techjournalisto

According to information from monitoring channels, all reservoirs with a volume of 50,000 m³ each were destroyed on the territory of the "Perm" linear production and dispatch station. Each reservoir contained approximately 314,000 barrels of oil or petroleum products. Additionally, a significant portion of the technological pipelines at the station burned out due to the oil spill. The technological process at the station has been disabled for an indefinite period.

Mind blown 🤯 Some smartphones sold in mainland China (like certain OPPO models) can read MIFARE Classic cards, crack the keys in seconds, store them, and then fully emulate the card directly on the phone. No extra hardware. Just the phone. Access control, transit cards, hotel keys… game over. Huge thanks to Ian for showing me this in person. Really eye-opening how far NFC capabilities have gone in some regions. Who else has seen this in the wild? #NFC #MIFARE #TechSecurity​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​ #oppo

‼️🚨 BREAKING: An AI found a Linux kernel zero-day that roots every distribution since 2017. The exploit fits in 732 bytes of Python. Patch your kernel ASAP. The vulnerability is CVE-2026-31431, nicknamed "Copy Fail," disclosed today by Theori. It has been sitting quietly in the Linux kernel for nine years. Most Linux privilege-escalation bugs are picky. They need a precise timing window (a "race"), or specific kernel addresses leaked from somewhere, or careful tuning per distribution. Copy Fail needs none of that. It is a straight-line logic mistake that works on the first try, every time, on every mainstream Linux box. The attacker just needs a normal user account on the machine. From there, the script asks the kernel to do some encryption work, abuses how that work is wired up, and ends up writing 4 bytes into a memory area called the "page cache" (Linux's high-speed copy of files in RAM). Those 4 bytes can be aimed at any program the system trusts, like /usr/bin/su, the shortcut to becoming root. Result: the next time anyone runs that program, it lets the attacker in as root. What should worry most: the corruption never touches the file on disk. It only exists in Linux's in-memory copy of that file. If you imaged the hard drive afterwards, the on-disk file would match the official package hash exactly. Reboot the machine, or just put it under memory pressure (any normal system load that needs the RAM), and the cached copy reloads fresh from disk. Containers do not help either. The page cache is shared across the whole host, so a process inside a container can use this bug to compromise the underlying server and reach into other tenants. The original sin was a 2017 "in-place optimization" in a kernel crypto module called algif_aead. It was meant to make encryption slightly faster. The change broke a critical safety assumption, and nobody noticed for nine years. That bug then rode every kernel update from 2017 to today. This vulnerability affects the following: 🔴 Shared servers (dev boxes, jump hosts, build servers): any user becomes root 🔴 Kubernetes and container clusters: one compromised pod escapes to the host 🔴 CI runners (GitHub Actions, GitLab, Jenkins): a malicious pull request becomes root on the runner 🔴 Cloud platforms running user code (notebooks, agent sandboxes, serverless functions): a tenant becomes host root Timeline: 🔴 March 23, 2026: reported to the Linux kernel security team 🔴 April 1: patch committed to mainline (commit a664bf3d603d) 🔴 April 22: CVE assigned 🔴 April 29: public disclosure Mitigation: update your kernel to a build that includes mainline commit a664bf3d603d. If you cannot patch immediately, turn off the vulnerable module: echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf rmmod algif_aead 2>/dev/null || true For environments that run untrusted code (containers, sandboxes, CI runners), block access to the kernel's AF_ALG crypto interface entirely, even after patching. Almost nothing legitimate needs it, and blocking it shuts the door on this whole class of bug...

🚨 BREAKING: Your internet fiber cable is secretly listening to you right now. Researchers from hong kong just dropped a paper at NDSS 2026 showing how they can spy on your conversations through the fiber optics in your walls. They successfully turned ordinary Fiber-to-the-Home (FTTH) cables into hidden, long-range microphones. No laser bugs. No physical implants. No drilling through walls. Just the broadband cable that is already sitting in your living room or office. By connecting a commercially available Distributed Acoustic Sensing (DAS) system to one end of the fiber, they can measure microscopic vibrations caused by sound waves in the room. Then, they use AI to reconstruct those vibrations into crystal-clear speech. Through walls. From adjacent rooms. From up to 50 meters away. It was tested on actually deployed infrastructure. The attack cost is dropping. Commercial gear is all that is required if an attacker has access to the other end of the fiber connection. Millions of homes and offices have FTTH installed. And every single one is potentially exposed.

