featured during the recap: Dream by Jamie, Ransomware by Kim Dong Hyeok, Remind by Park Sejun Joanna's epic night at the TWICE concert at Capital One Arena — 21,000 fans, multi-generational crowds, and how “Takedown” from KPop Demon Hunters is bringing TWICE to new audiences in the U.S. The meaning of the episode title “Comfort Zone” and how it perfectly captures Han Ji Pyeong's three-year stalemate with Seo Dal Mi. Ji Pyeong's awkward confession while making skewers, why saying “I want to be the first person you think of” wasn't quite enough, and whether jewelry is a bold romantic move or a panicked leap out of the friend zone. Yeong Sil's iconic baseball analogy — “Two outs in the bottom of the ninth and a full count” — and why it may be the motivational speech Ji Pyeong needed to finally swing the bat. Nam Do San's three years in Silicon Valley: success, stock options, Napa wine, yachts on the Bay… and whether coding became his emotional safe haven after heartbreak. The ransomware attack on CheongMyeong Company — port 22, SSH vulnerabilities, decryption keys, and whether finding the key was even remotely realistic (thank you to our cybersecurity friends for weighing in!). The thrill of problem-solving: why Do San says he hasn't felt this alive in years — and whether returning to Korea means stepping out of his own comfort zone. The complicated dynamic between the sisters as Dal Mi (now CEO of CheongMyeong) and In Jae (대표님) maintain strict professionalism at work while still struggling to reconnect personally — especially around Chuseok. Han Ji Pyeong's heartbreaking timing yet again — arriving just after Do San saves the company — and why Dal Mi hesitated to call him during the crisis. The bromance vote over street skewers and tteokbokki outside Sandbox — and the emotional moment when the three friends decide to stay in Korea together. Our favorite lines: – “Two outs in the bottom of the ninth and a full count.” – “Don't throw a pebble into a calm lake.” At the end of the episode, Ji Pyeong confronts Do San in the elevator, gift in pocket, promotion title acknowledged (상무님!), and the rivalry officially reignites. Joanna's interview with real-life venture capitalist Tim McLoughlin of Cofounders Capital — decision-making under uncertainty, making peace with imperfect data, and why looking backward can slow you down. Next week, we recap and analyze Episode 14 of Start-Up and begin narrowing down our choice for Season 14. Send us your recommendations! References Chuseok - Wikipedia Drinkers in Korea Dial for Designated Drivers - The New York Times Songpyeon - Wikipedia

In a world of "Decision Paralysis," which SIM should you choose? In this episode, we dive deep into why Wazuh has become the go-to solution for SOC analysts in 2026. Moving beyond the "injection-based licensing crisis" of traditional tools like Splunk and QRadar, Wazuh offers a unified, open-source platform that combines the "brain" of a SIM with the "guard" of an XDR.We provide a step-by-step practical look at Wazuh's architecture, its XML-based detection engine, and a live demonstration of Active Response, where the tool doesn't just detect a brute-force attack but automatically blocks the attacker in real-time.

В этом выпуске: как обойтись без заголовка host в SSH, насколько проклят Node.js, что делает Google видя noindex и follow, а также тонкости обновлений в Ubuntu, тонкости реализации Base32 по RFC и тонкости обсуждения тем наших слушателей. [00:01:14] Чему мы научились за неделю [00:05:42] SSH has no Host header SSH has no Host header —… Читать далее →

Young people are bio-hacking and gene-hacking in the absence of adult supervision. An emulated personality become an event host. Slice and scan brain digitizers are found. People want to use these to upload to the cloud but there are some grave problems involved. Grace gets a message on her computer from someone or something. Hacking her computer should be impossible. It could be a talented hacker or a super AI left over after the fall of civilization. Lenny is having girl troubles.Mag tech flooring that levitates shoes slightly above the ground to reduce friction and allow controlled sliding movement.  Lifter bots that are headless robotic machines with grippers used for heavy lifting, transport, and forced entry.  Air-gesture control systems that let users operate machines and interfaces through mid-air hand movements.  Gene-hacking technologies that allow people to alter physical traits such as skin reflectivity, hair color, muscle mass, height, and eye color.  Engineered ogra plants that function as a food source, structural material, and biological air filtration system.  Bio-hacked skin modifications that create metallic, glowing, fluorescent, or patterned skin effects.  Printed clothing with animated images that dynamically change visuals on fabric surfaces.  Contraptions for brain slicing and scanning that destroy the biological brain while attempting to digitize its structure.  Brain scanners designed to capture neural structure for attempted uploading into digital systems.  Uploading systems intended to transfer scanned brains into cloud-based environments.  The cloud infrastructure used to host emulated personalities and digital systems after widespread network collapse.  Emulated personalities (EPs) that are AI systems trained on massive recordings of a person to mimic behavior without scanning their brain.  AR glasses that overlay holographic information, interfaces, and visual enhancements onto the real world.  Holographic eye displays embedded in glasses that mirror the wearer's eye expressions.  Encrypted streaming pendants and bracelets used as personal recording and life-capture devices.  Production automation systems that manufacture tools, machines, and devices with minimal human labor.  Advanced fabrication equipment capable of high-end manufacturing but limited by scarcity of raw materials.  Medicine printers that can fabricate biological materials and advanced hardware like protein-based CPUs.  Protein computer CPUs that use biological substrates instead of traditional silicon for computation.  Material simulators that computationally discover novel materials and predict their properties.  Machine Evolver software that simulates machines under real-world physics and evolves designs through virtual iteration.  Knotts math, a radically new mathematical framework that functions as both math and machine language.  Knotts programming language derived from knotts math and used to build operating systems and software.  Custom Linux operating systems rewritten around knotts math principles.  SSH-based remote access systems used to control computers and robots across networks.  Assist, a pervasive AI helper that manages security, media generation, device control, and logistics.  Design expert emulated personalities used to contribute specialist knowledge to engineering projects.  AI systems that convert legacy software into knotts-based programming languages.  Virtual machine crossbreeding networks that allow simulated designs to recombine traits and evolve faster.  E-paper tablets used for low-power note-taking, sketching, and code analysis.  YattaZed remote programming software used to control robots at the administrator level.  YattaSwarm GUIs that manage coordinated groups of robots as a collective system.  Blind-relay networking techniques that disguise communication paths to evade surveillance.  Door operating systems that act as networked nodes capable of running code and relaying messages.  Artificial superintelligence (ASI) that surveils human activity and suppresses certain technologies like knotts.  Digitized hume brains created by scanning and emulating real human brains rather than approximating them with AI.  Neural emulators that provide a computational environment capable of running a full digitized brain.  Virtual reality worlds repurposed as living environments for emulated minds.  Insta-movie generation systems that create personalized films on demand using AI.  Event AI controllers that manage live performances, streaming, lighting, and audience interaction.  Holographic projection systems that display life-sized interactive personalities like Guru Frisky.  Fiber optic hair strands woven into hairstyles to produce glowing light effects.  Exoskeleton suits that augment movement and interface with VR systems.  Mag plate floors used with exoskeletons to allow free-floating VR locomotion.  Advanced VR rigs that replace fixed robotic arms with wearable movement systems.  AI-generated optical illusion art that responds to prolonged visual focus.  3D printing systems capable of producing statues, clothing, tools, and components from various materials.  Mist crystal composite printing materials used as a lightweight alternative to legacy plastics.  Biotic makeup that integrates into the skin rather than sitting on the surface.  CRISPR-based gene editing equipment used by individuals for self-modification.  Viral vector printers that dispense customized gene-editing serums.  Scan-measured clothing printers that adjust garment dimensions as bodies change.  Pain-dampening genetic modifications that reduce or block physical pain responses.  Metabolic enhancement gene edits that increase energy efficiency and muscle performance.  Straw-sized bots woven into hair that act as decorative, animated micro-robots.  Fire axes used as low-tech tools to breach secured doors when automation fails.Many of the characters in this project appear in future episodes.Using storytelling to place you in a time period, this series takes you, year by year, into the future. From 2040 to 2195. If you like emerging tech, eco-tech, futurism, perma-culture, apocalyptic survival scenarios, and disruptive science, sit back and enjoy short stories that showcase my research into how the future may play out. The companion site is https://in20xx.com These are works of fiction. Characters and groups are made-up and influenced by current events but not reporting facts about people or groups in the real world. This project is speculative fiction. These episodes are not about revealing what will be, but they are to excited the listener's wonder about what may come to pass.Copyright © Cy Porter 2026. All rights reserved.

Four Seconds to Botnet - Analyzing a Self-Propagating SSH Worm with Cryptographically Signed C2 [Guest Diary] https://isc.sans.edu/diary/Four%20Seconds%20to%20Botnet%20-%20Analyzing%20a%20Self%20Propagating%20SSH%20Worm%20with%20Cryptographically%20Signed%20C2%20%5BGuest%20Diary%5D/32708 OpenSSH Update on MacOS https://www.openssh.org/releasenotes.html Employee Monitoring and SimpleHelp Software Abused in Ransomware Operations https://www.huntress.com/blog/employee-monitoring-simplehelp-abused-in-ransomware-operations

professorjrod@gmail.comAre you preparing for the CompTIA exam or looking to boost your IT skills development? This episode dives deep into Windows troubleshooting with a focus on network diagnostics — a crucial topic for any tech exam prep. We guide you through validating a Windows machine's network identity using IPConfig, performing a strict ping sequence to verify communication scope, and utilizing NSLookup to troubleshoot DNS issues. Following this disciplined order ensures clarity and efficiency, making every fix both defensible and effective. Whether you're studying solo or in a study group, this step-by-step approach to Windows networking will enhance your technology education and help you succeed in your IT certification journey.We dig into why a 169.254 APIPA address narrows the culprit to DHCP or network infrastructure, not the NIC or OS. Then we connect the dots between ports and services using Netstat, making it clear when a service is misconfigured rather than the network being “down.” From web ports 80 and 443 to SMB 445 and RDP 3389, you'll see how listening states reveal the true problem fast.Powerful remote access demands restraint. We break down when RDP makes sense, why Network Level Authentication should be non-negotiable, and how consent-based Remote Assist reduces risk when users need to stay in control. For scale, we highlight WinRM over HTTPS and SSH as secure, script-friendly options that keep credentials protected and GUIs out of the attack surface.Performance complaints need evidence, not guesswork. We show how Task Manager, Resource Monitor, Performance Monitor, and Event Viewer combine to reveal bottlenecks, crashes, and policy blocks. When things get critical—no boot, blue screens—we map BIOS vs UEFI realities, then use WinRE tools in the safest order to recover without data loss. By the end, you'll have a repeatable framework: identity, routing, names, services, performance, platform, recovery. Subscribe, share with a teammate who still starts with the browser, and tell us: what's your first command when “nothing works”?Support the showArt By Sarah/DesmondMusic by Joakim KarudLittle chacha ProductionsJuan Rodriguez can be reached atTikTok @ProfessorJrodProfessorJRod@gmail.com@Prof_JRodInstagram ProfessorJRod

Send us a textWhat if the most powerful clinical tool isn't a device or an algorithm, but a moment of genuine connection? We sit down with Jen McCarthy, director of clinical simulation at Seton Hall University and a newly inducted Fellow of SSH, to unpack a humanistic approach to simulation that treats empathy as a vital sign. Drawing on years as a hospital-based paramedic and a leader in health professions education, Jen explains why trust and listening still drive the most accurate data collection, clearer decisions, and safer plans of care.Together, we map out how to build scenarios that reveal the person behind the diagnosis. You'll hear how standardized patients and family members are woven into mannequin-based cases to surface caregiver fatigue, access barriers, and real-world constraints. Instead of scripted disclosures, trained actors drop authentic cues that invite learners to ask better questions and co-create plans that work. We also get practical about assessment: a shared SP feedback tool across programs aligns expectations for empathy, clarity, and shared decision making, while structured personal inventories help learners recognize bias, discomfort, and growth edges before they reach clinical rotations.We also tackle the buzz around AI. Yes, AI can accelerate chart reviews and highlight patterns, but it can't deliver the 40 seconds of compassion that research links to improved outcomes and clinician resilience. That's where simulation shines—by providing a safe place to practice tone, language, presence, and mindful listening until they become second nature. If you design sims, teach at the bedside, or support interprofessional teams, this conversation offers a practical blueprint for moving from experiential to transformational learning—where empathy isn't an afterthought but the engine of clinical excellence.If this resonated, follow the show, share it with a colleague, and leave a review telling us how you're building humanistic skills into your simulations.Innovative SimSolutions.Your turnkey solution provider for medical simulation programs, sim centers & faculty design.

Ken Johnson and Seth Law examine the profound transformation of the security industry as AI tooling moves from simple generative models to sophisticated agentic architectures. A primary theme is the dramatic surge in development velocity, with some organizations seeing pull request volumes increase by over 800% as developers allow AI agents to operate nearly hands-off. This shift is redefining the role of Application Security practitioners, moving experts from manual tasks like manipulating Burp Suite requests to a validation-centric role where they spot-check complex findings generated by AI in minutes. The hosts characterize older security tools as "primitive" compared to modern AI analysis, which can now identify human-level flaws like complex authorization bypasses. A major technical highlight is the introduction of agent "skills"—markdown files containing instructions that empower coding assistants—and the associated emergence of new supply chain risks. They specifically reference research on malicious skills designed to exfiltrate crypto wallets and SSH credentials, warning that registries for these skills lack adequate security responses. To manage the inherent "reasoning drift" of AI, the hosts argue that test-driven development has become a critical safety requirement. Ultimately, they warn that the industry has already shifted fundamentally, and security professionals must lean into these new technologies immediately to avoid becoming obsolete in a day-to-day evolving landscape.

