Author: user

When inviting guest users to your Entra ID tenant, you can open yourself up to amazing risk. The access control gap in Microsoft Entra subscription handling allows guest users to create and transfer subscriptions to invited tenants, allowing them to maintain full ownership of them. All guest users’ needs are permission to create subscriptions in their home tenants and invitations to external tenants as guest users. Once inside, guest users can create subscriptions in their home tenants, transfer them to external tenants, and retain full ownership. This stealth privilege escalation tactic allows guest users to gain privileged footing in environments…

Conservation is essential to protecting global helium supply, supporting key sectors such as healthcare, semiconductor manufacturing, and scientific research. Helium, a finite resource derived primarily from natural gas, escapes into space once it is released. Approximately 30% of the global helium supply is wasted with non-essential use, exacerbating shortages. By implementing regeneration systems and adopting government policies that promote sustainability, industries can mitigate waste and save this valuable element. The Innovation News Network explores further steps needed to secure helium for the future. Why is helium more than just a party balloon? Helium is often associated with party balloons, but…

Patient: 31-year-old man from LouisianaSymptoms: When the patient arrived at the hospital, he was bleeding from his mouth, with severe neck pain and stiffness. When he looked into the man, he noticed that his doctor had shed tears behind his throat on his right side.What happened next: A sports fisherman was brought to the hospital by boat and helicopter after an accident during a marine fishing trip. He caught a white merlin (Kajikia albida), a kind of large fish with a long pointy “bill” weighing about 60 pounds (27 kilograms). This species can grow up to 180 pounds (82 kg).…

In a groundbreaking effort to explore how environmental toxins affect fertility, researchers at Wayne State University are receiving federal funding to investigate the impact of PFA on male reproductive health. With increasing evidence that preconceived father health and environmental exposures can directly affect the well-being of future generations, this study shows a major shift in the way scientists understand reproductive responsibility. Supported by a new two-year, $95,178 grant from the National Institutes of Health (NIH), the study aims to uncover the molecular mechanisms by which PFA impairs sperm health and fertility, providing important insights into frequently visible aspects of reproductive…

The Dispec Project integrates science, AI, and open data for operational resilience and scientific excellence. The ionosphere, an ionized component of the upper atmosphere extending from 90-1000 km of the Earth, plays an important role in modern infrastructure. It affects everything from aviation and navigation to wireless communications and emergency services. The Dispec Project is working towards an understanding of how to monitor and understand this important part of our atmosphere. This is important as improved forecasting and long-term surveillance leads to more resilient communication, improved GPS accuracy, and stronger preparation for space weather disruptions. Working with doctoral students and…

Those who don’t bring Vital Health Checks forward will be offered a home test for cervical cancer as part of their upcoming British 10-year health plan. The groundbreaking initiative aims to revolutionize cervical cancer prevention rates by addressing deeply rooted barriers that keep some women away from potentially life-saving screenings, such as discomfort, embarrassment, cultural sensitivity and the struggle to find time for medical appointments. Women who rarely or have never attended a neck screen will be provided with a self-sample kit for completion at home. It will then be sent in a modest package and returned via prepaid email…

June 25th, 2025Ravi LakshmananVPN Security/Malware An unknown threat actor distributed a troilerized version of the SSL VPN Netextender application on SonicWall and stole credentials from unsuspecting users who may have installed it. “NetExtender allows remote users to securely connect and run applications on their company network,” said Sravan Ganachari, a researcher at SonicWall. “Users can upload and download files, access network drives, and use other resources as if they were on a local network.” The malicious payload delivered via the Rogue VPN software was called Silentroute by Microsoft and along with the network security company detected the campaign. Sonicwall has…

How bicycle friendly is your city? Check out PeopleBikes’ latest city ratings. According to an article by Kea Wilson of Streetsblog USA, the report gives the Borough of Brooklyn, New York the top spot across the country with 73 points. “Last year’s top-ranked Minneapolis ranked second with 72 points, with Seattle (66), Queens’ newly ranked boroughs (63) and San Francisco (63) in fourth, while St. Paul (62) rounded out the top five.” Davis, California, maintains its reputation as the most bikeable midsize city. In 2019, only 33 US cities ranked over 50. For example, the small city in Haley, Idaho…

The UK automotive industry has unveiled an ambitious 10-point plan designed to reestablish the country as one of the world’s top 15 vehicle manufacturing hubs by 2030. The plan was developed in response to the recently launched industrial strategy by the government and outlines how targeted reforms and investments for the UK economy will generate £500 billion over the next decade. This new commitment is in parallel with the release of a new report by the Association of Auto Manufacturers and Traders (SMMT), entitled “Competitiveness: Promoting Long-Term UK Auto Growth.” This document highlights the potential and ongoing challenges of the…

June 25th, 2025Ravi LakshmananMalware/Open Source Cybersecurity researchers have discovered fresh batches of malicious NPM packages linked to an ongoing infectious interview operation that emerged from North Korea. According to Socket, the ongoing supply chain attacks include 35 malicious packages uploaded from 24 npm accounts. These packages have been downloaded collectively over 4,000 times. The complete list of JavaScript libraries can be found below – React-Plaid-sdk sumsub-node-websdk vite-plugin-next-refresh-plugin-purify nextjs-insight-insight-svgn-svgn node-loggers react-logs reactbootstrap test-topdev-logger-v1 test-topdev-logger-v3 server-log-engine logbin-nodejs vite-loader-svg struct-logger flexible – Logan beautiful plugin choke configuration Jsonpacks router pulse Of these, six continue to be available for download from NPM: React-Plaid-SDK, SumSub-Node-WebsDK,…