Agregátor RSS

cPanel has released updates to address three vulnerabilities in cPanel and Web Host Manager (WHM) that could be exploited to achieve privilege escalation, code execution, and denial-of-service. The list of vulnerabilities is as follows - CVE-2026-29201 (CVSS score: 4.3) - An insufficient input validation of the feature file name in the "feature::LOADFEATUREFILE" adminbin call that could result Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Fyzik Enbang Li experimentálně prokázal měřitelný vliv gravitace na světlo • Kompaktní optický přístroj měří gravitaci bez pohyblivých mechanických částí • Technologie najde reálné uplatnění v průzkumných letadlech a ponorkách

Tento týden jsme pro vás vybrali deset zajímavých slev a akcí – od zlatých šperků přes chytré hodinky a domácí spotřebiče až po výhodné tarify energie nebo jídlo s rozvozem. Většina nabídek platí jen do konce května, takže se vyplatí neotálet.

UBports, nadace a komunita kolem Ubuntu pro telefony a tablety Ubuntu Touch, vydala Ubuntu Touch 24.04-1.3. Současně oznámila, že nadcházející větší vydání 24.04-2.0 bude mít modernější webový prohlížeč.

Ucelený přehled článků, zpráviček a diskusí za minulých 7 dní.

Jednou z mnoha interpretací kvantové mechaniky je spontánní kvantový kolaps. Podle těchto teorií je kvantový kolaps reálným fyzikálním procesem, při němž by jako „vedlejší produkt“ měla vznikat špetka slabého rentgenového záření. Fyzici na to nasadili podzemní detektor XENONnT, který jinak pod masivem Gran Sasso loví temnou hmotu. Jak to dopadlo?

Velká mozkovna a v ní miniaturní mozek. Jak to jde dohromady? U některých živočichů docela dobře.

Chaos erupted at schools and colleges throughout the US on Thursday as a cyberattack disrupted online learning platform Canvas just as students were due to take final exams.

Canvas parent company Instructure said that as of Friday morning, the platform was back online. Instructure said it temporarily took Canvas offline on Thursday after identifying unauthorized activity in its network. The threat actor was the same one responsible for a data breach that Instructure disclosed a week ago. Data accessed included user names, email addresses, student ID numbers, and messages exchanged on the platform. The company said it has no indication that passwords, dates of birth, government identifiers, or financial information were involved.

Schools and colleges scramble

A ransomware group known as ShinyHunters claimed responsibility for the breach on its dark web site. It claimed the data it took came from 275 million people associated with 8,800 schools.

Read full article

Comments

Threat hunters have flagged a previously undocumented Brazilian banking trojan dubbed TCLBANKER that's capable of targeting 59 banking, fintech, and cryptocurrency platforms. The activity is being tracked by Elastic Security Labs under the moniker REF3076. The malware family is assessed to be a major update of the Maverick family, which is known to leverage a worm called SORVEPOTEL to Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