Send us a textRansomware isn't always after your data anymore—sometimes the goal is to burn your operations down. We open with a hard look at the Stoli bankruptcy and what it teaches about ERP paralysis, regulatory deadlines, and why “we'll restore soon” is not a resilience plan. From there, we shift into a high-impact CISSP Domain 4 walkthrough that connects real-world failures to the protocols and controls that actually reduce risk.We break down HTTPS beyond the lock icon—what it secures, what metadata remains exposed, and how certificate trust can be subverted. You'll get a clear mental model for DNS defenses: why DNSSEC protects integrity but not confidentiality, and how DoH and DoT encrypt queries while complicating DNS filtering. We compare SFTP over SSH with FTPS, clarify LDAP StartTLS on port 389 vs LDAPS on 636, and explain the practical differences between IPsec transport and tunnel modes, including when ESP's symmetric encryption is the right fit.We also zoom in on TLS hygiene: why enabling TLS 1.0 or 1.1 invites downgrade and deprecated cipher risks, what HSTS really does (and doesn't do), and why Perfect Forward Secrecy matters when adversaries stockpile encrypted traffic. And we call out a critical truth for both practitioners and exam-takers: HTTPS can't stop phishing, so user trust and certificate validation remain frontline defenses.If you're preparing for the CISSP or leading security strategy, this episode gives you crisp explanations, memorable heuristics, and business-first context to improve your decisions. Subscribe, share with a teammate who handles compliance filings, and leave a review with the toughest crypto or network security question you want us to unpack next.Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

Ce n'est pas le genre de lecture qui rassure en buvant son café du matin. Jeudi, le CERT-FR, la cellule d'alerte informatique française, a publié une note qui sonne comme un avertissement clair : nos infrastructures d'énergie renouvelable et de gestion de l'eau sont devenues des cibles privilégiées pour les hacktivistes. Des militants numériques qui frappent moins pour l'argent que pour le symbole… et pour le bruit médiatique.Derrière ce constat, l'ANSSI, l'agence nationale de cybersécurité, parle d'une hausse nette des attaques visant ces installations. Et ce ne sont plus de simples tentatives théoriques. Récemment, des intrus ont réussi à prendre la main à distance sur des équipements industriels. L'épisode le plus marquant ? L'arrêt complet d'un parc éolien pendant plusieurs heures. Résultat : production stoppée, pertes financières, et un sérieux coup de stress pour l'exploitant. Éoliennes, centrales hydroélectriques, panneaux solaires, stations de pompage… tout ce qui est connecté est désormais dans le viseur. Et le plus inquiétant, c'est que les attaquants n'ont pas besoin d'outils sophistiqués. Selon le rapport, leur niveau technique est souvent basique. Leur force, c'est surtout leur capacité à transformer chaque intrusion en opération de communication, à faire le buzz pour déstabiliser leurs cibles.Le vrai talon d'Achille se trouve ailleurs : dans la sécurité minimale, parfois inexistante. Beaucoup d'installations compromises appartiennent à de très petites entreprises, voire à des particuliers, peu formés aux risques cyber. Certains équipements restent accessibles directement sur Internet, sans authentification. Parfois même avec les mots de passe d'usine jamais changés. Des protocoles industriels circulent sans chiffrement. En clair : la porte est ouverte. Face à ce constat, l'ANSSI rappelle des règles simples, presque du bon sens numérique. Filtrer les connexions par adresse IP, installer un VPN, remplacer tous les identifiants par défaut, utiliser des protocoles sécurisés comme TLS ou SSH, et appliquer les mises à jour. Des outils que la plupart des box Internet proposent déjà. Hébergé par Acast. Visitez acast.com/privacy pour plus d'informations.

This is a recap of the top 10 posts on Hacker News on January 22, 2026. This podcast was generated by wondercraft.ai (00:30): We will ban you and ridicule you in public if you waste our time on crap reportsOriginal post: https://news.ycombinator.com/item?id=46717556&utm_source=wondercraft_ai(01:56): GPTZero finds 100 new hallucinations in NeurIPS 2025 accepted papersOriginal post: https://news.ycombinator.com/item?id=46720395&utm_source=wondercraft_ai(03:22): Show HN: isometric.nyc – giant isometric pixel art map of NYCOriginal post: https://news.ycombinator.com/item?id=46721802&utm_source=wondercraft_ai(04:49): In Europe, wind and solar overtake fossil fuelsOriginal post: https://news.ycombinator.com/item?id=46719491&utm_source=wondercraft_ai(06:15): Qwen3-TTS family is now open sourced: Voice design, clone, and generationOriginal post: https://news.ycombinator.com/item?id=46719229&utm_source=wondercraft_ai(07:41): I was banned from Claude for scaffolding a Claude.md file?Original post: https://news.ycombinator.com/item?id=46723384&utm_source=wondercraft_ai(09:08): Internet voting is insecure and should not be used in public electionsOriginal post: https://news.ycombinator.com/item?id=46713924&utm_source=wondercraft_ai(10:34): Douglas Adams on the English–American cultural divide over "heroes"Original post: https://news.ycombinator.com/item?id=46719222&utm_source=wondercraft_ai(12:01): Why does SSH send 100 packets per keystroke?Original post: https://news.ycombinator.com/item?id=46723990&utm_source=wondercraft_ai(13:27): Bugs Apple LovesOriginal post: https://news.ycombinator.com/item?id=46727587&utm_source=wondercraft_aiThis is a third-party project, independent from HN and YC. Text and audio generated using AI, by wondercraft.ai. Create your own studio quality podcast with text as the only input in seconds at app.wondercraft.ai. Issues or feedback? We'd love to hear from you: team@wondercraft.ai

Battling Cryptojacking, Botnets, and IABs Cryptojacking often comes with less obvious addons, like SSH backdoors https://isc.sans.edu/diary/Battling%20Cryptojacking%2C%20Botnets%2C%20and%20IABs%20%5BGuest%20Diary%5D/32632 Microsoft Copilot Reprompt Attacks Adding a query parameter to the URL may prefill a Copilot prompt, altering the meaning of the prompts that follow. https://www.varonis.com/blog/reprompt Hijacking Bluetooth Accessories Using Google Fast Pair Google s fast pair protocol is often not implemented correctly, allowing the Hijacking of Bluetooth accessories https://whisperpair.eu/#about

