@hacks4pancakes Sad days for us still here.

Just a reminder for con organizers, even outside immigration risks, this is genuinely all that is still relatively safe for gnc attendees in America, 2025.

You know what looks worse politically than freeing someone from a concentration camp in El Salvador? Putting them in a concentration camp in El Salvador.

Is Trump threatening the Fed's independence with attacks on Fed Chair Jerome Powell?
https://www.npr.org/2025/04/18/nx-s1-5368036/is-trump-threatening-the-feds-independence-with-attacks-on-fed-chair-jerome-powell?utm_source=flipboard&utm_medium=activitypub

Posted into Morning Edition @morning-edition-npr

Cisco has released security updates for a high-severity Webex vulnerability that allows unauthenticated attackers to gain client-side remote code execution using malicious meeting invite links.

https://www.bleepingcomputer.com/news/security/cisco-webex-bug-lets-hackers-gain-code-execution-via-meeting-links/

Tired: Teachers using tools to find students cheating with AI.

Wired: Teachers using tools to figure out how many of their new students are bots who are just there to submit enough AI-completed assignments that they can claim financial aid in someone else's name.

This story from the Voice of San Diego is worth a read:

"When the spring semester began, Southwestern College professor Elizabeth Smith felt good. Two of her online classes were completely full, boasting 32 students each. Even the classes’ waitlists, which fit 20 students, were maxed out. That had never happened before. "

"By the end of the first two weeks of the semester, Smith had whittled down the 104 students enrolled in her classes, including those on the waitlist, to just 15. The rest, she’d concluded, were fake students, often referred to as bots."

"The bots’ goal is to bilk state and federal financial aid money by enrolling in classes, and remaining enrolled in them, long enough for aid disbursements to go out. They often accomplish this by submitting AI-generated work. And because community colleges accept all applicants, they’ve been almost exclusively impacted by the fraud."

"That has put teachers on the front lines of an ever-evolving war on fraud, muddied the teaching experience and thrown up significant barriers to students’ ability to access courses. What has made the situation at Southwestern all the more difficult, some teachers say, is the feeling that administrators haven’t done enough to curb the crisis."

https://voiceofsandiego.org/2025/04/14/as-bot-students-continue-to-flood-in-community-colleges-struggle-to-respond/

tl;dr: 25% of students enrolled in California community colleges are reportedly AI bots set up to commit financial aid fraud. Probably this time next year it will be 40-50 percent.

Chinese-speaking IronHusky hackers are targeting Russian and Mongolian government organizations using upgraded MysterySnail remote access trojan (RAT) malware.

https://www.bleepingcomputer.com/news/security/chinese-hackers-target-russian-govt-with-upgraded-rat-malware/

It was only a matter of time - a contracted, approved grant to the Internet Archive was cut with no warning.

https://sfstandard.com/2025/04/17/doge-neh-funding-cuts-sf/

Übergriffe auf Bahn-Mitarbeiter nehmen zu

Zugbegleiter, Reinigungskräfte oder auch Kundenberater der Bahn werden immer wieder Ziel von gewaltsamen Angriffen. Mitarbeiter werden nun weiter verstärkt mit Bodycams ausgestattet.

➡️ https://www.tagesschau.de/inland/bahn-mitarbeiter-angriffe-100.html?at_medium=mastodon&at_campaign=tagesschau.de

#Bahn

Federal Reserve Chair Jerome Powell says Trump's policies are likely to drive inflation, unemployment, and economic decline -- a hat trick of economic misery.

Good lord, what a week. Before you head out for the weekend, check out today's Metacurity for the most crucial infosec developments you should know, including

--Russia is using LLM 'grooming' to spread misinformation in AI models
--NJ sues Discord for failing to protect young users,
--Hackers stole $700m from Japan's brokerages since February,
--Thai security forces dox pro-democracy activists,
--Chinese mobile networks can access and mess with mobile signaling data,
--Palantir is hunting down data on ICE targets,
--much more
https://www.metacurity.com/russia-is-using-llm-grooming-to-spread-misinformation-in-ai-models/

Digital Forensic StartMe page

- getting started guides
- VM/distros
- decoding tools
- mobile forensics
- network analysis
- metadata tools
- SANS posters/cheatsheets

https://start.me/p/m60j2v/digital-forensics

#dfir

Hat Tesla seine Kilometerzähler manipuliert?

Tesla kommt nicht aus den Negativschlagzeilen: Dem E-Autobauer wird vorgeworfen, die Kilometerzähler in seinen Fahrzeugen manipuliert zu haben. Das Ziel: schneller endende Garantien und dadurch höhere Reparatureinnahmen.

➡️ https://www.tagesschau.de/wirtschaft/unternehmen/tesla-kilometerzaehler-manipulation-100.html?at_medium=mastodon&at_campaign=tagesschau.de

#Tesla #Kilometerzähler #Sammelklage #Manipulation

A remote code execution vulnerability affecting SonicWall Secure Mobile Access (SMA) appliances has been under active exploitation since at least January 2025, according to cybersecurity company Arctic Wolf.

https://www.bleepingcomputer.com/news/security/sonicwall-sma-vpn-devices-targeted-in-attacks-since-january/

Researchers at Cleafy described a payment card scam operation that reels in people with texts, then gets them to install malware that abuses their Android device's NFC capabilities.

https://therecord.media/new-payment-card-scam-involves-malware-tap

A U.K. law firm specializing in crime, family fraud, sexual offenses and other sensitive matters has been fined after a hack that led to a data leak on the dark web — something the company only learned about after authorities contacted it.

https://therecord.media/uk-law-firm-fined-ico-ransomware-sensitive-data-breached

Live video of CISA’s budget

The digital forensics company known as Meiya Pico won a contract in mid-2023 to build two labs at the Tibet Police College: one on offensive and defensive cyber techniques and the other on electronic evidence collection and analysis.

https://therecord.media/chinese-firm-tied-to-uyghur-abuses-training-police-hacking-tibet

🚀 New on #TheFutureIsFederated 👩‍🚀

"This is what resistance to the digital coup looks like"

https://news.elenarossini.com/this-is-what-resistance-to-the-digital-coup-looks-like/

mentioning @jaredwhite @anildash @ghost @caseynewton @molly0xfff @404mediaco @Daojoan @theindex @dangillmor @ryanbroderick @micahflee @melaniebartos @kleisli

I'd love to hear what you think about #AdoptAWriter ✨

#tech #Fediverse #activism #BigTech #SocialMedia #FOSS #FLOSS #blog #resistance #SaveSocial