A new campaign has targeted the npm package repository with malicious JavaScript libraries that are designed to infect Roblox users with open-source stealer malware such as Skuld and Blank-Grabber. "This incident highlights the alarming ease with which threat actors can launch supply chain attacks by exploiting trust and human error within the open source ecosystem, and using readily available

High-profile entities in India have become the target of malicious campaigns orchestrated by the Pakistan-based Transparent Tribe threat actor and a previously unknown China-nexus cyber espionage group dubbed IcePeony. The intrusions linked to Transparent Tribe involve the use of a malware called ElizaRAT and a new stealer payload dubbed ApoloStealer on specific victims of interest, Check Point

The threat actors behind the AndroxGh0st malware are now exploiting a broader set of security flaws impacting various internet-facing applications, while also deploying the Mozi botnet malware. "This botnet utilizes remote code execution and credential-stealing methods to maintain persistent access, leveraging unpatched vulnerabilities to infiltrate critical infrastructures," CloudSEK said in a

Let’s face it—traditional security training can feel as thrilling as reading the fine print on a software update. It’s routine, predictable, and, let’s be honest, often forgotten the moment it's over. Now, imagine cybersecurity training that’s as unforgettable as your favorite show. Remember how "Hamilton" made history come alive, or how "The Office" taught us CPR (Staying Alive beat, anyone?)?

The 36-year-old founder of the Bitcoin Fog cryptocurrency mixer has been sentenced to 12 years and six months in prison for facilitating money laundering activities between 2011 and 2021. Roman Sterlingov, a dual Russian-Swedish national, pleaded guilty to charges of money laundering and operating an unlicensed money-transmitting business earlier this March. The U.S. Department of Justice (DoJ)

Palo Alto Networks on Friday issued an informational advisory urging customers to ensure that access to the PAN-OS management interface is secured because of a potential remote code execution vulnerability. "Palo Alto Networks is aware of a claim of a remote code execution vulnerability via the PAN-OS management interface," the company said. "At this time, we do not know the specifics of the

Cybersecurity researchers have discovered a new phishing campaign that spreads a new fileless variant of known commercial malware called Remcos RAT. Remcos RAT "provides purchases with a wide range of advanced features to remotely control computers belonging to the buyer," Fortinet FortiGuard Labs researcher Xiaopeng Zhang said in an analysis published last week. "However, threat actors have

Hewlett Packard Enterprise (HPE) has released security updates to address multiple vulnerabilities impacting Aruba Networking Access Point products, including two critical bugs that could result in unauthenticated command execution. The flaws affect Access Points running Instant AOS-8 and AOS-10 - AOS-10.4.x.x: 10.4.1.4 and below Instant AOS-8.12.x.x: 8.12.0.2 and below Instant AOS-8.10.x.x:

Cybersecurity researchers have uncovered nearly two dozen security flaws spanning 15 different machine learning (ML) related open-source projects. These comprise vulnerabilities discovered both on the server- and client-side, software supply chain security firm JFrog said in an analysis published last week. The server-side weaknesses "allow attackers to hijack important servers in the

Cyber threats are intensifying, and cybersecurity has become critical to business operations. As security budgets grow, CEOs and boardrooms are demanding concrete evidence that cybersecurity initiatives deliver value beyond regulation compliance. Just like you wouldn’t buy a car without knowing it was first put through a crash test, security systems must also be validated to confirm their value.