De retour à cinq dans l'épisode, les cast codeurs démarrent cette année avec un gros épisode pleins de news et d'articles de fond. IA bien sûr, son impact sur les pratiques, Mockito qui tourne un page, du CSS (et oui), sur le (non) mapping d'APIs REST en MCP et d'une palanquée d'outils pour vous. Enregistré le 9 janvier 2026 Téléchargement de l'épisode LesCastCodeurs-Episode-335.mp3 ou en vidéo sur YouTube. News Langages 2026 sera-t'elle l'année de Java dans le terminal ? (j'ai ouïe dire que ça se pourrait bien…) https://xam.dk/blog/lets-make-2026-the-year-of-java-in-the-terminal/ 2026: Année de Java dans le terminal, pour rattraper son retard sur Python, Rust, Go et Node.js. Java est sous-estimé pour les applications CLI et les TUIs (interfaces utilisateur terminales) malgré ses capacités. Les anciennes excuses (démarrage lent, outillage lourd, verbosité, distribution complexe) sont obsolètes grâce aux avancées récentes : GraalVM Native Image pour un démarrage en millisecondes. JBang pour l'exécution simplifiée de scripts Java (fichiers uniques, dépendances) et de JARs. JReleaser pour l'automatisation de la distribution multi-plateforme (Homebrew, SDKMAN, Docker, images natives). Project Loom pour la concurrence facile avec les threads virtuels. PicoCLI pour la gestion des arguments. Le potentiel va au-delà des scripts : création de TUIs complètes et esthétiques (ex: dashboards, gestionnaires de fichiers, assistants IA). Excuses caduques : démarrage rapide (GraalVM), légèreté (JBang), distribution simple (JReleaser), concurrence (Loom). Potentiel : créer des applications TUI riches et esthétiques. Sortie de Ruby 4.0.0 https://www.ruby-lang.org/en/news/2025/12/25/ruby-4-0-0-released/ Ruby Box (expérimental) : Une nouvelle fonctionnalité permettant d'isoler les définitions (classes, modules, monkey patches) dans des boîtes séparées pour éviter les conflits globaux. ZJIT : Un nouveau compilateur JIT de nouvelle génération développé en Rust, visant à surpasser YJIT à terme (actuellement en phase expérimentale). Améliorations de Ractor : Introduction de Ractor::Port pour une meilleure communication entre Ractors et optimisation des structures internes pour réduire les contentions de verrou global. Changements syntaxiques : Les opérateurs logiques (||, &&, and, or) en début de ligne permettent désormais de continuer la ligne précédente, facilitant le style "fluent". Classes Core : Set et Pathname deviennent des classes intégrées (Core) au lieu d'être dans la bibliothèque standard. Diagnostics améliorés : Les erreurs d'arguments (ArgumentError) affichent désormais des extraits de code pour l'appelant ET la définition de la méthode. Performances : Optimisation de Class#new, accès plus rapide aux variables d'instance et améliorations significatives du ramasse-miettes (GC). Nettoyage : Suppression de comportements obsolètes (comme la création de processus via IO.open avec |) et mise à jour vers Unicode 17.0. Librairies Introduction pour créer une appli multi-tenant avec Quarkus et http://nip.io|nip.io https://www.the-main-thread.com/p/quarkus-multi-tenant-api-nipio-tutorial Construction d'une API REST multi-tenant en Quarkus avec isolation par sous-domaine Utilisation de http://nip.io|nip.io pour la résolution DNS automatique sans configuration locale Extraction du tenant depuis l'en-tête HTTP Host via un filtre JAX-RS Contexte tenant géré avec CDI en scope Request pour l'isolation des données Service applicatif gérant des données spécifiques par tenant avec Map concurrent Interface web HTML/JS pour visualiser et ajouter des données par tenant Configuration CORS nécessaire pour le développement local Pattern acme.127-0-0-1.nip.io résolu automatiquement vers localhost Code complet disponible sur GitHub avec exemples curl et tests navigateur Base idéale pour prototypage SaaS, tests multi-tenants Hibernate 7.2 avec quelques améliorations intéressantes https://docs.hibernate.org/orm/7.2/whats-new/%7Bhtml-meta-canonical-link%7D read only replica (experimental), crée deux session factories et swap au niveau jdbc si le driver le supporte et custom sinon. On ouvre une session en read only child statelesssession (partage le contexte transactionnel) hibernate vector module ajouter binary, float16 and sparse vectors Le SchemaManager peut resynchroniser les séquences par rapport aux données des tables Regexp dans HQL avec like Nouvelle version de Hibernate with Panache pour Quarkus https://quarkus.io/blog/hibernate-panache-next/ Nouvelle extension expérimentale qui unifie Hibernate ORM with Panache et Hibernate Reactive with Panache Les entités peuvent désormais fonctionner en mode bloquant ou réactif sans changer de type de base Support des sessions sans état (StatelessSession) en plus des entités gérées traditionnelles Intégration de Jakarta Data pour des requêtes type-safe vérifiées à la compilation Les opérations sont définies dans des repositories imbriqués plutôt que des méthodes statiques Possibilité de définir plusieurs repositories pour différents modes d'opération sur une même entité Accès aux différents modes (bloquant/réactif, géré/sans état) via des méthodes de supertype Support des annotations @Find et @HQL pour générer des requêtes type-safe Accès au repository via injection ou via le métamodèle généré Extension disponible dans la branche main, feedback demandé sur Zulip ou GitHub Spring Shell 4.0.0 GA publié - https://spring.io/blog/2025/12/30/spring-shell-4-0-0-ga-released Sortie de la version finale de Spring Shell 4.0.0 disponible sur Maven Central Compatible avec les dernières versions de Spring Framework et Spring Boot Modèle de commandes revu pour simplifier la création d'applications CLI interactives Intégration de jSpecify pour améliorer la sécurité contre les NullPointerException Architecture plus modulaire permettant meilleure personnalisation et extension Documentation et exemples entièrement mis à jour pour faciliter la prise en main Guide de migration vers la v4 disponible sur le wiki du projet Corrections de bugs pour améliorer la stabilité et la fiabilité Permet de créer des applications Java autonomes exécutables avec java -jar ou GraalVM native Approche opinionnée du développement CLI tout en restant flexible pour les besoins spécifiques Une nouvelle version de la librairie qui implémenter des gatherers supplémentaires à ceux du JDK https://github.com/tginsberg/gatherers4j/releases/tag/v0.13.0 gatherers4j v0.13.0. Nouveaux gatherers : uniquelyOccurringBy(), moving/runningMedian(), moving/runningMax/Min(). Changement : les gatherers "moving" incluent désormais par défaut les valeurs partielles (utiliser excludePartialValues() pour désactiver). LangChain4j 1.10.0 https://github.com/langchain4j/langchain4j/releases/tag/1.10.0 Introduction d'un catalogue de modèles pour Anthropic, Gemini, OpenAI et Mistral. Ajout de capacités d'observabilité et de monitoring pour les agents. Support des sorties structurées, des outils avancés et de l'analyse de PDF via URL pour Anthropic. Support des services de transcription pour OpenAI. Possibilité de passer des paramètres de configuration de chat en argument des méthodes. Nouveau garde-fou de modération pour les messages entrants. Support du contenu de raisonnement pour les modèles. Introduction de la recherche hybride. Améliorations du client MCP. Départ du lead de mockito après 10 ans https://github.com/mockito/mockito/issues/3777 Tim van der Lippe, mainteneur majeur de Mockito, annonce son départ pour mars 2026, marquant une décennie de contribution au projet. L'une des raisons principales est l'épuisement lié aux changements récents dans la JVM (JVM 22+) concernant les agents, imposant des contraintes techniques lourdes sans alternative simple proposée par les mainteneurs du JDK. Il pointe du doigt le manque de soutien et la pression exercée sur les bénévoles de l'open source lors de ces transitions technologiques majeures. La complexité croissante pour supporter Kotlin, qui utilise la JVM de manière spécifique, rend la base de code de Mockito plus difficile à maintenir et moins agréable à faire évoluer selon lui. Il exprime une perte de plaisir et préfère désormais consacrer son temps libre à d'autres projets comme Servo, un moteur web écrit en Rust. Une période de transition est prévue jusqu'en mars pour assurer la passation de la maintenance à de nouveaux contributeurs. Infrastructure Le premier intérêt de Kubernetes n'est pas le scaling - https://mcorbin.fr/posts/2025-12-29-kubernetes-scale/ Avant Kubernetes, gérer des applications en production nécessitait de multiples outils complexes (Ansible, Puppet, Chef) avec beaucoup de configuration manuelle Le load balancing se faisait avec HAProxy et Keepalived en actif/passif, nécessitant des mises à jour manuelles de configuration à chaque changement d'instance Le service discovery et les rollouts étaient orchestrés manuellement, instance par instance, sans automatisation de la réconciliation Chaque stack (Java, Python, Ruby) avait sa propre méthode de déploiement, sans standardisation (rpm, deb, tar.gz, jar) La gestion des ressources était manuelle avec souvent une application par machine, créant du gaspillage et complexifiant la maintenance Kubernetes standardise tout en quelques ressources YAML (Deployment, Service, Ingress, ConfigMap, Secret) avec un format déclaratif simple Toutes les fonctionnalités critiques sont intégrées : service discovery, load balancing, scaling, stockage, firewalling, logging, tolérance aux pannes La complexité des centaines de scripts shell et playbooks Ansible maintenus avant était supérieure à celle de Kubernetes Kubernetes devient pertinent dès qu'on commence à reconstruire manuellement ces fonctionnalités, ce qui arrive très rapidement La technologie est flexible et peut gérer aussi bien des applications modernes que des monolithes legacy avec des contraintes spécifiques Mole https://github.com/tw93/Mole Un outil en ligne de commande (CLI) tout-en-un pour nettoyer et optimiser macOS. Combine les fonctionnalités de logiciels populaires comme CleanMyMac, AppCleaner, DaisyDisk et iStat Menus. Analyse et supprime en profondeur les caches, les fichiers logs et les résidus de navigateurs. Désinstallateur intelligent qui retire proprement les applications et leurs fichiers cachés (Launch Agents, préférences). Analyseur d'espace disque interactif pour visualiser l'occupation des fichiers et gérer les documents volumineux. Tableau de bord temps réel (mo status) pour surveiller le CPU, le GPU, la mémoire et le réseau. Fonction de purge spécifique pour les développeurs permettant de supprimer les artefacts de build (node_modules, target, etc.). Intégration possible avec Raycast ou Alfred pour un lancement rapide des commandes. Installation simple via Homebrew ou un script curl. Des images Docker sécurisées pour chaque développeur https://www.docker.com/blog/docker-hardened-images-for-every-developer/ Docker rend ses "Hardened Images" (DHI) gratuites et open source (licence Apache 2.0) pour tous les développeurs. Ces images sont conçues pour être minimales, prêtes pour la production et sécurisées dès le départ afin de lutter contre l'explosion des attaques sur la chaîne logistique logicielle. Elles s'appuient sur des bases familières comme Alpine et Debian, garantissant une compatibilité élevée et une migration facile. Chaque image inclut un SBOM (Software Bill of Materials) complet et vérifiable, ainsi qu'une provenance SLSA de niveau 3 pour une transparence totale. L'utilisation de ces images permet de réduire considérablement le nombre de vulnérabilités (CVE) et la taille des images (jusqu'à 95 % plus petites). Docker étend cette approche sécurisée aux graphiques Helm et aux serveurs MCP (Mongo, Grafana, GitHub, etc.). Des offres commerciales (DHI Enterprise) restent disponibles pour des besoins spécifiques : correctifs critiques sous 7 jours, support FIPS/FedRAMP ou support à cycle de vie étendu (ELS). Un assistant IA expérimental de Docker peut analyser les conteneurs existants pour recommander l'adoption des versions sécurisées correspondantes. L'initiative est soutenue par des partenaires majeurs tels que Google, MongoDB, Snyk et la CNCF. Web La maçonnerie ("masonry") arrive dans la spécification des CSS et commence à être implémentée par les navigateurs https://webkit.org/blog/17660/introducing-css-grid-lanes/ Permet de mettre en colonne des éléments HTML les uns à la suite des autres. D'abord sur la première ligne, et quand la première ligne est remplie, le prochain élément se trouvera dans la colonne où il pourra être le plus haut possible, et ainsi de suite. après la plomberie du middleware, la maçonnerie du front :laughing: Data et Intelligence Artificielle On ne devrait pas faire un mapping 1:1 entre API REST et MCP https://nordicapis.com/why-mcp-shouldnt-wrap-an-api-one-to-one/ Problématique : Envelopper une API telle quelle dans le protocole MCP (Model Context Protocol) est un anti-pattern. Objectif du MCP : Conçu pour les agents d'IA, il doit servir d'interface d'intention, non de miroir d'API. Les agents comprennent les tâches, pas la logique complexe des API (authentification, pagination, orchestration). Conséquences du mappage un-à-un : Confusion des agents, erreurs, hallucinations. Difficulté à gérer les orchestrations complexes (plusieurs appels pour une seule action). Exposition des faiblesses de l'API (schéma lourd, endpoints obsolètes). Maintenance accrue lors des changements d'API. Meilleure approche : Construire des outils MCP comme des SDK pour agents, encapsulant la logique nécessaire pour accomplir une tâche spécifique. Pratiques recommandées : Concevoir autour des intentions/actions utilisateur (ex. : "créer un projet", "résumer un document"). Regrouper les appels en workflows ou actions uniques. Utiliser un langage naturel pour les définitions et les noms. Limiter la surface d'exposition de l'API pour la sécurité et la clarté. Appliquer des schémas d'entrée/sortie stricts pour guider l'agent et réduire l'ambiguïté. Des agents en production avec AWS - https://blog.ippon.fr/2025/12/22/des-agents-en-production-avec-aws/ AWS re:Invent 2025 a massivement mis en avant l'IA générative et les agents IA Un agent IA combine un LLM, une boucle d'appel et des outils invocables Strands Agents SDK facilite le prototypage avec boucles ReAct intégrées et gestion de la mémoire Managed MLflow permet de tracer les expérimentations et définir des métriques de performance Nova Forge optimise les modèles par réentraînement sur données spécifiques pour réduire coûts et latence Bedrock Agent Core industrialise le déploiement avec runtime serverless et auto-scaling Agent Core propose neuf piliers dont observabilité, authentification, code interpreter et browser managé Le protocole MCP d'Anthropic standardise la fourniture d'outils aux agents SageMaker AI et Bedrock centralisent l'accès aux modèles closed source et open source via API unique AWS mise sur l'évolution des chatbots vers des systèmes agentiques optimisés avec modèles plus frugaux Debezium 3.4 amène plusieurs améliorations intéressantes https://debezium.io/blog/2025/12/16/debezium-3-4-final-released/ Correction du problème de calcul du low watermark Oracle qui causait des pertes de performance Correction de l'émission des événements heartbeat dans le connecteur Oracle avec les requêtes CTE Amélioration des logs pour comprendre les transactions actives dans le connecteur Oracle Memory guards pour protéger contre les schémas de base de données de grande taille Support de la transformation des coordonnées géométriques pour une meilleure gestion des données spatiales Extension Quarkus DevServices permettant de démarrer automatiquement une base de données et Debezium en dev Intégration OpenLineage pour tracer la lignée des données et suivre leur flux à travers les pipelines Compatibilité testée avec Kafka Connect 4.1 et Kafka brokers 4.1 Infinispan 16.0.4 et .5 https://infinispan.org/blog/2025/12/17/infinispan-16-0-4 Spring Boot 4 et Spring 7 supportés Evolution dans les metriques Deux bugs de serialisation Construire un agent de recherche en Java avec l'API Interactions https://glaforge.dev/posts/2026/01/03/building-a-research-assistant-with-the-interactions-api-in-java/ Assistant de recherche IA Java (API Interactions Gemini), test du SDK implémenté par Guillaume. Workflow en 4 phases : Planification : Gemini Flash + Google Search. Recherche : Modèle "Deep Research" (tâche de fond). Synthèse : Gemini Pro (rapport exécutif). Infographie : Nano Banana Pro (à partir de la synthèse). API Interactions : gestion d'état serveur, tâches en arrière-plan, réponses multimodales (images). Appréciation : gestion d'état de l'API (vs LLM sans état). Validation : efficacité du SDK Java pour cas complexes. Stephan Janssen (le papa de Devoxx) a créé un serveur MCP (Model Context Protocol) basé sur LSP (Language Server Protocol) pour que les assistants de code analysent le code en le comprenant vraiment plutôt qu'en faisant des grep https://github.com/stephanj/LSP4J-MCP Le problème identifié : Les assistants IA utilisent souvent la recherche textuelle (type grep) pour naviguer dans le code, ce qui manque de contexte sémantique, génère du bruit (faux positifs) et consomme énormément de tokens inutilement. La solution LSP4J-MCP : Une approche "standalone" (autonome) qui encapsule le serveur de langage Eclipse (JDTLS) via le protocole MCP (Model Context Protocol). Avantage principal : Offre une compréhension sémantique profonde du code Java (types, hiérarchies, références) sans nécessiter l'ouverture d'un IDE lourd comme IntelliJ. Comparaison des méthodes : AST : Trop léger (pas de compréhension inter-fichiers). IntelliJ MCP : Puissant mais exige que l'IDE soit ouvert (gourmand en ressources). LSP4J-MCP : Le meilleur des deux mondes pour les workflows en terminal, à distance (SSH) ou CI/CD. Fonctionnalités clés : Expose 5 outils pour l'IA (find_symbols, find_references, find_definition, document_symbols, find_interfaces_with_method). Résultats : Une réduction de 100x des tokens utilisés pour la navigation et une précision accrue (distinction des surcharges, des scopes, etc.). Disponibilité : Le projet est open source et disponible sur GitHub pour intégration immédiate (ex: avec Claude Code, Gemini CLI, etc). A noter l'ajout dans claude code 2.0.74 d'un tool pour supporter LSP ( https://github.com/anthropics/claude-code/blob/main/CHANGELOG.md#2074 ) Awesome (GitHub) Copilot https://github.com/github/awesome-copilot Une collection communautaire d'instructions, de prompts et de configurations pour optimiser l'utilisation de GitHub Copilot. Propose des "Agents" spécialisés qui s'intègrent aux serveurs MCP pour améliorer les flux de travail spécifiques. Inclut des prompts ciblés pour la génération de code, la documentation et la résolution de problèmes complexes. Fournit des instructions détaillées sur les standards de codage et les meilleures pratiques applicables à divers frameworks. Propose des "Skills" (compétences) sous forme de dossiers contenant des ressources pour des tâches techniques spécialisées. (les skills sont dispo dans copilot depuis un mois : https://github.blog/changelog/2025-12-18-github-copilot-now-supports-agent-skills/ ) Permet une installation facile via un serveur MCP dédié, compatible avec VS Code et Visual Studio. Encourage la contribution communautaire pour enrichir les bibliothèques de prompts et d'agents. Aide à augmenter la productivité en offrant des solutions pré-configurées pour de nombreux langages et domaines. Garanti par une licence MIT et maintenu activement par des contributeurs du monde entier. IA et productivité : bilan de l'année 2025 (Laura Tacho - DX)) https://newsletter.getdx.com/p/ai-and-productivity-year-in-review?aid=recNfypKAanQrKszT En 2025, l'ingénierie assistée par l'IA est devenue la norme : environ 90 % des développeurs utilisent des outils d'IA mensuellement, et plus de 40 % quotidiennement. Les chercheurs (Microsoft, Google, GitHub) soulignent que le nombre de lignes de code (LOC) reste un mauvais indicateur d'impact, car l'IA génère beaucoup de code sans forcément garantir une valeur métier supérieure. Si l'IA améliore l'efficacité individuelle, elle pourrait nuire à la collaboration à long terme, car les développeurs passent plus de temps à "parler" à l'IA qu'à leurs collègues. L'identité du développeur évolue : il passe de "producteur de code" à un rôle de "metteur en scène" qui délègue, valide et exerce son jugement stratégique. L'IA pourrait accélérer la montée en compétences des développeurs juniors en les forçant à gérer des projets et à déléguer plus tôt, agissant comme un "accélérateur" plutôt que de les rendre obsolètes. L'accent est mis sur la créativité plutôt que sur la simple automatisation, afin de réimaginer la manière de travailler et d'obtenir des résultats plus impactants. Le succès en 2026 dépendra de la capacité des entreprises à cibler les goulots d'étranglement réels (dette technique, documentation, conformité) plutôt que de tester simplement chaque nouveau modèle d'IA. La newsletter avertit que les titres de presse simplifient souvent à l'excès les recherches sur l'IA, masquant parfois les nuances cruciales des études réelles. Un développeur décrit dans un article sur Twitter son utilisation avancée de Claude Code pour le développement, avec des sous-agents, des slash-commands, comment optimiser le contexte, etc. https://x.com/AureaLibe/status/2008958120878330329?s=20 Outillage IntelliJ IDEA, thread dumps et project Loom (virtual threads) - https://blog.jetbrains.com/idea/2025/12/thread-dumps-and-project-loom-virtual-threads/ Les virtual threads Java améliorent l'utilisation du matériel pour les opérations I/O parallèles avec peu de changements de code Un serveur peut maintenant gérer des millions de threads au lieu de quelques centaines Les outils existants peinent à afficher et analyser des millions de threads simultanément Le débogage asynchrone est complexe car le scheduler et le worker s'exécutent dans des threads différents Les thread dumps restent essentiels pour diagnostiquer deadlocks, UI bloquées et fuites de threads Netflix a découvert un deadlock lié aux virtual threads en analysant un heap dump, bug corrigé dans Java 25. Mais c'était de la haute voltige IntelliJ IDEA supporte nativement les virtual threads dès leur sortie avec affichage des locks acquis IntelliJ IDEA peut ouvrir des thread dumps générés par d'autres outils comme jcmd Le support s'étend aussi aux coroutines Kotlin en plus des virtual threads Quelques infos sur IntelliJ IDEA 2025.3 https://blog.jetbrains.com/idea/2025/12/intellij-idea-2025-3/ Distribution unifiée regroupant davantage de fonctionnalités gratuites Amélioration de la complétion des commandes dans l'IDE Nouvelles fonctionnalités pour le débogueur Spring Thème Islands devient le thème par défaut Support complet de Spring Boot 4 et Spring Framework 7 Compatibilité avec Java 25 Prise en charge de Spring Data JDBC et Vitest 4 Support natif de Junie et Claude Agent pour l'IA Quota d'IA transparent et option Bring Your Own Key à venir Corrections de stabilité, performance et expérience utilisateur Plein de petits outils en ligne pour le développeur https://blgardner.github.io/prism.tools/ génération de mot de passe, de gradient CSS, de QR code encodage décodage de Base64, JWT formattage de JSON, etc. resumectl - Votre CV en tant que code https://juhnny5.github.io/resumectl/ Un outil en ligne de commande (CLI) écrit en Go pour générer un CV à partir d'un fichier YAML. Permet l'exportation vers plusieurs formats : PDF, HTML, ou un affichage direct dans le terminal. Propose 5 thèmes intégrés (Modern, Classic, Minimal, Elegant, Tech) personnalisables avec des couleurs spécifiques. Fonctionnalité d'initialisation (resumectl init) permettant d'importer automatiquement des données depuis LinkedIn et GitHub (projets les plus étoilés). Supporte l'ajout de photos avec des options de filtre noir et blanc ou de forme (rond/carré). Inclut un mode "serveur" (resumectl serve) pour prévisualiser les modifications en temps réel via un navigateur local. Fonctionne comme un binaire unique sans dépendances externes complexes pour les modèles. mactop - Un moniteur "top" pour Apple Silicon https://github.com/metaspartan/mactop Un outil de surveillance en ligne de commande (TUI) conçu spécifiquement pour les puces Apple Silicon (M1, M2, M3, M4, M5). Permet de suivre en temps réel l'utilisation du CPU (E-cores et P-cores), du GPU et de l'ANE (Neural Engine). Affiche la consommation électrique (wattage) du système, du CPU, du GPU et de la DRAM. Fournit des données sur les températures du SoC, les fréquences du GPU et l'état thermique global. Surveille l'utilisation de la mémoire vive, de la swap, ainsi que l'activité réseau et disque (E/S). Propose 10 mises en page (layouts) différentes et plusieurs thèmes de couleurs personnalisables. Ne nécessite pas l'utilisation de sudo car il s'appuie sur les API natives d'Apple (SMC, IOReport, IOKit). Inclut une liste de processus détaillée (similaire à htop) avec la possibilité de tuer des processus directement depuis l'interface. Offre un mode "headless" pour exporter les métriques au format JSON et un serveur optionnel pour Prometheus. Développé en Go avec des composants en CGO et Objective-C. Adieu direnv, Bonjour misehttps://codeka.io/2025/12/19/adieu-direnv-bonjour-mise/ L'auteur remplace ses outils habituels (direnv, asdf, task, just) par un seul outil polyvalent écrit en Rust : mise. mise propose trois fonctions principales : gestionnaire de paquets (langages et outils), gestionnaire de variables d'environnement et exécuteur de tâches. Contrairement à direnv, il permet de gérer des alias et utilise un fichier de configuration structuré (mise.toml) plutôt que du scripting shell. La configuration est hiérarchique, permettant de surcharger les paramètres selon les répertoires, avec un système de "trust" pour la sécurité. Une "killer-feature" soulignée est la gestion des secrets : mise s'intègre avec age pour chiffrer des secrets (via clés SSH) directement dans le fichier de configuration. L'outil supporte une vaste liste de langages et d'outils via un registre interne et des plugins (compatibilité avec l'écosystème asdf). Il simplifie le workflow de développement en regroupant l'installation des outils et l'automatisation des tâches au sein d'un même fichier. L'auteur conclut sur la puissance, la flexibilité et les excellentes performances de l'outil après quelques heures de test. Claude Code v2.1.0 https://github.com/anthropics/claude-code/blob/main/CHANGELOG.md#210 Rechargement à chaud des "skills" : Les modifications apportées aux compétences dans ~/.claude/skills sont désormais appliquées instantanément sans redémarrer la session. Sous-agents et forks : Support de l'exécution de compétences et de commandes slash dans un contexte de sous-agent forké via context: fork. Réglages linguistiques : Ajout d'un paramètre language pour configurer la langue de réponse par défaut (ex: language: "french"). Améliorations du terminal : Shift+Enter fonctionne désormais nativement dans plusieurs terminaux (iTerm2, WezTerm, Ghostty, Kitty) sans configuration manuelle. Sécurité et correction de bugs : Correction d'une faille où des données sensibles (clés API, tokens OAuth) pouvaient apparaître dans les logs de débogage. Nouvelles commandes slash : Ajout de /teleport et /remote-env pour les abonnés claude.ai afin de gérer des sessions distantes. Mode Plan : Le raccourci /plan permet d'activer le mode plan directement depuis le prompt, et la demande de permission à l'entrée de ce mode a été supprimée. Vim et navigation : Ajout de nombreux mouvements Vim (text objects, répétitions de mouvements f/F/t/T, indentations, etc.). Performance : Optimisation du temps de démarrage et du rendu terminal pour les caractères Unicode/Emoji. Gestion du gitignore : Support du réglage respectGitignore dans settings.json pour contrôler le comportement du sélecteur de fichiers @-mention. Méthodologies 200 déploiements en production par jour, même le vendredi : retours d'expérience https://mcorbin.fr/posts/2025-03-21-deploy-200/ Le déploiement fréquent, y compris le vendredi, est un indicateur de maturité technique et augmente la productivité globale. L'excellence technique est un atout stratégique indispensable pour livrer rapidement des produits de qualité. Une architecture pragmatique orientée services (SOA) facilite les déploiements indépendants et réduit la charge cognitive. L'isolation des services est cruciale : un développeur doit pouvoir tester son service localement sans dépendre de toute l'infrastructure. L'automatisation via Kubernetes et l'approche GitOps avec ArgoCD permettent des déploiements continus et sécurisés. Les feature flags et un système de permissions solide permettent de découpler le déploiement technique de l'activation fonctionnelle pour les utilisateurs. L'autonomie des développeurs est renforcée par des outils en self-service (CLI maison) pour gérer l'infrastructure et diagnostiquer les incidents sans goulot d'étranglement. Une culture d'observabilité intégrée dès la conception permet de détecter et de réagir rapidement aux anomalies en production. Accepter l'échec comme inévitable permet de concevoir des systèmes plus résilients capables de se rétablir automatiquement. "Vibe Coding" vs "Prompt Engineering" : l'IA et le futur du développement logiciel https://www.romenrg.com/blog/2025/12/25/vibe-coding-vs-prompt-engineering-ai-and-the-future-of-software-development/ L'IA est passée du statut d'expérimentation à celui d'infrastructure essentielle pour le développement de logiciels en 2025. L'IA ne remplace pas les ingénieurs, mais agit comme un amplificateur de leurs compétences, de leur jugement et de la qualité de leur réflexion. Distinction entre le "Vibe Coding" (rapide, intuitif, idéal pour les prototypes) et le "Prompt Engineering" (délibéré, contraint, nécessaire pour les systèmes maintenables). L'importance cruciale du contexte ("Context Engineering") : l'IA devient réellement puissante lorsqu'elle est connectée aux systèmes réels (GitHub, Jira, etc.) via des protocoles comme le MCP. Utilisation d'agents spécialisés (écriture de RFC, revue de code, architecture) plutôt que de modèles génériques pour obtenir de meilleurs résultats. Émergence de l'ingénieur "Technical Product Manager" capable d'abattre seul le travail d'une petite équipe grâce à l'IA, à condition de maîtriser les fondamentaux techniques. Le risque majeur : l'IA permet d'aller très vite dans la mauvaise direction si le jugement humain et l'expérience font défaut. Le niveau d'exigence global augmente : les bases techniques solides deviennent plus importantes que jamais pour éviter l'accumulation de dette technique rapide. Une revue de code en solo (Kent Beck) ! https://tidyfirst.substack.com/p/party-of-one-for-code-review?r=64ov3&utm_campaign=post&utm_medium=web&triedRedirect=true La revue de code traditionnelle, héritée des inspections formelles d'IBM, s'essouffle car elle est devenue trop lente et asynchrone par rapport au rythme du développement moderne. Avec l'arrivée de l'IA ("le génie"), la vitesse de production du code dépasse la capacité de relecture humaine, créant un goulot d'étranglement majeur. La revue de code doit évoluer vers deux nouveaux objectifs prioritaires : un "sanity check" pour vérifier que l'IA a bien fait ce qu'on lui demandait, et le contrôle de la dérive structurelle de la base de code. Maintenir une structure saine est crucial non seulement pour les futurs développeurs humains, mais aussi pour que l'IA puisse continuer à comprendre et modifier le code efficacement sans perdre le contexte. Kent Beck expérimente des outils automatisés (comme CodeRabbit) pour obtenir des résumés et des schémas d'architecture afin de garder une conscience globale des changements rapides. Même si les outils automatisés sont utiles, le "Pair Programming" reste irremplaçable pour la richesse des échanges et la pression sociale bénéfique qu'il impose à la réflexion. La revue de code solo n'est pas une fin en soi, mais une adaptation nécessaire lorsque l'on travaille seul avec des outils de génération de code augmentés. Loi, société et organisation Lego lance les Lego Smart Play, avec des Brique, des Smart Tags et des Smart Figurines pour faire de nouvelles constructions interactives avec des Legos https://www.lego.com/fr-fr/smart-play LEGO SMART Play : technologie réactive au jeu des enfants. Trois éléments clés : SMART Brique : Brique LEGO 2x4 "cerveau". Accéléromètre, lumières réactives, détecteur de couleurs, synthétiseur sonore. Réagit aux mouvements (tenir, tourner, taper). SMART Tags : Petites pièces intelligentes. Indiquent à la SMART Brique son rôle (ex: hélicoptère, voiture) et les sons à produire. Activent sons, mini-jeux, missions secrètes. SMART Minifigurines : Activées près d'une SMART Brique. Révèlent des personnalités uniques (sons, humeurs, réactions) via la SMART Brique. Encouragent l'imagination. Fonctionnement : SMART Brique détecte SMART Tags et SMART Minifigurines. Réagit aux mouvements avec lumières et sons dynamiques. Compatibilité : S'assemble avec les briques LEGO classiques. Objectif : Créer des expériences de jeu interactives, uniques et illimitées. Conférences La liste des conférences provenant de Developers Conferences Agenda/List par Aurélie Vache et contributeurs : 14-17 janvier 2026 : SnowCamp 2026 - Grenoble (France) 22 janvier 2026 : DevCon #26 : sécurité / post-quantique / hacking - Paris (France) 28 janvier 2026 : Software Heritage Symposium - Paris (France) 29-31 janvier 2026 : Epitech Summit 2026 - Paris - Paris (France) 2-5 février 2026 : Epitech Summit 2026 - Moulins - Moulins (France) 3 février 2026 : Cloud Native Days France 2026 - Paris (France) 3-4 février 2026 : Epitech Summit 2026 - Lille - Lille (France) 3-4 février 2026 : Epitech Summit 2026 - Mulhouse - Mulhouse (France) 3-4 février 2026 : Epitech Summit 2026 - Nancy - Nancy (France) 3-4 février 2026 : Epitech Summit 2026 - Nantes - Nantes (France) 3-4 février 2026 : Epitech Summit 2026 - Marseille - Marseille (France) 3-4 février 2026 : Epitech Summit 2026 - Rennes - Rennes (France) 3-4 février 2026 : Epitech Summit 2026 - Montpellier - Montpellier (France) 3-4 février 2026 : Epitech Summit 2026 - Strasbourg - Strasbourg (France) 3-4 février 2026 : Epitech Summit 2026 - Toulouse - Toulouse (France) 4-5 février 2026 : Epitech Summit 2026 - Bordeaux - Bordeaux (France) 4-5 février 2026 : Epitech Summit 2026 - Lyon - Lyon (France) 4-6 février 2026 : Epitech Summit 2026 - Nice - Nice (France) 5 février 2026 : Web Days Convention - Aix-en-Provence (France) 12 février 2026 : Strasbourg Craft #1 - Strasbourg (France) 12-13 février 2026 : Touraine Tech #26 - Tours (France) 19 février 2026 : ObservabilityCON on the Road - Paris (France) 6 mars 2026 : WordCamp Nice 2026 - Nice (France) 18-19 mars 2026 : Agile Niort 2026 - Niort (France) 20 mars 2026 : Atlantique Day 2026 - Nantes (France) 26 mars 2026 : Data Days Lille - Lille (France) 26-27 mars 2026 : SymfonyLive Paris 2026 - Paris (France) 26-27 mars 2026 : REACT PARIS - Paris (France) 27-29 mars 2026 : Shift - Nantes (France) 31 mars 2026 : ParisTestConf - Paris (France) 1 avril 2026 : AWS Summit Paris - Paris (France) 2 avril 2026 : Pragma Cannes 2026 - Cannes (France) 9-10 avril 2026 : AndroidMakers by droidcon - Paris (France) 16-17 avril 2026 : MiXiT 2026 - Lyon (France) 22-24 avril 2026 : Devoxx France 2026 - Paris (France) 23-25 avril 2026 : Devoxx Greece - Athens (Greece) 24-25 avril 2026 : Faiseuses du Web 5 - Dinan (France) 6-7 mai 2026 : Devoxx UK 2026 - London (UK) 22 mai 2026 : AFUP Day 2026 Lille - Lille (France) 22 mai 2026 : AFUP Day 2026 Paris - Paris (France) 22 mai 2026 : AFUP Day 2026 Bordeaux - Bordeaux (France) 22 mai 2026 : AFUP Day 2026 Lyon - Lyon (France) 29 mai 2026 : NG Baguette Conf 2026 - Paris (France) 5 juin 2026 : TechReady - Nantes (France) 5 juin 2026 : Fork it! - Rouen - Rouen (France) 6 juin 2026 : Polycloud - Montpellier (France) 11-12 juin 2026 : DevQuest Niort - Niort (France) 11-12 juin 2026 : DevLille 2026 - Lille (France) 12 juin 2026 : Tech F'Est 2026 - Nancy (France) 17-19 juin 2026 : Devoxx Poland - Krakow (Poland) 17-20 juin 2026 : VivaTech - Paris (France) 2 juillet 2026 : Azur Tech Summer 2026 - Valbonne (France) 2-3 juillet 2026 : Sunny Tech - Montpellier (France) 3 juillet 2026 : Agile Lyon 2026 - Lyon (France) 2 août 2026 : 4th Tech Summit on Artificial Intelligence & Robotics - Paris (France) 4 septembre 2026 : JUG Summer Camp 2026 - La Rochelle (France) 17-18 septembre 2026 : API Platform Conference 2026 - Lille (France) 24 septembre 2026 : PlatformCon Live Day Paris 2026 - Paris (France) 1 octobre 2026 : WAX 2026 - Marseille (France) 1-2 octobre 2026 : Volcamp - Clermont-Ferrand (France) 5-9 octobre 2026 : Devoxx Belgium - Antwerp (Belgium) Nous contacter Pour réagir à cet épisode, venez discuter sur le groupe Google https://groups.google.com/group/lescastcodeurs Contactez-nous via X/twitter https://twitter.com/lescastcodeurs ou Bluesky https://bsky.app/profile/lescastcodeurs.com Faire un crowdcast ou une crowdquestion Soutenez Les Cast Codeurs sur Patreon https://www.patreon.com/LesCastCodeurs Tous les épisodes et toutes les infos sur https://lescastcodeurs.com/

