Ahora que suena mucho Rockstar por el anuncio del GTA 6, me gusta recordar que Lemmings fue su primer gran juego.
Estrictamente todavía eran DMA Design cuando Lemmings (1991), que luego se convertiría en Rockstar (1999).
Qué juegazo en su momento para Amiga.
🛡️ Nissan Confirms Data Breach Following Oracle PeopleSoft 0-Day Attacks
Source: https://t.co/4ioGNSk0NB
Nissan Americas has officially confirmed a data breach affecting current and former employees across four countries after threat actors exploited a critical zero-day vulnerability in Oracle PeopleSoft software, a campaign attributed to the ShinyHunters extortion group.
The attack stems from CVE-2026-35273, a CVSS 9.8-rated unauthenticated Server-Side Request Forgery (SSRF)-to-Remote Code Execution (RCE) vulnerability residing in the Updates Environment Management (PSEMHUB) component of Oracle PeopleSoft PeopleTools versions 8.61 and 8.62.
#cybersecuritynews #databreach
Hacking the AirTag tracking system: spoof an AirTag’s location by recording BLE broadcasts. 👨🏻💻🧳🌐📱😰
More details on:
LinkedIn: https://t.co/53pZmtakAL
Substack: https://t.co/fl7Y2iqIZ6
@PtrCzakZukowski Możecie ich sprowadzać przez agencyjki pracy do Polski. Wtedy to już będzie koszerne, prawda? :D W jednej ręce trzymacie plik z frazesami o nachodzcach, a w drugiej plik pieniędzy od psieciembiorców szukających jeszcze tańszych niewolników.
🐝 Lorsque les abeilles ne peuvent pas éliminer une menace, elles la rendent inoffensive et la neutralise.
Il arrive parfois qu’une souris s’introduise dans une ruche, attirée par la chaleur et l’odeur du miel. Les abeilles l’attaquent alors en groupe jusqu’à neutraliser l’intrus. Mais un problème subsiste : le corps est trop lourd pour être transporté hors de la ruche.
Et c’est là qu’intervient l’un des comportements les plus fascinants du monde animal.
Pour éviter que le cadavre ne se décompose et ne contamine toute la colonie, les abeilles le recouvrent entièrement de propolis, une résine naturelle qu’elles récoltent sur les arbres. Cette substance possède de puissantes propriétés antibactériennes et antifongiques.
Peu à peu, le corps se dessèche, se conserve et devient totalement inoffensif pour la ruche.
Ce phénomène, observé par les scientifiques et les apiculteurs, est considéré comme l’un des exemples les plus impressionnants d’hygiène collective chez les insectes sociaux.
⚠️ New iPhone BootROM Vulnerability Exposes Apple SoCs to Full Chain-of-Trust Compromise
Source: https://t.co/orCWNloJJT
A novel BootROM vulnerability, dubbed usbliter8, affects Apple devices powered by A12, S4/S5, and A13 SoCs. The exploit chains a hardware-level bug in the Synopsys DWC2 USB controller with a firmware configuration flaw, enabling full application processor boot-chain compromise with no software patch possible due to the immutable nature of BootROM code.
The vulnerability originates in how the DWC2 USB controller handles consecutive USB Setup packets. The controller stores up to three Setup packets in memory before resetting the DMA base address (stored in the DOEPDMA register) to its starting position, functioning like a ring buffer.
#cybersecuritynews
We tore down the "assembled in America" Trump phone, X-rayed it, and conducted a technical analysis.
It is nearly identical to the HTC U24 Pro, which is made by a Taiwanese company with Chinese parts.
Read the full analysis here:
https://t.co/YJyk8nG6Qg
A $300 Creative speaker can be hacked over Bluetooth (no pairing) to install malicious firmware and silently turn into a BadUSB keyboard that can takes over USB connected PC
Creative don’t consider it a vulnerability - it is not patched!
https://t.co/ctRvkE729v
My article "How To Investigate A Person Of Interest In 2026" is now available as a PDF.
A practical guide to digital footprint analysis – from email reconstruction to metadata mining and entity graphing.
Thanks @osintnewsletter for the mention.
PDF: https://t.co/86YlE9e2pB
For 19 years, GPS satellites have secretly broadcast a “numbers station” in their public signals. We decoded 12M messages: a 2011 flash where 31 of 32 satellites flipped in hours, “ghost” substrings repeating years apart, and a “TEXT” prefix spreading now. https://t.co/xz3svmqiDa
Mullvad just passed Google’s MASA security audit again.
But the interesting part is what the audit revealed.
Auditors found:
• visible account numbers on login screen
• plaintext custom API passwords
• mutable Android intents
• missing account deletion option
• incomplete Play Store privacy disclosures
Mullvad fixed everything and passed the audit.
Most VPN companies never even let you see findings like this publicly.
That level of transparency is rare in the VPN industry.
❗️ Over 30 official Red Hat npm packages were compromised. How they got in:
- A Red Hat employee's GitHub account was compromised.
- Attackers pushed "orphan commits" (detached from branch history) straight in, bypassing code review with no pull request.
- Payload "Miasma" (Mini Shai-Hulud variant) steals GitHub/cloud/Vault/SSH/npm secrets. Rotate everything since June 1.
- The commits added a workflow (ci.yaml) + script (_index.js) that abused npm trusted publishing, requesting a real OIDC token to publish backdoored versions.