In an unusually specific campaign, users searching about the legality of Bengal Cats in Australia are being targeted with the GootLoader malware. "In this case, we found the GootLoader actors using search results for information about a particular cat and a particular geography being used to deliver the payload: 'Are Bengal Cats legal in Australia?,'" Sophos researchers Trang Tang, Hikaru Koike,

⚠️ Imagine this: the very tools you trust to protect you online—your two-factor authentication, your car’s tech system, even your security software—turned into silent allies for hackers. Sounds like a scene from a thriller, right? Yet, in 2024, this isn’t fiction; it’s the new cyber reality. Today’s attackers have become so sophisticated that they’re using our trusted tools as secret pathways,

Cybersecurity researchers have flagged a new ransomware family called Ymir that was deployed in an attack two days after systems were compromised by a stealer malware called RustyStealer. "Ymir ransomware introduces a unique combination of technical features and tactics that enhance its effectiveness," Russian cybersecurity vendor Kaspersky said. "Threat actors leveraged an unconventional blend

Behavioral analytics, long associated with threat detection (i.e. UEBA or UBA), is experiencing a renaissance. Once primarily used to identify suspicious activity, it’s now being reimagined as a powerful post-detection technology that enhances incident response processes. By leveraging behavioral insights during alert triage and investigation, SOCs can transform their workflows to become more

Threat actors with ties to the Democratic People's Republic of Korea (DPRK aka North Korea) have been found embedding malware within Flutter applications, marking the first time this tactic has been adopted by the adversary to infect Apple macOS devices. Jamf Threat Labs, which made the discovery based on artifacts uploaded to the VirusTotal platform earlier this month, said the Flutter-built

Cybersecurity researchers are calling attention to a new sophisticated tool called GoIssue that can be used to send phishing messages at scale targeting GitHub users. The program, first marketed by a threat actor named cyberdluffy (aka Cyber D' Luffy) on the Runion forum earlier this August, is advertised as a tool that allows criminal actors to extract email addresses from public GitHub

Cybersecurity researchers have disclosed new security flaws impacting Citrix Virtual Apps and Desktop that could be exploited to achieve unauthenticated remote code execution (RCE) The issue, per findings from watchTowr, is rooted in the Session Recording component that allows system administrators to capture user activity, and record keyboard and mouse input, along with a video stream of the

Microsoft on Tuesday revealed that two security flaws impacting Windows NT LAN Manager (NTLM) and Task Scheduler have come under active exploitation in the wild. The security vulnerabilities are among the 90 security bugs the tech giant addressed as part of its Patch Tuesday update for November 2024. Of the 90 flaws, four are rated Critical, 85 are rated Important, and one is rated Moderate in

The Iranian threat actor known as TA455 has been observed taking a leaf out of a North Korean hacking group's playbook to orchestrate its own version of the Dream Job campaign targeting the aerospace industry by offering fake jobs since at least September 2023. "The campaign distributed the SnailResin malware, which activates the SlugResin backdoor," Israeli cybersecurity company ClearSky said

Why is it that in every recent Presidential election I’ve found myself saying, “We’re a nation of (now) some 330 million people, and these are the best two we can pick from to lead us?” In a recent piece, Wall Street Journal defined the choice as Awful versus Empty. (Google will get you there, though […]

Mark Smith is a brilliant attorney, gun-focused and one of our most articulate spokespersons for firearms owners civil rights. Check out his blog called The Four Boxes Diner. That’s a reference to Boxes of Liberty: the soapbox, the ballot box, the jury box, and finally the cartridge box. You also want to check out his […]

Recently saw this on YouTube, from a grandmaster competition shooter who is also in law enforcement. I agree with him. I’ve said for years that while a shooting match is not a gunfight, a gunfight most certainly is a shooting match. Competition experience makes shooting under pressure the norm. Wyatt Earp competed in the informal […]

…remind them of this. I was recently reading “Andrew Jackson and the Miracle of New Orleans” by Brian Kilmeade and Don Yeager. The War of 1812 was going badly for the Americans. The British had burned the White House, and a huge contingent of British troops was in Louisiana planning to march north in conquest. […]

Don’t you hate it when the candidate “on your side” acts as if he’s trying to throw the fight? I voted for Donald Trump and urged others to do the same in 2016 and 2020, and as soon as early voting opens in my state will vote for him again in 2024. Not because he’s […]

Historically, both law and facts are on the gun owners’ side of the “gun control” debate, and the Other Side had relied largely on emotion.  I respectfully submit that emotion is something our side should play to, as well. I made that point recently at the 2024 Gun Rights Policy Conference in San Diego last […]

The difficulty of this weeknotes things is that entire weeks can go by without anything interesting happening. That’s…

One of my strongest memories of my childhood is a fridge magnet. It was a small white cube…

This is, without doubt, the stupidest coffee device I have ever bought. But I have bought it.