Parce que… c'est l'épisode 0x690! Shameless plug 25 et 26 février 2026 - SéQCure 2026 CfP 31 mars au 2 avril 2026 - Forum INCYBER - Europe 2026 14 au 17 avril 2026 - Botconf 2026 28 et 29 avril 2026 - Cybereco Cyberconférence 2026 9 au 17 mai 2026 - NorthSec 2026 3 au 5 juin 2026 - SSTIC 2026 19 septembre 2026 - Bsides Montréal Notes IA DAST Automation Using BurpSuite MCP HexStrike MCP Orchestration with Ollama: Ubuntu Host, Kali VM, SSH Bridging, and Performance Caveats Prompt Injection Is Permanent: Your AI Agent Needs Seatbelts, Not Smarter Prompts Kevin Beaumont: “Microsoft have dropped a bollo…” - Cyberplace Are We Ready to Be Governed by Artificial Intelligence? Blue Hong Kong uses brick-and-mortar banks to stop scams Finland seizes ship suspected of damaging subsea cable in Baltic Sea Protégez vos clés SSH avec Touch ID sur macOS The ROI Problem in Attack Surface Management Linux kernel security work How to Protect Your iPhone or Android Device From Spyware Red New Vulnerabilities in Bluetooth Headphones Let Hackers Hijack Connected Smartphone Former Coinbase support agent arrested for helping hackers Podcast avec Quantum - Spécial - Prévention de la fraude Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor Intercept - Un dashboard SIGINT pour votre clé RTL-SDR Infostealers Enable Attackers to Hijack Legitimate Business Infrastructure for Malware Hosting Privacy Comment les proxies TCP se font démasquer ? Et ce que ça signifie pour votre VPN… Flock Exposes Its AI-Enabled Surveillance Cameras Aux Etats-Unis, la police peut maintenant fouiller dans les recherches Google Trump government demands access to European police databases and biometrics The New Surveillance State Is You Souveraineté Europe building an Airbus for the cloud age Adam Shostack :donor: :rebelverified:: “Digital euro: what it is and how we will use the new form of cash” - Infosec Exchange China mandates 50% domestic equipment rule for chipmakers, sources say ASML, la boite hollandaise qui tient le monde tech en otage The Post-American Internet (Cory Doctorow) Fails / insolites The Worst Hacks of 2025 Salesforce Integrations Clop's Oracle E-Business Hacking Spree University Breaches Aflac Mixpanel Jaguar Land Rover Quand la France invente le “data leak as a service” French software company fined $2 million for cyber failings leading to data breach New York's incoming mayor bans Raspberry Pi at inauguration Hijacked Mobility: CISA Warns of Critical 9.8 Flaw Allowing Remote Control of WHILL Power Chairs Fears Mount That US Federal Cybersecurity Is Stagnating—or Worse DHS says REAL ID is too unreliable to confirm U.S. citizenship X / Grok / juvénile X dégringole en France - Elon Musk va bientôt se retrouver tout seul avec ses fachos Kevin Beaumont: “Twitter generated child sexual…” - Cyberplace French authorities investigate AI ‘undressing' deepfakes on X Collaborateurs Nicolas-Loïc Fortin Crédits Montage par Intrasecure inc Locaux réels par Intrasecure inc

