🚨 Wiz update >> stolen cloud secrets are being used within hours.
We tracked TeamPCP turning supply chain attacks into real cloud access - fast. From Trivy to LiteLLM, stolen creds, keys, and configs were validated and abused immediately.
Full breakdown 👇
https://t.co/xKW0RW3VPW
You turn on your VPN and your IP changes. It feels like you should be invisible, but some websites still know exactly where you are.
Your IP is just one clue. Websites also look at your browser’s timezone (for example, "Asia/Kolkata" doesn’t match a German IP), your Accept-Language header (en-IN gives you away), and your DNS resolver, which is probably still set to your ISP’s servers back home instead of your VPN’s.
One of the sneakiest trick is WebRTC. Your browser has a built-in feature for video calls that can fetch your real IP address at the operating system level, completely bypassing the VPN tunnel. A website can get it with just 10 lines of JavaScript. Some VPNs don’t block this by default.
And if you’re logged in, it’s game over. Netflix, Google and Spotify don’t care about your IP address. They care about your account. Your registered country is stored in their database, not in your connection. Using a VPN while logged in means the VPN isn’t helping you at all.
A VPN gives you a different postal address, but your timezone, language, DNS, WebRTC, browser fingerprint, and login details are still the same.
🦔 The IRS paid Palantir $1.8 million last year to build a tool called SNAP, the Selection and Analytic Platform, designed to identify the highest-value targets for audits, tax collection, and potential criminal investigations. The system pulls from more than 100 legacy IRS databases built over decades and is being piloted across three areas: disaster zone tax relief claims, residential clean energy credits, and gift tax returns. Palantir has received more than $200 million in IRS contracts since 2014. The agency has lost more than 25,000 staff since February 2025 through resignations and early retirement offers.
My Take
Using AI to modernize a tax agency running on 100 fragmented legacy systems built over decades is not inherently a bad idea. The IRS has failed to update its technology repeatedly since the 1960s and a smarter case selection system that catches genuine fraud more accurately than a decades-old scoring algorithm is a reasonable goal.
The concern worth focusing on is what you get when you combine an agency that has shed 25,000 experienced staff with an AI system selecting audit targets from a process nobody fully understands. The existing DIF scoring system is already described as a black box by researchers. SNAP adds another layer of complexity on top of that. Who gets flagged and who doesn't is ultimately answered by the people configuring the system and the data they feed it, and with fewer experienced staff to apply judgment, the margin for error gets wider, not narrower.
Hedgie🤗
After U.S. forces turned China’s most advanced anti-stealth radar—the JY-27A—into little more than lawn art, Xi reportedly ordered the execution of its chief designer, Yang Wei. Engineering with Chinese characteristics…
Looks like the postInstall setup script grabbed a second stage from GitHub repos which have been taken down so the threat should be neutralized as it stands now.
Apple deceived users.
They once took the government to court over its refusal to build a backdoor to your private data.
But now Apple is happy to use laws to collect information on you. Even when it didn’t have to.
Two-faced.
Archinstall 4.0 introduces a modern textual UI, replacing the curses interface to enhance usability and accessibility in the Arch Linux installer.
https://t.co/nFgK5oUWr7
#Linux#ArchLinux#OpenSource
🚨 CRITICAL: Active supply chain attack on axios -- one of npm's most depended-on packages.
The latest [email protected] now pulls in [email protected], a package that did not exist before today. This is a live compromise.
This is textbook supply chain installer malware. axios has 100M+ weekly downloads. Every npm install pulling the latest version is potentially compromised right now.
Socket AI analysis confirms this is malware. plain-crypto-js is an obfuscated dropper/loader that:
• Deobfuscates embedded payloads and operational strings at runtime
• Dynamically loads fs, os, and execSync to evade static analysis
• Executes decoded shell commands
• Stages and copies payload files into OS temp and Windows ProgramData directories
• Deletes and renames artifacts post-execution to destroy forensic evidence
If you use axios, pin your version immediately and audit your lockfiles. Do not upgrade.
📹 India Set to Ban Sale of Hikvision, TP-Link, CCTV Products From April
Source: https://t.co/DMGLc8JAMg
Starting April 1, 2026, the Indian government will effectively ban Chinese video surveillance giants, including Hikvision, Dahua, and TP-Link, from selling internet-connected CCTV cameras in the country.
This decisive market restriction stems from new mandatory certification rules driven by national security concerns regarding foreign hardware. The Ministry of Electronics and Information Technology (MeitY) has implemented strict Standardisation Testing and Quality Certification (STQC) requirements for all internet-connected surveillance equipment under the IS 13252-1 cybersecurity standard to mitigate foreign espionage risks.
#cybersecuritynews
Microsoft / GitHub injecting ads into CoPilot generated PRs: welcome to the future! https://t.co/AAydAyTYJU
(yes, this was a confirmed "feature" from someone on the CoPilot team; apparently they are disabling it after backlash)
BestBuy just dumped prices on its Kingston DDR5 to keep up with MicroCenter. MicroCenter already cut GSkill 50% today. It’s becoming a price war in RAM 👀 $MU $SNDK
@moashy_mango@linuxiac That is incorrect, MATE is still receiving updates. See https://t.co/pCKsqSCCnc
Also, Ubuntu is not "Wayland" only. Even Gnome has to maintain X11 compatibility via Xwayland. There just is no X11 session anymore and most parts are now running on Wayland, including GDM.
Martin's work was fantastic. Ubuntu MATE was one of the first beginner-friendly Linux distributions that greeted new users with a "Software Boutique" to set up the system with a couple of popular programs.
After 12 years, Ubuntu MATE founder Martin Wimpress is stepping back, and the project is now seeking new maintainers to assume key responsibilities.
https://t.co/CwINclX5fa
#Linux#Ubuntu#OpenSource
🚨‼️ BREAKING: Databricks allegedly compromised in a TeamPCP supply chain attack.
Databricks is the leading cloud-based data analytics platform: used by organizations worldwide to manage massive datasets.
We notified them last week. They scaled up to investigate. We haven't heard back since.