I completed Mass Effect 2 a couple of days ago for the first time. This article contains spoilers…

It is possible, even likely, that we will not have a projected winner of the presidential race on Nov. 5 – Election Day. And that doesn't mean there's something nefarious going on with the vote-counting.

The post Election Night Expectations appeared first on FactCheck.org.

In the waning days of his campaign, former President Donald Trump has further embraced some of Robert F. Kennedy Jr.’s incorrect or controversial views on health, including vaccines and fluoride.

The post Trump Embraces RFK Jr.’s Views on Vaccines, Fluoride appeared first on FactCheck.org.

A misspelling of former President Donald Trump's name occurred on an optional ballot review screen in Virginia, prompting an unfounded claim on social media of "election fraud." The error was a typo that appeared only on the ballot review screen, not on actual ballots, and would not affect any votes, election officials said.

The post Typo in Trump’s Name on Ballot Review Screen Is Not ‘Election Fraud’ appeared first on FactCheck.org.

Posts shared on Facebook make an unfounded claim of racially motivated threats of violence in Gwinnett County, Georgia, "from now until the Inauguration." The county sheriff's office said it had "not received any information indicating threats to any group(s) on or after election day."

The post Posts Spread Unfounded Claim of Race-Based Threat of Violence in Georgia appeared first on FactCheck.org.

Former President Donald Trump posted to social media an unsupported claim about "massive CHEATING" in Philadelphia, which he claimed had drawn the attention of law enforcement. The Philadelphia Police Department, the Philadelphia district attorney, a Republican city council member and the Pennsylvania Department of State all refuted the claim.

The post Trump Makes Unsupported Claim About ‘Massive CHEATING’ in Philadelphia appeared first on FactCheck.org.

Social media users have spread a quote attributed to Democratic Rep. Jamie Raskin, claiming he said "we won’t be certifying the election" if former President Donald Trump wins. Raskin responded, saying the quote is "100% fabricated" and that "America is having a free and fair election and Congress will certify the winner." The origin of the posts appears to be a misleading account of Raskin's comments in February.

The post Raskin Didn’t Say He ‘Won’t Be Certifying the Election’ appeared first on FactCheck.org.

Social media users alleged bias against former President Donald Trump when a Google search on Election Day for “where to vote” returned an interactive map to find a person’s polling station when including the word “Harris” but not “Trump.” The reason is because “Harris” is a county in Texas, whereas “Trump” is not a location.

The post Google’s ‘Where to Vote’ Search Result Reflects Quirk of Candidate Surname, Not Bias appeared first on FactCheck.org.

Some social media posts falsely claimed that CBS News reported there was "cheating" in the 2024 presidential election that benefitted President-elect Donald Trump. We found no evidence of such a report, and a CBS News spokesperson said the outlet "did not report or say there was cheating in the election."

The post Posts Falsely Claim CBS News Reported ‘Cheating’ in Election appeared first on FactCheck.org.

The new 2024-25 COVID vaccines are available, so FunkyPlaid and I got ours on Friday. Because we went to a pharmacy, my health insurance didn’t cover them, so I had to use funds from my HRA. (We could have waited until our medical provider had appointments, but that would have been late September or early October — and with travel coming up soon, I was unwilling to wait.)

It is bizarre and enraging to see how agencies supposedly dedicated to public health are flailing in this moment. I’m extremely fortunate to have a job that provides health insurance, an HRA, and sick leave, and I can afford KN95 masks and rapid antigen tests. What about people who are uninsured or underinsured?