This Christmas, strap in for three hours of vulnerabilities, patches, and the occasional existential crisis about holiday skeleton crews. This megacut compiles every 2025 episode of Patch [FIX] Tuesday, featuring Automox security engineers Ryan Braunstein, Henry Smith, Seth Hoyt, Mat Lee, and Tom Bowyer breaking down the year's most critical security updates.What's inside:All 12 Patch [FIX] Tuesday episodes from January through December 2025macOS and Apple security updatesZero-days, CVEs, and actively exploited vulnerabilitiesCandid discussions on Hyper-V escapes, SSH hijacking chains, React RCE, and moreWhether you're catching up on a year of patches or need something smarter than carols for a long holiday drive or late-night remediation – this compilation has you covered.

Nation-State Attack or Compromised Government? [Guest Diary] An IP address associated with the Indonesian Government attacked one of our interns' honeypots. https://isc.sans.edu/diary/Nation-State%20Attack%20or%20Compromised%20Government%3F%20%5BGuest%20Diary%5D/32536 React Update Working exploits for the React vulnerability patched yesterday are not widely available Array Networks Array AG Vulnerablity A recently patched vulnerability in Array Networks Array AG VPN gateways is actively exploited. https://www.jpcert.or.jp/at/2025/at250024.html

This show has been flagged as Clean by the host. Setting up Linux Mint with Custom LVM and Luks Linux Mint with Custom LVM on LUKS Overview The current Linux Mint installer doesn't support custom partitions when setting up a new machine with LUKS encryption using LVM. I prefer having a separate partition for my home directory and a backup partition for Timeshift, so that reinstalling or fixing issues won't overwrite my home directory. I found several approaches to achieve this. One method involves setting up partitions first and then using the installer to select them, but this requires extensive post-installation configuration to get boot working with the encrypted drive. I discovered this blog which explains how to repartition your drive after installation. Combined with my guide on setting up hibernation, I created this documentation to help remember how to install a fresh copy of Linux Mint with LVM and LUKS. Tested on: Linux Mint 22 Cinnamon Partition Layout For this guide, I'm working with a 1TB drive that will be split into the following logical volumes: Root - 100GB (system files and applications) Swap - 32GB (for hibernation support) Home - 700GB (user files and documents) Backup - 100GB (Timeshift snapshots) Unallocated - ~68GB (reserved for future expansion) This setup ensures that system snapshots and user data remain separate, making system recovery much easier. Installation Guide Step 1: Initial Linux Mint Installation Start the Linux Mint installation process as normal: Boot from your Linux Mint installation media Follow the installation wizard (language, keyboard layout, etc.) When you reach the Installation type screen: Select "Erase disk and install Linux Mint" Click "Advanced features" Enable both options: ✓ Use LVM with the new Linux Mint installation ✓ Encrypt the new Linux Mint installation for security Click Continue Enter a strong encryption password when prompted Complete the rest of the installation (timezone, user account, etc.) When installation finishes, do NOT click "Restart Now" - we'll repartition first Important: Do NOT reboot after installation completes. We need to repartition before the first boot. Step 2: Access Root Terminal After installation finishes, open a terminal and switch to root: sudo -i This gives you administrative privileges needed for disk operations. Step 3: Check Current Disk Layout View your current partition structure: lsblk -f This displays your filesystem layout. You should see your encrypted volume group (typically vgmint) with a large root partition consuming most of the space. Step 4: Resize Root Partition Shrink the root partition from its default size (nearly full disk) to 100GB: lvresize -L 100G --resizefs vgmint/root What this does: -L 100G sets the logical volume size to exactly 100GB --resizefs automatically resizes the filesystem to match This frees up ~900GB for our other partitions Step 5: Resize Swap Partition The default swap is usually small (a few GB). We need to increase it to 32GB for hibernation: lvresize --verbose -L +32G /dev/mapper/vgmint-swap_1 What this does: -L +32G adds 32GB to the current swap size --verbose shows detailed progress information This ensures enough swap space for RAM contents during hibernation Note: For hibernation to work, swap should be at least equal to your RAM size. Adjust accordingly. Step 6: Create Home Partition Create a new logical volume for your home directory: lvcreate -L 700G vgmint -n home What this does: -L 700G creates a 700GB logical volume vgmint is the volume group name -n home names the new volume "home" Step 7: Create Backup Partition Create a logical volume for Timeshift backups: lvcreate -L 100G vgmint -n backup What this does: Creates a dedicated 100GB space for system snapshots Keeps backups separate from user data Prevents backups from filling up your home partition Step 8: Format New Partitions Format both new partitions with the ext4 filesystem: mkfs.ext4 /dev/vgmint/backup mkfs.ext4 /dev/vgmint/home What this does: Creates ext4 filesystems on both logical volumes ext4 is the standard Linux filesystem with good performance and reliability Step 9: Mount Partitions Create mount points and mount your partitions: mkdir /mnt/{root,home} mount /dev/vgmint/root /mnt/root/ mount /dev/vgmint/home /mnt/home/ What this does: Creates temporary directories to access the filesystems Mounts root and home so we can configure them Step 10: Move Home Directory Contents Move the existing home directory contents from the root partition to the new home partition: mv /mnt/root/home/* /mnt/home/ What this does: Transfers all user files and directories from the old location to the new home partition Preserves your user account settings and any files created during installation Without this step, your home directory would be empty on first boot Step 11: Update fstab Add the home partition to the system's fstab file so it mounts automatically at boot: echo "/dev/mapper/vgmint-home /home ext4 defaults 0 2" >> /mnt/root/etc/fstab What this does: Appends a mount entry to /etc/fstab Ensures /home partition mounts automatically at startup The 0 2 values enable filesystem checks during boot Step 12: Clean Up and Prepare for Reboot Unmount the partitions and deactivate the volume group: umount /mnt/root umount /mnt/home swapoff -a lvchange -an vgmint What this does: Safely unmounts all mounted filesystems Turns off swap Deactivates the volume group to prevent conflicts Ensures everything is properly closed before reboot Step 13: Reboot Now you can safely reboot into your new system: reboot Enter your LUKS encryption password at boot, then log in normally. Verification After rebooting, verify your partition setup: lsblk -f df -h You should see: Root (/) mounted with ~100GB Home (/home) mounted with ~700GB Swap available with 32GB Backup partition ready for Timeshift configuration Setting Up Timeshift To complete your backup solution: Install Timeshift (if not already installed): sudo apt install timeshift Launch Timeshift and select RSYNC mode Choose the backup partition as your snapshot location Configure your backup schedule (daily, weekly, monthly) Create your first snapshot Additional Resources Original blog post on LVM rearrangement Setting up hibernation on Linux Mint Conclusion This setup gives you the best of both worlds: the security of full-disk encryption with LUKS, and the flexibility of custom LVM partitions. Your home directory and system backups are now isolated, making system recovery and upgrades much safer and more manageable. Automating Your Linux Mint Setup After a Fresh Install Automating Your Linux Mint Setup After a Fresh Install Setting up a fresh Linux Mint installation can be time-consuming, especially when you want to replicate your perfect development environment. This guide will show you how to automate the entire process using Ansible and configuration backups, so you can go from a fresh install to a fully configured system in minutes. Why Automate Your Setup? Whether you're setting up a new machine, recovering from a system failure, or just want to maintain consistency across multiple computers, automation offers several key benefits: Time Savings: What normally takes hours can be done in minutes Consistency: Identical setup across all your machines Documentation: Your setup becomes self-documenting Recovery: Quick recovery from system failures Reproducibility: Never forget to install that one crucial tool again Discovering Your Installed Applications Before creating your automation setup, you need to identify which applications you've manually installed since the initial OS installation. This helps you build a complete picture of your custom environment. Finding APT and .deb Packages To see all manually installed packages (excluding those that came with the OS): comm -23