There’s a mysterious framework worming its way through exposed cloud instances removing all traces of TeamPCP infections, but it’s not benevolent by a long shot: Whoever is behind this bit of malware may be cleaning up who came before, but only so they can take their place. Discovered by security outfit SentinelOne’s SentinelLabs researchers and dubbed PCPJack for its habit of stealing previously compromised systems from TeamPCP, the worm was first spotted in late April hiding among a Kubernetes-focused VirusTotal hunting rule. It stood out from known cloud hacktools, said SentinelLabs, because the first action it always takes is to eliminate tools associated with TeamPCP attacks. The script didn’t stop there, though. “We initially considered that this toolset could be a researcher removing TeamPCP’s infections,” SentielLabs said. “Analysis of the later-stage payloads indicates otherwise.” “Analyzing this script led us to discover a full framework dedicated to cloud credential harvesting and propagating onto other systems, both internal and external to the victim’s environment,” SentinelLabs continued. In other words, this thing will harvest credentials from everywhere it can get its hands on, and then find new, unsecured cloud environment targets to spread itself to. TeamPCP came onto the scene late last year, and since then has made a name for itself primarily by undertaking a successful compromise of the Trivy vulnerability scanner. That act spread credential-harvesting malware which attackers then used to pivot to more valuable targets, and became one of the most notable supply chain attacks in recent memory. Unlike TeamPCP’s campaign, which relied on the spread of compromised software by human actors, this one spreads on its own accord. Infections start when already-infected systems look for exposed services, including Docker, Kubernetes, Redis, MongoDB, and RayML, as well as exposed web applications. Once it finds a vulnerable environment, it runs a shell script on the target system that sets up an environment to download additional payloads and searches for TeamPCP processes and artifacts to kill. That part of the infection downloads the worm itself, along with modules to enable lateral movement, parse credentials and encrypt them for exfiltration, and for scanning the web for new environments to infect. From there, the worm goes to work with the second module in its kit that conducts the actual credential thefts. This portion of the infection targets environment variables, config files, SSH keys, Docker secrets, Kubernetes tokens, and credentials from a list of finance, enterprise, messaging, and cloud service targets so long that we recommend taking a look at it here, or just assuming whatever you’re using is probably being targeted. SentinelLabs noted that the lack of a cryptominer in the malware package is unusual, and said the particular services it targeted suggests its goal is either conduct its own spam campaigns and financial fraud with the stolen data, or to make the data it harvests available to those planning similar crimes. The worm's practice of removing TeamPCP files could be opportunistic, or could mean there’s drama going on in the cybercrime world. “We have no evidence to suggest whether this toolset represents someone associated with the group or familiar with their activities,” SentinelLabs noted. “However, the first toolset’s focus on disabling and replacing TeamPCP’s services implies a direct focus on the threat actor’s activities rather than pure cloud attack opportunism.” Because this is a worm relying on unsecured cloud and web app instances ripe for targeting, mitigation recommendations are pretty simple: Keep your cloud platforms secure, and ensure authentication is required even for instances of things like Docker and Kubernetes that aren’t exposed to the internet. ®

Je toho dost, co by náš vysněný počítač měl umět. Nechceme ale zázraky. Každý laptop by podle Petra měl podporovat biometrii, vždyť nejlacinější čtečky otisků prstů stojí pár dolarů. Místo toho na levnějších strojích pořád píšeme hesla a PINy. Dávno víme, že displeje s poměrem stran 16:9 nejsou ...

NVIDIA has confirmed in a statement for BleepingComputer that GeForce NOW user information has been exposed in a data breach. [...]

Na hraní je vhodné upgradovat na 32 GB RAM, říkal Microsoft. • Nyní to už netvrdí, reagoval na rozhořčená média a fanoušky. • Také smazal zmínku, že Copilot+ PC jsou herní počítače.

Ploopy po DIY trackballech či sluchátkách představuje nový externí DIY trackpoint se čtyřmi tlačítky Bean. Obsahuje snímač Texas Instruments TMAG5273, spínače Omron D2LS-21 a řadič RP2040, používá firmware QMK. Schémata jsou na GitHubu; sadu lze předobjednat za 69 kanadských dolarů (bez dopravy a DPH).

Cybersecurity researchers have discovered fraudulent apps on the official Google Play Store for Android that falsely claimed to offer access to call histories for any phone number, only to trick users into joining a subscription that provided fake data and incurred financial loss. The 28 apps have collectively racked up more than 7.3 million downloads, with one of them alone accounting for over Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

A lot of Linux attacks now look like normal admin activity. Attackers use SSH, cron, curl, systemd, cloud scripts, and other trusted tools that defenders already expect to see running across production systems.

A lot of Linux attacks now look like normal admin activity. Attackers use SSH , cron , curl , systemd , cloud scripts, and other trusted tools that defenders already expect to see running across production systems.

Attackers move faster than overwhelmed SOC teams can realistically investigate alerts. Prophet Security breaks down how AI can help analysts investigate alerts faster and focus on real threats. [...]

The hardest part of cybersecurity isn't the technology, it’s the people. Every major breach you’ve read about lately usually starts the same way: one employee, one clever email, and one "Patient Zero" infection. In 2026, hackers are using AI to make these "first clicks" nearly impossible to spot. If a single laptop gets compromised on your watch, do you have a plan to stop it from taking down [email protected]