I know it’s a bummer to read this, but it’s a bigger bummer to try to survive during yet another COVID surge. Let’s take care of our health, for ourselves and for our communities.

Concentrating on

This time of year is Planner Season, when the 2025 planners are released and people like me (and maybe you too) gobble them up and then spend the rest of this year hoping that next year we have lives exciting enough to plan.

Ever the optimist, my planner line-up for 2025 is:

• For my personal planner, daily log, habit tracker, reading journal, and commonplace book, I’ll be trying the Sterling Ink Common Planner in their new N1 size, which fits inside a Traveler’s Notebook. I’m currently using a Hobonichi Weeks, which is 95mm x 186mm; the N1 size is 110mm x 210mm.
• For my work planner, the Wonderland 222 A5 Weekly Planner has been working well for me this year, so I’ll try it again in 2025.

Cultivating

✍???? Drafting two stories, one for performance (I hope ????????) and one for a collection.

???? Still knitting that gift for someone.

???? Food I made that was yummy:

• Peperonata with peppers from a coworker’s CSA box, plus peppers from our own CSA box. CSA boxes are great!
• Gluten-free vegan apple crisp. I am not a huge fan of apples in their primary form; I prefer them as a cinnamon delivery device. So this recipe from Minimalist Baker, apples chopped up and baked with oats and sugar? That works.
• Sliced heirloom tomatoes on toast spread thinly with mayonnaise. Truffle salt if you’re feeling fancy. (I was.)

???????? Learning Italian with Duolingo.

???? The workweek was short because of the holiday on Monday, but also long because of everything. I’m still trying to create better boundaries around that.

Consuming

????️ One of my planner pals shared a sample of Bungukan Kobayashi’s Yagentoshiro Reflex Violet, a dusky blue with iridescent purple shimmer.

???? “girlfriend” by Hemlocke Springs is on repeat on my brain radio.

???? You don’t need to be a Rolling Stones fan to enjoy the “I Can’t Get No Legal Action” episode of the Judge John Hodgman podcast.

???? Still working my way through the crossword puzzle books I’ve hoarded and enjoying the daily Cross|word on Puzzmo. Also, Minute Cryptic is quite humbling.

???? One last episode of “Fargo” to go, then we’ll start the latest season of “Slow Horses”.

???? What I’m reading and quoting:

• “The Mountain in the Sea” by Ray Nayler: “The great and terrible thing about humankind is simply this: we will always do what we are capable of.”

Some links

From “What would an adequate COVID response look like?” by Julia Doubleday:

Right now, state representatives are deliberately avoiding mention of COVID, while propagandizing the safety of infection and/or the end of the pandemic by refusing to mask. It is hard to imagine how successful a pandemic response might be if public officials were actually trying to end the pandemic. We quite literally have public health and political and media figures working to hide three pieces of critical information: public knowledge of the virus, public knowledge of mitigation measures that would reduce viral spread, and public knowledge of the severity of the virus (which would motivate desire to reduce viral spread).

Other links:

• NaNoWriMo Shits The Bed On Artificial Intelligence (Chuck Wendig)
• Why Goblin Mode Is the New Self-Care Routine (Cleveland Clinic)
• 2024 Winners of the 17th Annual iPhone Photography Awards

One more thing

Today I’m journaling about this quote from Seneca: “Life, if well lived, is long enough.”

I was overwhelmed by the response to my last post, and so grateful for the reminder that there is still connection to be found online, I just need to push through my own self-consciousness to find it. And I have many good models for this behavior, people who are quick with a kind and supportive word, people who do not shy away from nuance.

Today I spent the day offline in the company of people like this, a small group of friends that gathers once a month to share our love of stationery: pens, ink, paper, notebooks, planners, postal mail, and the like. We sit around a big table and journal together while chatting, snacking, and drinking lattes carefully crafted by FunkyPlaid. The middle of the table soon fills with stickers, stamps, inks, and washi tapes that we’ve brought to share with each other.