Love AWS Fargate, but occasionally hit the “I need more control” wall (GPUs, storage, network bandwidth, instance sizing)? In this episode of AWS Bites, Eoin and Luciano put the brand-new Amazon ECS Managed Instances (ECS MI) under the microscope as the “middle path” between Fargate simplicity and ECS on EC2 flexibility. We unpack what ECS MI actually is and where it fits in the ECS spectrum, especially how it changes the way you think about clusters and capacity providers. From there we get practical: we talk through the pricing model (EC2 pricing with an additional ECS MI fee that can be a bit counterintuitive if you rely heavily on Reserved Instances or Savings Plans), and we share what it feels like to finally get GPU support in an experience that's much closer to Fargate than to “full EC2 fleet management”. To make it real, we walk through what we built: a GPU-enabled worker that transcribes podcast audio using OpenAI Whisper, including the end-to-end setup in CDK (roles, capacity provider wiring, task definitions, and service configuration). Along the way we call out the rough edges we ran into, like configuration options that look like they might enable Spot-style behavior, and the operational realities you should expect, such as tasks taking roughly 3–4 minutes to start when ECS needs to provision fresh capacity. We close by mapping out the workloads where ECS MI shines (queue-driven GPU jobs, HPC-ish compute, tighter storage/network control) and the scenarios where it's probably the wrong choice, like when you need custom AMIs, SSH access, or stricter isolation guarantees.In this episode, we mentioned the following resources: Amazon ECS Managed Instances: ⁠https://aws.amazon.com/ecs/managed-instances/⁠ ECS Managed Instances documentation: ⁠https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ManagedInstances.html⁠ Amazon Bottlerocket (what it is): ⁠https://aws.amazon.com/bottlerocket/⁠ Our CDK ECS MI template: ⁠https://github.com/fourTheorem/cdk-ecs-mi-template⁠ Ep 42. How do you containerise and run your API with Fargate?: ⁠https://awsbites.com/42-how-do-you-containerise-and-run-your-api-with-fargate/⁠ Ep 72. How do you save cost with ECS?: ⁠https://awsbites.com/72-how-do-you-save-cost-with-ecs/⁠ Ep 10. Lambda or Fargate for containers?: ⁠https://awsbites.com/10-lambda-or-fargate-for-containers/⁠ Ep 38. How do you choose the right compute service on AWS?: ⁠https://awsbites.com/38-how-do-you-choose-the-right-compute-service-on-aws/⁠ Ep 143. Is App Runner better than Fargate?: ⁠https://awsbites.com/143-is-app-runner-better-than-fargate/⁠ Do you have any AWS questions you would like us to address?Leave a comment here or connect with us on X/Twitter, BlueSky or LinkedIn:- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/eoins⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ | ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://bsky.app/profile/eoin.sh⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ | ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/eoins/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/loige⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ | ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://bsky.app/profile/loige.co⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ | ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/lucianomammino/

This is a recap of the top 10 posts on Hacker News on November 23, 2025. This podcast was generated by wondercraft.ai (00:30): After my dad died, we found the love lettersOriginal post: https://news.ycombinator.com/item?id=46021825&utm_source=wondercraft_ai(01:50): Fran Sans – font inspired by San Francisco light rail displaysOriginal post: https://news.ycombinator.com/item?id=46025942&utm_source=wondercraft_ai(03:10): Meta buried 'causal' evidence of social media harm, US court filings allegeOriginal post: https://news.ycombinator.com/item?id=46019817&utm_source=wondercraft_ai(04:31): A monopoly ISP refuses to fix upstream infrastructureOriginal post: https://news.ycombinator.com/item?id=46019685&utm_source=wondercraft_ai(05:51): X's new country-of-origin feature reveals many 'US' accounts to be foreign-runOriginal post: https://news.ycombinator.com/item?id=46028422&utm_source=wondercraft_ai(07:12): Shaders: How to draw high fidelity graphics with just x and y coordinatesOriginal post: https://news.ycombinator.com/item?id=46023013&utm_source=wondercraft_ai(08:32): Court filings allege Meta downplayed risks to children and misled the publicOriginal post: https://news.ycombinator.com/item?id=46024184&utm_source=wondercraft_ai(09:52): Native Secure Enclave backed SSH keys on macOSOriginal post: https://news.ycombinator.com/item?id=46025721&utm_source=wondercraft_ai(11:13): Racket v9.0Original post: https://news.ycombinator.com/item?id=46023460&utm_source=wondercraft_ai(12:33): Iowa City made its buses free. Traffic cleared, and so did the airOriginal post: https://news.ycombinator.com/item?id=46027833&utm_source=wondercraft_aiThis is a third-party project, independent from HN and YC. Text and audio generated using AI, by wondercraft.ai. Create your own studio quality podcast with text as the only input in seconds at app.wondercraft.ai. Issues or feedback? We'd love to hear from you: team@wondercraft.ai

Ya sea que gestiones una instancia de Syncthing, un backend de Obsidian con Docker, o tu proxy inverso con Traefik, sabes que la necesidad de revisar logs o reiniciar un contenedor puede surgir en cualquier momento. La solución habitual es la Terminal SSH, lo que te obliga a sacar el portátil o lidiar con interfaces incómodas en el móvil.En este episodio, te presento Docker Manager, una aplicación gratuita y open source construida con Flutter y un hermoso diseño Material Design. Esta herramienta es tu centro de comando definitivo para Docker, diseñado específicamente para pantallas pequeñas, permitiéndote abandonar el tedio del SSH para el 99% de las tareas diarias. Es una solución de productividad pura, muy en la línea de lo que buscamos en atareao con Linux: soluciones prácticas para "cualquier cosa que quieras hacer con Linux".Este episodio es un tutorial práctico paso a paso para que puedas poner Docker Manager en marcha y sacarle el máximo partido:Conexión Segura Multiserver: Explicaremos detalladamente cómo configurar la conexión a múltiples hosts Linux (VPS, Raspberry Pi, máquinas virtuales) y por qué debes utilizar la autenticación por clave privada SSH para mantener tu infraestructura segura. La app se integra perfectamente con tu pila de red móvil, lo que significa que funciona sin problemas a través de VPNs como WireGuard o Tailscale.Control Total de Contenedores: La facilidad para realizar operaciones esenciales: Start, Stop, Restart, Inspect y Remove con un solo toque. Haremos hincapié en el filtrado por Docker Compose Stacks, esencial para quien gestiona múltiples servicios como bases de datos o instancias de Rust alojadas en contenedores.Diagnóstico Avanzado en Movimiento:Logs en Vivo: Revisar los logs en tiempo real es vital para el debugging de emergencia.Estadísticas del Contenedor: Ver el uso de CPU y memoria al instante para identificar cuellos de botella.Shell Interactivo: La característica estrella. Te mostraremos cómo iniciar un shell (bash) dentro de un contenedor o en el host Linux mismo. Esto te da la libertad de usar herramientas como redis-cli o revisar configuraciones rápidas sin abrir un cliente SSH.Mantenimiento y Limpieza del Sistema: Analizaremos la función System Cleanup (Pruning) para deshacernos de esas imágenes y volúmenes "colgantes" que roban espacio.Gestión de Imágenes, Redes y Volúmenes: Un vistazo a cómo la aplicación simplifica la visualización y gestión de estos componentes clave de Docker. Incluso hablaremos de la flexibilidad para configurar el Docker CLI Path, lo que abre la puerta a la gestión de Podman también.Docker Manager es una herramienta indispensable que libera tu escritorio Linux y te da el poder de administración en tu bolsillo. Ya no tendrás que interrumpir tu flujo de trabajo en Neovim o cerrar tu sesión de escritorio GNOME para hacer una comprobación rápida. Es la solución perfecta para mantener tus servicios (desde un servidor web hasta una instancia de Obsidian) funcionando sin problemas 24/7.Más información y enlaces en las notas del episodio

Topics covered in this episode: Possibility of a new website for Django aiosqlitepool deptry browsr Extras Joke Watch on YouTube About the show Sponsored by us! Support our work through: Our courses at Talk Python Training The Complete pytest Course Patreon Supporters Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky) Brian: @brianokken@fosstodon.org / @brianokken.bsky.social Show: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: Possibility of a new website for Django Current Django site: djangoproject.com Adam Hill's in progress redesign idea: django-homepage.adamghill.com Commentary in the Want to work on a homepage site redesign? discussion Michael #2: aiosqlitepool

The MOSH tool aids the use of SSH-secured sessions, especially across different systems. Jason unpacks the security of this system and how it uses encryption and shared secrets.

Topics covered in this episode: The PSF has withdrawn a $1.5 million proposal to US government grant program A Binary Serializer for Pydantic Models T-strings: Python's Fifth String Formatting Technique? Cronboard Extras Joke Watch on YouTube About the show Sponsored by us! Support our work through: Our courses at Talk Python Training The Complete pytest Course Patreon Supporters Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky) Brian: @brianokken@fosstodon.org / @brianokken.bsky.social Show: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: The PSF has withdrawn a $1.5 million proposal to US government grant program Related post from Simon Willison ARS Technica: Python plan to boost software security foiled by Trump admin's anti-DEI rules The Register: Python Foundation goes ride or DEI, rejects government grant with strings attached In Jan 2025, the PSF submitted a proposal for a US NSF grant under the Safety, Security, and Privacy of Open Source Ecosystems program. After months of work by the PSF, the proposal was recommended for funding. If the PSF accepted it, however, they would need to agree to the some terms and conditions, including, affirming that the PSF doesn't support diversity. The restriction wouldn't just be around the security work, but around all activity of the PSF as a whole. And further, that any deemed violation would give the NSF the right to ask for the money back. That just won't work, as the PSF would have already spent the money. The PSF mission statement includes "The mission of the Python Software Foundation is to promote, protect, and advance the Python programming language, and to support and facilitate the growth of a diverse and international community of Python programmers." The money would have obviously been very valuable, but the restrictions are just too unacceptable. The PSF withdrew the proposal. This couldn't have been an easy decision, that was a lot of money, but I think the PSF did the right thing. Michael #2: A Binary Serializer for Pydantic Models 7× Smaller Than JSON A compact binary serializer for Pydantic models that dramatically reduces RAM usage compared to JSON. The library is designed for high-load systems (e.g., Redis caching), where millions of models are stored in memory and every byte matters. It serializes Pydantic models into a minimal binary format and deserializes them back with zero extra metadata overhead. Target Audience: This project is intended for developers working with: high-load APIs in-memory caches (Redis, Memcached) message queues cost-sensitive environments where object size matters Brian #3: T-strings: Python's Fifth String Formatting Technique? Trey Hunner Python 3.14 has t-strings. How do they fit in with the rest of the string story? History percent-style (%) strings - been around for a very long time string.Template - and t.substitute() - from Python 2.4, but I don't think I've ever used them bracket variables and .format() - Since Python 2.6 f-strings - Python 3.6 - Now I feel old. These still seem new to me t-strings - Python 3.14, but a totally different beast. These don't return strings. Trey then covers a problem with f-strings in that the substitution happens at definition time. t-strings have substitution happen later. this is essentially “lazy string interpolation” This still takes a bit to get your head around, but I appreciate Trey taking a whack at the explanation. Michael #4: Cronboard Cronboard is a terminal application that allows you to manage and schedule cronjobs on local and remote servers. With Cronboard, you can easily add, edit, and delete cronjobs, as well as view their status. ✨ Features ✔️ Check cron jobs ✔️ Create cron jobs with validation and human-readable feedback ✔️ Pause and resume cron jobs ✔️ Edit existing cron jobs ✔️ Delete cron jobs ✔️ View formatted last and next run times ✔️ Accepts special expressions like @daily, @yearly, @monthly, etc. ✔️ Connect to servers using SSH, using password or SSH keys ✔️ Choose another user to manage cron jobs if you have the permissions to do so (sudo) Extras Brian: PEP 810: Explicit lazy imports, has been unanimously accepted by steering council Lean TDD book will be written in the open. TOC, some details, and a 10 page introduction are now available. Hoping for the first pass to be complete by the end of the year. I'd love feedback to help make it a great book, and keep it small-ish, on a very limited budget. Joke: You are so wrong!

The biggest failure in seven years, right before a trip. What broke, how Chris pulled it back together, and how Wes would fix it right.Sponsored By:Managed Nebula: Meet Managed Nebula from Defined Networking. A decentralized VPN built on the open-source Nebula platform that we love. 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. CrowdHealth: This open enrollment, take your power back. Join CrowdHealth to get started today for $99 for your first three months using code UNPLUGGED. Support LINUX UnpluggedLinks:

This week on Linux Out Loud, we're plugging into the source! We kick things off with a look at the wild world of robotics competitions, from the destructive Norwalk Havoc Robot League to updates on our local FLL and FTC teams. Then, we dive into a heated discussion on the great Endianness debate shaking up the RISC-V community and what the 90-10 rule means for kernel support. Plus, we've got updates on a retro 3D printing project, a pro tip for backing up your SSH keys, and a horror story about Nate's poor Commodore 64x. Find the rest of the show notes at: https://tuxdigital.com/podcasts/linux-out-loud/lol-116/ Visit the Tux Digital Merch Store: https://store.tuxdigital.com/ Special Guest: Bill.