BREAKING: 🇮🇹🇲🇰🇺🇸 It seems that the US is now refueling its fighter jets over the Balkan countries with the help of the Italian air force Italian tanker is spotted over Macedonia most likely refueling US fighter jets participating in the Iranian war. Italian MM62229 is a Boeing KC-767A tanker operated by the Italian Air Force (Aeronautica Militare), identified by code 14-04. This tanker often supports refueling missions and transport operations.

Chinese intelligence operatives posed as recruiters on LinkedIn to approach professionals across Belgium and Europe, seeking sensitive EU and NATO information. Targets were first paid for basic research before being pushed to share confidential insights or spread pro-China narratives. https://t.co/dNb0932yMa

BREAKING: Today, the Islamic regime of Iran began executing political prisoners by falsely accusing them of being Israeli spies. Kourosh Keyvani, who had been arrested during recent protests, was falsely accused of being a Mossad agent. He was tortured, forced into a false confession in a kangaroo court, and ultimately executed today. He was a resident of Sweden. The Swedish government did nothing to save him—they did not protest his arrest, did not challenge the false accusations, and have not even acknowledged him as a Swedish resident. #OperationLionsRoar #OperationEpicFury

🚨‼️𝗕𝗥𝗘𝗔𝗞𝗜𝗡𝗚: 𝗙𝗶𝗯𝗲𝗿-𝗢𝗽𝘁𝗶𝗰 𝗙𝗣𝗩 𝗗𝗿𝗼𝗻𝗲 𝗢𝗯𝘀𝗲𝗿𝘃𝗲𝗱 𝗦𝘁𝗿𝗶𝗸𝗶𝗻𝗴 𝗨.𝗦. 𝗔𝗿𝗺𝘆 𝗙𝗮𝗰𝗶𝗹𝗶𝘁𝘆 𝗮𝘁 𝗨.𝗦. 𝗩𝗶𝗰𝘁𝗼𝗿𝘆 𝗕𝗮𝘀𝗲 𝗖𝗼𝗺𝗽𝗹𝗲𝘅 𝗶𝗻 𝗜𝗿𝗮𝗾 𝑹𝒖𝒔𝒔𝒊𝒂𝒏 𝒃𝒂𝒕𝒕𝒍𝒆𝒇𝒊𝒆𝒍𝒅 ���𝒆𝒄𝒉𝒏𝒐𝒍𝒐𝒈𝒚 𝒂𝒏𝒅 𝒕𝒂𝒄𝒕𝒊𝒄𝒔 𝒉𝒂𝒗𝒆 𝒏𝒐𝒘 𝒂𝒓𝒓𝒊𝒗𝒆𝒅 𝒐𝒏 𝑨𝒎𝒆𝒓𝒊𝒄𝒂’𝒔 𝒅𝒐𝒐𝒓𝒔𝒕𝒆𝒑 𝒊𝒏 𝑰𝒓𝒂𝒒. Video released by Iranian-backed Kataib Hezbollah militants shows an explosive-armed fiber-optic guided FPV drone flying unmolested over the U.S. military’s Victory Base Complex at Baghdad International Airport. The drone then strikes a facility apparently tied to U.S. Army helicopter flight operations. The footage indicates that battlefield tactics and drones, initially developed at scale by Russia, are now proliferating to Iranian militia groups operating in Iraq. This is, without hyperbole, a very serious and dangerous escalation in the capability of Iran’s proxies to equip themselves with drone technology that is virtually impossible to detect and defeat using conventional systems. Geolocation of Facility: 33.263549, 44.213533 #OSINT #Iran #EpicFury

A photo of the destroyed US Giraffe 1X radar system on the territory of the US Embassy in Baghdad, Iraq, that was struck by an Iranian drone early on Saturday. The Giraffe 1X, originally developed by Swedish SAAB, is a multi-mission radar possessing simultaneous air surveillance, Counter Rocket, Artillery and Mortar (C-RAM) and Counter Unmanned Aerial System (C-UAS) capabilities for very short-range air defense (VSHORAD).