Author: user
On a clear winter night, the sky looks like a starry blanket, but it’s not a blanket, it’s a map. Constellations are signposts to the stars, simple stick figures that turn randomly scattered points of light into things you can recognize, remember, and navigate. Just learn a few things and the whole winter sky will start to fall into place.December is the perfect time to start stargazing in the Northern Hemisphere. Yes, it’s cold, but the nights are long so you can leave early and spend hours in the dark. On the other hand, the northern winter sky is full…
December 26, 2025Ravi LakshmananAI Security / DevSecOps A critical security flaw has been revealed in LangChain Core. It can also be exploited by an attacker to steal sensitive secrets and influence large-scale language model (LLM) responses through prompt injection. LangChain Core (i.e. langchain-core) is a core Python package that is part of the LangChain ecosystem and provides core interfaces and model-agnostic abstractions for building LLM-powered applications. This vulnerability is tracked as CVE-2025-68664 and has a CVSS score of 9.3 out of 10.0. Security researcher Yarden Porat reportedly reported the vulnerability on December 4, 2025. The code name is LangGrinch. “A…
Researchers have photographed a rare cat in Thailand that has not been seen in the country for about 30 years. And it’s so adorable.The flathead cat (Prionailurus planiceps), named for its flat forehead, is scattered across Brunei, Indonesia and Malaysia, but was feared to be extinct in Thailand.Researchers rediscovered the cat in Thailand’s Princess Sirindhorn Wildlife Sanctuary in 2024 and 2025 using remote camera traps. This is the first discovery in Thailand since 1995. Cat conservation group Panthera announced the rediscovery on Friday (December 26), which also happens to be Thailand’s annual Wildlife Conservation Day. you may like “For decades,…
Dec 25, 2025Ravie LakshmananCybersecurity / Hacking News It’s getting harder to tell where normal tech ends and malicious intent begins. Attackers are no longer just breaking in — they’re blending in, hijacking everyday tools, trusted apps, and even AI assistants. What used to feel like clear-cut “hacker stories” now looks more like a mirror of the systems we all use. This week’s findings show a pattern: precision, patience, and persuasion. The newest campaigns don’t shout for attention — they whisper through familiar interfaces, fake updates, and polished code. The danger isn’t just in what’s being exploited, but in how ordinary…
December 25, 2025Ravi LakshmananData breach/financial crime Encrypted vault backups stolen in the 2022 LastPass data breach allowed attackers to exploit weak master passwords to crack passwords and exfiltrate cryptocurrency assets, according to new research from TRM Labs. The blockchain intelligence firm said there is evidence that Russian cybercriminals are involved in this activity, and that one of the Russian exchanges received LastPass-related funds as recently as October. It added that the assessment was “based on the totality of on-chain evidence, including repeated interactions with Russia-related infrastructure, continuity of control across pre- and post-mixing activities, and consistent use of high-risk Russian…
December 25, 2025Ravi LakshmananVulnerabilities / Enterprise Security Fortinet announced Wednesday that it has seen “recent exploitation” of a five-year-old security flaw in FortiOS SSL VPN under certain configurations. The vulnerability in question, CVE-2020-12812 (CVSS score: 5.2), is an improper authentication vulnerability in SSL VPN in FortiOS that could allow a user to successfully log in without being prompted for a second factor of authentication if the case of the username is changed. “This occurs when two-factor authentication is enabled in the ‘User Local’ settings and the user authentication type is set to a remote authentication method (such as LDAP). This…
December 25, 2025Ravi LakshmananVulnerabilities / Endpoint Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw affecting the Digiever DS-2105 Pro network video recorder (NVR) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. This vulnerability is tracked as CVE-2023-52163 (CVSS score: 8.8) and is related to a command injection case that allows remote code execution after authentication. “Digiever DS-2105 Pro has an insufficient authentication vulnerability that could allow command injection via time_tzsetup.cgi,” CISA said. The addition of CVE-2023-52163 to the KEV catalog comes amid multiple reports from Akamai and Fortinet regarding the…
There was a time when most Americans had little or no knowledge about their local data centers. Server farms, long the invisible but vital backbone of the Internet, have rarely captured the attention of those outside the technology industry, not to mention that they are an issue with particularly fascinating political resonance. As of 2025, it looks like that era is officially over. Over the past 12 months, data centers have sparked protests in dozens of states as local activists seek to counter America’s ever-increasing computing expansion. Data Center Watch, an organization that tracks anti-data center activity, writes that 142…
At the annual Slush conference held in Helsinki last month, it was impossible to ignore the excitement in Europe’s startup market. However, actual data on the current state of the region’s venture market shows a different reality. Result: European markets have yet to recover from the global venture capital reset that occurred in 2022 and 2023. However, there is evidence that the European market is on the mend, including the recent exit of Klarna and the region’s homegrown AI startups that are attracting attention from local investors and beyond. Investors poured 43.7 billion euros ($52.3 billion) into European startups in…
From a distance, it might have looked like a small child was wending her way through the waving grass along a vast lake. But a closer look would have revealed a strange, in-between creature — a big-eyed imp with a small head and an apelike face who walked upright like a human.She may have looked warily over her shoulder as she walked, on alert for saber-toothed cats or hyenas. She may have used her strong arms to climb the shrubby trees nearby, searching for fruit, eggs, or insects to eat. Or perhaps she simply rested on the shores of the…