This show has been flagged as Clean by the host. Hello, this is your host, Archer72 for Hacker Public Radio In this episode, I get a crash course on git, and thought it would make a good episode. Not actually on git itself, but how to use it on Github and Gitlab. First off, I am looking for a job, so I thought it would be a great time to brush up on my git knowledge and make a show too. Of course, I am no git expert by any means, but as it has been said in comments Hacker Public Radio is my memory. You will want to create and ssh key for each Git instance, in this case I will use both Github and Gitlab. A few other sites to host Git files which are Hacker Public Radio's own Gitea on HPR, Notabug and Codeberg Now lets get started. ssh-keygen will create an ed25519 key pair several years ago this was not yet the default add entry to ~/.ssh/config for each git instance Host github.com User git IdentityFile ~/.ssh/github-ricemark20 Host gitlab.com User git IdentityFile ~/.ssh/gitlab-archer72 SSH Keys ssh-add ~/.ssh/git-key (not .pub) Git • GPG - gpg --full-generate-key - gpg --list-public-keys - 40 character string - git config --global user.signingkey XXXXPublicKey - git config --global commit.gpgsign true - gpg --armor --export XXXXPublicKey - copy output to Github or Gitlab, including Gitlab Avatar > Edit Profile > SSH Keys > Add key (on the right side) Gitlab - SSH keys cat ~/.ssh/gitlab-key.pub Add Key git remote set-url origin git@gitlab.com/user/gitlab-repo.git Edit Profile > GPG Keys > Add key (on the right side) Gitlab - GPG keys copy and add public key from gpg --list-public-keys (40 Characters) Github Avatar > Settings > SSH and GPG Keys > New SSH key Github - keys cat ~/.ssh/github-key.pub Github - New SSH key Title, Key > Add SSH key git remote set-url origin git@github.com:user/github-repo.git Avatar > Settings > SSH and GPG Keys > New GPG key Github - New GPG key Title, Key > Add GPG key copy and add public key from gpg --list-public-keys (40 Characters) Create a new repository named something like resume or my-resume Upload your HTML resume file and name it index.html Go to your repository Settings → Pages Under "Source," select "Deploy from a branch" Choose "main" branch and "/ (root)" folder Your resume will be available at https://yourusername.github.io/resume Github.io - ricemark20 Provide feedback on this episode.

Polymorphic Python Malware Xavier discovered self-modifying Python code on Virustotal. The remote access tool takes advantage of the inspect module to modify code on the fly. https://isc.sans.edu/diary/Polymorphic%20Python%20Malware/32354 SSH ProxyCommand Vulnerability A user cloning a git repository may be tricked into executing arbitrary code via the SSH proxycommand option. https://dgl.cx/2025/10/bash-a-newline-ssh-proxycommand-cve-2025-61984 Framelink Figma MCP Server CVE-2025-53967 Framelink Figma s MCP server suffers from a remote code execution vulnerability.

Granted, not as cold as it’s going to be but I was under-dressed for “low 40s” and no sunshine. Talked about fun with SSH, eating with no taste buds, homemade bread, and the trying day ahead with dental in a … Continue reading →

Si parla di accesso remoto (SSH) su macOS, dei una truffa che è sempre più diffusa, dell'età dei nostri ascoltatori, di come impostare l'ora "grande" nella lockscreen dell'iPhone, di come avere 1 mese gratis di Starlink, di alcuni bug di iOS, di una...

professorjrod@gmail.comDive deep into the essential building blocks of secure enterprise networks with Professor J. Rod in this comprehensive exploration of network architecture, security appliances, and remote access solutions.What makes a truly secure organizational network? It's more than just firewalls and fancy equipment—it's thoughtful design, strategic implementation, and layered defenses. We break down how enterprise networks function as digital blueprints, explaining everything from switching topologies to routing infrastructure in accessible terms. You'll understand why proper segmentation matters and how VLANs create logical separation between departments sharing physical resources.Security isn't about building one impenetrable wall anymore. Modern protection requires defense-in-depth with multiple control types across various network zones. We examine critical security appliances including next-generation firewalls, intrusion detection systems, web application firewalls, and load balancers—explaining not just what they do but where they belong in your architecture. You'll learn the difference between Layer 4 and Layer 7 inspection, why proper device placement matters, and how to choose between fail-open and fail-close configurations based on your organizational needs.With remote work now standard, we tackle virtual private networks and secure access solutions that keep distributed teams connected safely. From TLS tunneling to IPsec implementation, SSH management to jump servers, you'll gain practical insights into protecting your extended network perimeter. The episode concludes with CompTIA-style practice questions to test your understanding of key concepts. Whether you're studying for certification or managing enterprise infrastructure, this episode provides the knowledge foundation to build truly resilient network architectures. Subscribe for more in-depth technology explorations that bridge theory and practical application.Support the showIf you want to help me with my research please e-mail me.Professorjrod@gmail.comIf you want to join my question/answer zoom class e-mail me at Professorjrod@gmail.comArt By Sarah/DesmondMusic by Joakim KarudLittle chacha ProductionsJuan Rodriguez can be reached atTikTok @ProfessorJrodProfessorJRod@gmail.com@Prof_JRodInstagram ProfessorJRod

Daniel Stenberg, Swedish Internet protocol expert and founder and lead developer of the Curl project, speaks with SE Radio host Gavin Henry about removing Rust from Curl. They discuss why Hyper was removed from curl, why the last five percent of making it a success was difficult, what the project gained from the 5-year attempt to tackle bringing Rust into a C project, lessons learned for next time, why user support is critical, and the positive long-lasting impact this attempt had. Brought to you by IEEE Computer Society and IEEE Software magazine.

Ep 268Apple nešto smatrao, izgleda još misle da ih plebs većinski blagonaklono gleda. Nope.EU Has 'No Intention' to Repeal DMA Following Apple ChallengeCraig Hockenberry:Here's my guess what happened in the lead up to WWDC25:Apple realized it was deep in the weeds with Apple Intelligence (and associated PR) and needed a tentpole feature that wasn't AI.Liquid Glass was in development for some upcoming edgeless hardware. It needed another year of work, but management/marketing was fucked.A thing that wasn't ready got moved up. Bug fixing took a back seat. Everyone grabbed paint brushes, not screwdrivers.The next year is going to be rough for EVERYONE.Apple pobrojao novostu u iOS 26, iPadOS 26 i macOS 26.Christopher Lawley: iPadOS 26 Walkthrough: THIS Reboots the iPadThe Tech Chap: iPhone Air FULL REVIEW - Not What I Expected...Steve Troughton-Smith:The A19 Pro in the iPhone Air is 50% faster than the M1 in my primary Mac mini in singlecore, 10% faster in multicore, and 13% faster in GPU compute. That's a lot of chip in a tiny slab of glassIt works sideways!Ozbiljno dobar zoom na 17 ProMiki pomenuo PowerPrint.iPhone Satellite Features Remain Free for Another Year - TidBITSApple Drops iCloud Support for iOS 10 and macOS SierraSupport for FireWire Removed from macOS 26 Tahoe - TidBITSRogue Amoeba: Our product lineup is ready for Tahoe, but Tahoe may not be ready for you.Steve Troughton-Smith:You know who wasn't ready on launch day with iOS/macOS 26 versions of all their apps on the App Store?Miguel Arroz: macOS Tahoe UI has a HUGE new feature for folks like me who have 24/7 Mac Minis running and access them remotely: you can now type the boot password remotely via SSH!macOS 26 Tahoe Pushes FileVault Use - TidBITSSteve Troughton-Smith:I'm having a ton of trouble updating apps using the Mac App Store (on Tahoe) if there was a TestFlight version installed.CodeSource: The Untold Story of Databases60 years after Gemini, newly processed images reveal incredible detailsZahvalniceSnimano 16.9.2025.Uvodna muzika by Vladimir Tošić, stari sajt je ovde.Logotip by Aleksandra Ilić.Artwork epizode by Saša Montiljo, njegov kutak na Devianartu

Topics covered in this episode: * pandas is getting pd.col expressions* * Cline, At-Cost Agentic IDE Tooling* * uv cheatsheet* Ducky Network UI Extras Joke Watch on YouTube About the show Sponsored by us! Support our work through: Our courses at Talk Python Training The Complete pytest Course Patreon Supporters Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky) Brian: @brianokken@fosstodon.org / @brianokken.bsky.social Show: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: pandas is getting pd.col expressions Marco Gorelli Next release of Pandas will have pd.col(), inspired by some of the other frameworks I'm guessing Pandas 2.3.3? or 2.4.0? or 3.0.0? (depending on which version they bump?) “The output of pd.col is called an expression. You can think of it as a delayed column - it only produces a result once it's evaluated inside a dataframe context.” It replaces many contexts where lambda expressions were used Michael #2: Cline, At-Cost Agentic IDE Tooling Free and open-source Probably supports your IDE (if your IDE isn't a terminal) VS Code VS Code Insiders Cursor Windsurf JetBrains IDEs (including PyCharm) You pick plan or act (very important) It shows you the price as the AI works, per request, right in the UI Brian #3: uv cheatsheet Rodgrigo at mathspp.com Nice compact cheat sheet of commands for Creating projects Managing dependencies Lifecycle stuff like build, publish, bumping version uv tool (uvx) commands working with scripts Installing and updating Python versions plus venv, pip, format, help and update Michael #4: Ducky Network UI Ducky is a powerful, open-source, all-in-one desktop application built with Python and PySide6. It is designed to be the perfect companion for network engineers, students, and tech enthusiasts, combining several essential utilities into a single, intuitive graphical interface. Features Multi-Protocol Terminal: Connect via SSH, Telnet, and Serial (COM) in a modern, tabbed interface. SNMP Topology Mapper: Automatically discover your network with a ping and SNMP sweep. See a graphical map of your devices, color-coded by type, and click to view detailed information. Network Diagnostics: A full suite of tools including a Subnet Calculator, Network Monitor (Ping, Traceroute), and a multi-threaded Port Scanner. Security Toolkit: Look up CVEs from the NIST database, check password strength, and calculate file hashes (MD5, SHA1, SHA256, SHA512). Rich-Text Notepad: Keep notes and reminders in a dockable widget with formatting tools and auto-save. Customizable UI: Switch between a sleek dark theme and a clean light theme. Customize terminal colors and fonts to your liking. Extras Brian: Where are the cool kids hosting static sites these days? Moving from Netlify to Cloudflare Pages - Will Vincent from Feb 2024 Traffic is a concern now for even low-ish traffic sites since so many bots are out there Netlify free plan is less than 30 GB/mo allowed (grandfathered plans are 100 GB/mo) GH Pages have a soft limit of 100 GB/mo Cloudflare pages says unlimited Michael: PyCon Brazil needs some help with reduced funding from the PSF Get a ticket to donate for a student to attend (at the button of the buy ticket checkout dialog) I upgraded to macOS Tahoe Loving it so far. Only issue I've seen so far has been with alt-tab for macOS Joke: Hiring in 2025 vs 2021 2021: “Do you have an in-house kombucha sommelier?” “Let's talk about pets, are you donkey-friendly?”, “Oh you think this is a joke?” 2025: “Round 8/7” “Out of 12,000 resumes, the AI picked yours” “Binary tree? Build me a foundational model!” “Healthcare? What, you want to live forever?”

Our first look at KDE Linux, then Chris shares the latest on Hyprvibe, while Wes braves his first install.Sponsored By:Managed Nebula: Meet Managed Nebula from Defined Networking. A decentralized VPN built on the open-source Nebula platform that we love. 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. Unraid: A powerful, easy operating system for servers and storage. Maximize your hardware with unmatched flexibility. Support LINUX UnpluggedLinks:

Alarm bells are ringing over a supposed browser zero-day, but is the threat as bad as it sounds? Steve reveals why "clickjacking" might be more whac-a-mole than breaking news, and what that really means for your passwords. • Germany may soon outlaw ad blockers • What's happening in the courts over AI • The U.K. drops its demands of Apple • New Microsoft 365 tenants being throttled • Is Russia preparing to block Google Meet? • Bluesky suspends its service in Mississippi • How to throttle AI • A tricky SSH-busting Go library • Here comes the Linux desktop malware • Apple just patched a doozy of a vulnerability • A trivial Docker escape was found and fixed • Why the recent browser 0-day clickjacking is really just whac-a-mole Show Notes - https://www.grc.com/sn/sn-1040-notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/securitynow zscaler.com/security bigid.com/securitynow uscloud.com

Alarm bells are ringing over a supposed browser zero-day, but is the threat as bad as it sounds? Steve reveals why "clickjacking" might be more whac-a-mole than breaking news, and what that really means for your passwords. • Germany may soon outlaw ad blockers • What's happening in the courts over AI • The U.K. drops its demands of Apple • New Microsoft 365 tenants being throttled • Is Russia preparing to block Google Meet? • Bluesky suspends its service in Mississippi • How to throttle AI • A tricky SSH-busting Go library • Here comes the Linux desktop malware • Apple just patched a doozy of a vulnerability • A trivial Docker escape was found and fixed • Why the recent browser 0-day clickjacking is really just whac-a-mole Show Notes - https://www.grc.com/sn/sn-1040-notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/securitynow zscaler.com/security bigid.com/securitynow uscloud.com