As I look around the table at these treasured people, I think about how much work goes into building community. Healthy communities take intention, upkeep, energy, and shared values. This gathering happens every month because we invest all of this into making it happen. As hosts, FunkyPlaid and I make sure people feel cared for with food and drink in a clean and welcoming space. As guests, everyone brings what they want to share, and expresses interest in what they are interested in (and refrains from expressing disdain for what they aren’t).

It’s a lot of work, joyful work. And this work results in a day each month to anticipate, and memories to hold close the rest of the month. I hope never to take this community for granted.

TJ Klune's Somewhere Beyond the Sea is down four positions, ending the week at number 5. For more info about this title, follow this Amazon Associate link.

Abigail Owen's The Games Gods Play is down one spot, finishing the week at number 6. For more info about this title, follow this Amazon Associate link.

Rebecca Yarros' Iron Flame is down one position, ending the week at number 9. For more info about this title, follow this Amazon Associate link.

Rebecca Yarros' Fourth Wing is down four positions, ending the week at number 15. For more info about this title, follow this Amazon Associate link.

In paperback:

Rebecca Yarros' Fourth Wing debuts at number 1. For more info about this title, follow this Amazon Associate link.

Sarah J. Maas' A Court of Thorns and Roses is up one position, ending the week at number 3. For more info about this title, follow this Amazon Associate link.

Sarah J. Maas' A Court of Mist and Fury is up five positions, ending the week at number 7. For more info about this title, follow this Amazon Associate link.

Stephen King's Holly is down four spots, finishing the week at number 15. For more info about this title, follow this Amazon Associate link.

Rebecca Yarros' Iron Flame is up three positions, ending the week at number 6. For more info about this title, follow this Amazon Associate link.

TJ Klune's Somewhere Beyond the Sea is down three positions, ending the week at number 8. For more info about this title, follow this Amazon Associate link.

Abigail Owen's The Games Gods Play is down five spots, finishing the week at number 11. For more info about this title, follow this Amazon Associate link.

In paperback:

Rebecca Yarros' Fourth Wing mtaintains its position at number 1. For more info about this title, follow this Amazon Associate link.

Sarah J. Maas' A Court of Thorns and Roses maintains its position at number 3. For more info about this title, follow this Amazon Associate link.

Sarah J. Maas' A Court of Mist and Fury is down four positions, ending the week at number 11. For more info about this title, follow this Amazon Associate link.

Raven Kennedy's Goldfinch debuts at number 14. For more info about this title, follow this Amazon Associate link.

Stephen King's Holly maintains its position at number 15. For more info about this title, follow this Amazon Associate link.

The Devils is indeed a more fun and entertaining novel. Not a light read per se, but lighter than what Abercrombie has accustomed to with the First Law books. Sure, the narrative is snarky and filled with jokes and hilarious scenes, but à la Abercrombie there is nevertheless plenty of blood and gore to go along with the "lighter" elements of the tale. I doubt that The Devils will end up on the ballot for the World Fantasy Award, yet I can assure you that it's the most fun you'll have reading SFF in 2025!

Here's the blurb:

A brand-new epic fantasy from New York Times bestselling author Joe Abercrombie, featuring a notorious band of anti-heroes on a delightfully bloody and raucous journey.

Holy work sometimes requires unholy deeds.

Brother Diaz has been summoned to the Sacred City, where he is certain a commendation and grand holy assignment awaits him. But his new flock is made up of unrepentant murderers, practitioners of ghastly magic, and outright monsters. The mission he is tasked with will require bloody measures from them all in order to achieve its righteous ends.

Elves lurk at our borders and hunger for our flesh, while greedy princes care for nothing but their own ambitions and comfort. With a hellish journey before him, it's a good thing Brother Diaz has the devils on his side.