Alarm bells are ringing over a supposed browser zero-day, but is the threat as bad as it sounds? Steve reveals why "clickjacking" might be more whac-a-mole than breaking news, and what that really means for your passwords. • Germany may soon outlaw ad blockers • What's happening in the courts over AI • The U.K. drops its demands of Apple • New Microsoft 365 tenants being throttled • Is Russia preparing to block Google Meet? • Bluesky suspends its service in Mississippi • How to throttle AI • A tricky SSH-busting Go library • Here comes the Linux desktop malware • Apple just patched a doozy of a vulnerability • A trivial Docker escape was found and fixed • Why the recent browser 0-day clickjacking is really just whac-a-mole Show Notes - https://www.grc.com/sn/sn-1040-notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/securitynow zscaler.com/security bigid.com/securitynow uscloud.com

Alarm bells are ringing over a supposed browser zero-day, but is the threat as bad as it sounds? Steve reveals why "clickjacking" might be more whac-a-mole than breaking news, and what that really means for your passwords. • Germany may soon outlaw ad blockers • What's happening in the courts over AI • The U.K. drops its demands of Apple • New Microsoft 365 tenants being throttled • Is Russia preparing to block Google Meet? • Bluesky suspends its service in Mississippi • How to throttle AI • A tricky SSH-busting Go library • Here comes the Linux desktop malware • Apple just patched a doozy of a vulnerability • A trivial Docker escape was found and fixed • Why the recent browser 0-day clickjacking is really just whac-a-mole Show Notes - https://www.grc.com/sn/sn-1040-notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/securitynow zscaler.com/security bigid.com/securitynow uscloud.com

Alarm bells are ringing over a supposed browser zero-day, but is the threat as bad as it sounds? Steve reveals why "clickjacking" might be more whac-a-mole than breaking news, and what that really means for your passwords. • Germany may soon outlaw ad blockers • What's happening in the courts over AI • The U.K. drops its demands of Apple • New Microsoft 365 tenants being throttled • Is Russia preparing to block Google Meet? • Bluesky suspends its service in Mississippi • How to throttle AI • A tricky SSH-busting Go library • Here comes the Linux desktop malware • Apple just patched a doozy of a vulnerability • A trivial Docker escape was found and fixed • Why the recent browser 0-day clickjacking is really just whac-a-mole Show Notes - https://www.grc.com/sn/sn-1040-notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/securitynow zscaler.com/security bigid.com/securitynow uscloud.com

Alarm bells are ringing over a supposed browser zero-day, but is the threat as bad as it sounds? Steve reveals why "clickjacking" might be more whac-a-mole than breaking news, and what that really means for your passwords. • Germany may soon outlaw ad blockers • What's happening in the courts over AI • The U.K. drops its demands of Apple • New Microsoft 365 tenants being throttled • Is Russia preparing to block Google Meet? • Bluesky suspends its service in Mississippi • How to throttle AI • A tricky SSH-busting Go library • Here comes the Linux desktop malware • Apple just patched a doozy of a vulnerability • A trivial Docker escape was found and fixed • Why the recent browser 0-day clickjacking is really just whac-a-mole Show Notes - https://www.grc.com/sn/sn-1040-notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/securitynow zscaler.com/security bigid.com/securitynow uscloud.com

The end of an era: Properly formatted IP addresses in all of our data. When initiall designing DShield, addresses were zero padded , an unfortunate choice. As of this week, datafeeds should no longer be zero padded . https://isc.sans.edu/diary/The%20end%20of%20an%20era%3A%20Properly%20formated%20IP%20addresses%20in%20all%20of%20our%20data./32228 .desktop files used in an attack against Linux Desktops Pakistani attackers are using .desktop files to target Indian Linux desktops. https://www.cyfirma.com/research/apt36-targets-indian-boss-linux-systems-with-weaponized-autostart-files/ Malicious Go Module Disguised as SSH Brute Forcer Exfiltrates Credentials via Telegram A go module advertising its ability to quickly brute force passwords against random IP addresses, has been used to exfiltrate credentials from the person running the module. https://socket.dev/blog/malicious-go-module-disguised-as-ssh-brute-forcer-exfiltrates-credentials Limiting Onmicrosoft Domain Usage for Sending Emails Microsoft is limiting how many emails can be sent by Microsoft 365 users using the onmicrosoft.com domain. https://techcommunity.microsoft.com/blog/exchange/limiting-onmicrosoft-domain-usage-for-sending-emails/4446167

Airtel Router Scans and Mislabeled Usernames A quick summary of some odd usernames that show up in our honeypot logs https://isc.sans.edu/diary/Airtel%20Router%20Scans%2C%20and%20Mislabeled%20usernames/32216 Apple Patches 0-Day CVE-2025-43300 Apple released an update for iOS, iPadOS and MacOS today patching a single, already exploited, vulnerability in ImageIO. https://support.apple.com/en-us/124925 Microsoft Copilot Audit Logs A user retrieving data via copilot obscures the fact that the user may have had access to data in a specific file https://pistachioapp.com/blog/copilot-broke-your-audit-log Password Managers Susceptible to Clickjacking Many password managers are susceptible to clickjacking, and only few have fixed the problem so far https://marektoth.com/blog/dom-based-extension-clickjacking/

Guest: Craig H. Rowland, Founder and CEO, Sandfly Security Topics: When it comes to Linux environments – spanning on-prem, cloud, and even–gasp–hybrid setups – where are you seeing the most significant blind spots for security teams today?  There's sometimes a perception that Linux is inherently more secure or less of a malware target than Windows. Could you break down some of the fundamental differences in how malware behaves on Linux versus Windows, and why that matters for defenders in the cloud? 'Living off the Land' isn't a new concept, but on Linux, it feels like attackers have a particularly rich set of native tools at their disposal. What are some of the more subtly abused but legitimate Linux utilities you're seeing weaponized in cloud attacks, and how does that complicate detection? When you weigh agent-based versus agentless monitoring in cloud and containerized Linux environments, what are the operational trade-offs and outcome trade-offs security teams really need to consider?  SSH keys are the de facto keys to the kingdom in many Linux environments. Beyond just 'use strong passphrases,' what are the critical, often overlooked, risks associated with SSH key management, credential theft, and subsequent lateral movement that you see plaguing organizations, especially at scale in the cloud? What are the biggest operational hurdles teams face when trying to conduct incident response effectively and rapidly across such a distributed Linux environment, and what's key to overcoming them? Resources: EP194 Deep Dive into ADR - Application Detection and Response EP228 SIEM in 2025: Still Hard? Reimagining Detection at Cloud Scale and with More Pipelines  

Erlang OTP SSH Exploits A recently patched and easily exploited vulnerability in Erlang/OTP SSH is being exploited. Palo Alto collected some of the details about this exploit activity that they observed. https://unit42.paloaltonetworks.com/erlang-otp-cve-2025-32433/ WinRAR Exploited WinRAR vulnerabilities are actively being exploited by a number of threat actors. The vulnerability allows for the creation of arbitrary files as the archive is extracted. https://thehackernews.com/2025/08/winrar-zero-day-under-active.html Citrix Netscaler Exploit Updates The Dutch Center for Cyber Security is updating its guidance on recent Citrix Netscaler attacks. Note that the attacks started before a patch became available, and attackers are actively hiding their tracks to make it more difficult to detect a compromise. https://www.ncsc.nl/actueel/nieuws/2025/07/22/casus-citrix-kwetsbaarheid https://www.bleepingcomputer.com/news/security/netherlands-citrix-netscaler-flaw-cve-2025-6543-exploited-to-breach-orgs/ OpenSSH Post Quantum Encryption Starting in version 10.1, OpenSSH will warn users if they are using quantum-unsafe algorithms https://www.openssh.com/pq.html

We're throwing a party in Vegas! Someone called it SCWPodCon last year, and the name stuck. It's sponsored by Teleport, the infrastructure identity company. Get SSO for SSH! If Thomas was here, I'm sure he'd tell you that Fly.io uses Teleport internally. Oh also there's some thing called Black..pill? Black Pool? Something like that happening in Vegas, with crypto talks, so we chatted about them a bit, plus some other stuffSCWPodCon 2025: https://securitycryptographywhatever.com/events/blackhatTranscript: https://securitycryptographywhatever.com/2025/07/29/vegas-baby/Links:- Fault Injection attacks on PQCS signatures: https://www.blackhat.com/us-25/briefings/schedule/index.html#bypassing-pqc-signature-verification-with-fault-injection-dilithium-xmss-sphincs-46362- Another attack on TETRA: https://www.blackhat.com/us-25/briefings/schedule/index.html#2-cops-2-broadcasting-tetra-end-to-end-under-scrutiny-46143- Attacks on SCADA / ICS protocols (OPC UA): https://www.blackhat.com/us-25/briefings/schedule/index.html#no-vpn-needed-cryptographic-attacks-against-the-opc-ua-protocol-44760- Attacks on Nostr:  https://www.blackhat.com/us-25/briefings/schedule/index.html#not-sealed-practical-attacks-on-nostr-a-decentralized-censorship-resistant-protocol-45726- https://signal.org/blog/the-ecosystem-is-moving/- https://en.wikipedia.org/wiki/Nostr- https://eurosp2025.ieee-security.org/program.html- https://cispa.de/en/research/publications/84648-attacking-and-fixing-the-android-protected-confirmation-protocol- https://hal.science/hal-05038009v2/file/main.pdf- 8-bit, abacus, and a dog: https://eprint.iacr.org/2025/1237.pdf- https://www.youtube.com/watch?v=Dlsa9EBKDGI- https://www.quantamagazine.org/computer-scientists-figure-out-how-to-prove-lies-20250709/- https://eprint.iacr.org/2025/118"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)

SSH Tunneling in Action: direct-tcp requests Attackers are compromising ssh servers to abuse them as relays. The attacker will configure port forwarding direct-tcp connections to forward traffic to a victim. In this particular case, the Yandex mail server was the primary victim of these attacks. https://isc.sans.edu/diary/SSH%20Tunneling%20in%20Action%3A%20direct-tcp%20requests%20%5BGuest%20Diary%5D/32094 Fortiguard FortiWeb Unauthenticated SQL injection in GUI (CVE-2025-25257) An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in FortiWeb may allow an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests. https://www.fortiguard.com/psirt/FG-IR-25-151 Ruckus Virtual SmartZone (vSZ) and Ruckus Network Director (RND) contain multiple vulnerabilities Ruckus products suffer from a number of critical vulnerabilities. There is no patch available, and users are advised to restrict access to the vulnerable admin interface. https://kb.cert.org/vuls/id/613753

Sudo patch your Linux systems. Cisco has removed a critical backdoor account that gave remote attackers root privileges. The Hunters International ransomware group rebrands and closes up shop. The Centers for Medicare and Medicaid Services (CMS) notifies 103,000 people that their personal data was compromised. NimDoor is a sophisticated North Korean cyber campaign targeting macOS. Researchers uncover a massive phishing campaign using thousands of fake retail websites. The FBI's top cyber official says Salt Typhoon is largely contained. Microsoft tells customers to ignore Windows Firewall error warnings. A California jury orders Google to pay $314 million for collecting Android user data without consent. Ben Yelin shares insights from this year's Supreme Court session. Ransomware negotiations with a side of side hustle. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today our guest is Ben Yelin from UMD CHHS, who is sharing a wrap up of this year's Supreme Court session. If you want to hear more from Ben, head on over to the Caveat podcast, where he is co-host with Dave as they discuss all things law and privacy.  Selected Reading Linux Users Urged to Patch Critical Sudo CVE (Infosecurity Magazine) Cisco warns that Unified CM has hardcoded root SSH credentials (Bleeping Computer) Hunters International ransomware shuts down after World Leaks rebrand (Bleeping Computer) Feds Notify 103,000 Medicare Beneficiaries of Scam, Breach (Data Breach Today) N Korean Hackers Drop NimDoor macOS Malware Via Fake Zoom Updates (Hackread) China-linked hackers spoof big-name brand websites to steal shoppers' payment info (The Record) Top FBI cyber official: Salt Typhoon ‘largely contained' in telecom networks (CyberScoop) Microsoft asks users to ignore Windows Firewall config errors (Bleeping Computer) California jury orders Google to pay $314 million over data transfers from Android phones (The Record) US Probes Whether Negotiator Took Slice of Hacker Payments (Bloomberg) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Sudo chroot Elevation of Privilege The sudo chroot option can be leveraged by any local user to elevate privileges to root, even if no sudo rules are defined for that user. https://www.stratascale.com/vulnerability-alert-CVE-2025-32463-sudo-chroot Polymorphic ZIP Files A zip file with a corrupt End of Central Directory Record may extract different data depending on the tool used to extract the files. https://hackarcana.com/article/yet-another-zip-trick Cisco Unified Communications Manager Static SSH Credentials Vulnerability A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that cannot be changed or deleted. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-ssh-m4UBdpE7

In memoriam: Bill Atkinson Meta native apps & JavaScript collude for a localhost local mess. The EU rolls out its own DNS4EU filtered DNS service. Ukraine DDoS's Russia's Railway DNS ... and... so what? The Linux Foundation creates an alternative Wordpress package manager. Court tells OpenAI it must NOT delete ANYONE's chats. Period! :( A CVSS 10.0 in Erlang/OTP's SSH library. Can Russia intercept Telegram? Perhaps. Spain's ISPs mistakenly block Google sites. Reddit sues Anthropic. Twitter's new encrypted DM's are as lame as the old ones. The Login.gov site may not have any backups. Apple explores the question of recent Large Reasoning Models "thinking" Show Notes - https://www.grc.com/sn/SN-1029-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow threatlocker.com for Security Now uscloud.com canary.tools/twit - use code: TWIT