It's difficult to judge how good/bad the worldbuilding is. As was the case with The Blade Itself, Abercrombie doesn't reveal a whole lot about this alternate Europe and the rest of the world. Perhaps subsequent installments will flesh out the world a bit more, as was the case with the First Law trilogy. But that remains to be seen. The author keeps his cards rather close to his chest in this first volume and only provides enough information so that readers can follow what's going on. The Devils is set in a universe where the great Roman Empire, the one that ruled the Mediterranean and much of Europe, Western Asia, and North Africa, never came to be. Rome was conquered by Carthage and became part of its empire, until Carthage was swalloed by the opening of a gate to Hell that went terribly wrong. There is a schism between the Church of the West, which is matriarchal and follows the Saviour (who was a woman), and the Church of the East, which patriarchal and follows the Father of the Saviour. There is no Muslim/Islam analog, for some reason. The Holy Land is occupied by elves, against whom the Crusades were fought. Prophecies seem to indicate that the elves will return once more to destroy the world, which is why something must be done to reconcile the Church under one creed so that the elven menace can be faced by a united front.

Brother Diaz, a craven monk with little to recommend him, is summoned to the Holy City, where he's press-ganged into becoming the head of the Chapel of the Holy Expediency. Though it goes against its precepts, the Church understands that sometimes one must fight fire with fire. As stated in the cover blurb, holy work sometimes requires unholy deeds. The Chapel of the Holy Expediency is comprised of evil elements that should have been put to death. Instead of being burned at the stake, they were given the opportunity to atone for their crimes by serving Her Holiness. A lost scion of  the royal family of Troy has been found. Brother Diaz and his flock must return her to the fabled city of splendors so she can ascend the Serpent Throne, and in so doing perhaps heal the rift and reunite the Eastern and the Western branches of the Church. The problem is that everyone with a claim to the crown will stop at nothing to kill the girl and ascend the Serpent Throne. And Troy is a long way from Rome. To make matters worse, all Brother Diaz has to rely on are the street urchin who is to somehow become empress, a cursed Knight Templar, a geriatric vampire, a jack-of-all-trades woman who's seen it all, a supposedly flesh-eating elf, a self-important necromancer, and a sex-crazed Norse female werewolf. What can possibly go wrong along the way? Why everything, of course!

It's obvious that Abercrombie decided that he was going to have fun writing this one, so buckle up because this is going to be one heck of a ride. Forget about the dark and dismal atmosphere of the Age of Madness, The Devils will have you chuckling and then laughing out loud in basically every single chapter. As is the author's wont, characterization remains this novel's best facet. Everyone gets a POV other than Baptiste, which makes me wonder why. This is another character-driven effort and Abercrombie sure came up with a motley crew of flawed men and women. Understandably, Alex, would-be Empress of the East if they can somehow survive this shit show and reach Troy and put her on the throne, is sort of the main protagonist. I say sort of because there is a nice balance between most of the perspectives and everyone shares the limelight. And though I've more or less enjoyed everyone's POV, with the exception of Vigga who was always a bit over-the-top for my liking, I have to admit that Balthazar Sham Ivam Draxi is probably my favorite Abercrombie protagonist other than the inimitable Sand dan Glokta. True, these characters are not always the sharpest tools in the shed, but they each get their moment to shine and it's nice to see that each dog has its day. In true Abercrombie fashion, the author plays with our expectations and pulls the rug from under our feet a number of times. Even with a more humorous style and tone, Joe Abercrombie will always be Joe Abercrombie.

Having said that, I do believe that he went a bit overboard with the jokes and the snarky bits. And yet, to be honest, The Devils is that kind of work. It's meant to be a fun and thrilling ride and this is exactly what it is. Some sequences move more fluidly than others, yet pace is never really an issue. Some scenes only seem to exist for comedic purposes and don't necessarily add much to the story itself, true. But who cares in the end? You're having a good time from the first to the very last page.

Mark your calendar. The Devils is sure to be a hit next spring!

The final verdict: 8/10

For more info about this title, follow this Amazon Associate link.