WinRAR Under Siege: Nation-State Hackers and Cybercriminals Exploit Critical Flaw at Global Scale
Introduction: A Familiar Tool Becomes a Silent Weapon WinRAR, one of the most widely used file archiving tools in the world, has unexpectedly become the center of a high-impact cyber espionage and…
Introduction: A Familiar Tool Becomes a Silent Weapon WinRAR, one of the most widely used file archiving tools in the world, has unexpectedly become the center of a high-impact cyber espionage and…
WinRAR Under Siege: Nation-State Hackers and Cybercriminals Exploit Critical Flaw at Global Scale
Introduction: A Familiar Tool Becomes a Silent Weapon WinRAR, one of the most widely used file archiving tools in the world, has unexpectedly become the center of a high-impact cyber espionage and cybercrime campaign. Google has confirmed that multiple advanced threat actors — ranging from state-sponsored groups to profit-driven cybercriminals — are actively exploiting a critical vulnerability in WinRAR to gain initial access to targeted systems.
undercodenews.com
January 28, 2026 at 10:12 AM
WinRAR Under Siege: Nation-State Hackers and Cybercriminals Exploit Critical Flaw at Global Scale
Introduction: A Familiar Tool Becomes a Silent Weapon WinRAR, one of the most widely used file archiving tools in the world, has unexpectedly become the center of a high-impact cyber espionage and…
Introduction: A Familiar Tool Becomes a Silent Weapon WinRAR, one of the most widely used file archiving tools in the world, has unexpectedly become the center of a high-impact cyber espionage and…
like finding a coin with a rare flaw, not exactly
January 28, 2026 at 9:59 AM
like finding a coin with a rare flaw, not exactly
Sadly you have just identified the basic flaw in the entire US Judicial system.
January 28, 2026 at 9:55 AM
Sadly you have just identified the basic flaw in the entire US Judicial system.
Squid flyby. 1 of the watch leads said a fundamental flaw with squid is they can't swim forward. Incorrect. They can swim forward. @schmidtocean.bsky.social dive 896 #livingbioreactors #MarineLife
January 28, 2026 at 9:52 AM
Squid flyby. 1 of the watch leads said a fundamental flaw with squid is they can't swim forward. Incorrect. They can swim forward. @schmidtocean.bsky.social dive 896 #livingbioreactors #MarineLife
⚙️ Technical impact:
A buffer boundary flaw in third-party UPnP parsing code allows out-of-bounds memory access.
Exploitation may result in crashes, memory corruption, or undefined behavior in affected engines.
#MemorySafety #BufferOverflow #Infosec 🚨
A buffer boundary flaw in third-party UPnP parsing code allows out-of-bounds memory access.
Exploitation may result in crashes, memory corruption, or undefined behavior in affected engines.
#MemorySafety #BufferOverflow #Infosec 🚨
January 28, 2026 at 9:48 AM
⚙️ Technical impact:
A buffer boundary flaw in third-party UPnP parsing code allows out-of-bounds memory access.
Exploitation may result in crashes, memory corruption, or undefined behavior in affected engines.
#MemorySafety #BufferOverflow #Infosec 🚨
A buffer boundary flaw in third-party UPnP parsing code allows out-of-bounds memory access.
Exploitation may result in crashes, memory corruption, or undefined behavior in affected engines.
#MemorySafety #BufferOverflow #Infosec 🚨
🚨 Critical memory corruption flaw disclosed: CVE-2026-24798 affects Gaijin Entertainment’s DagorEngine and can lead to crashes or potential code execution due to improper memory buffer restrictions.
Full report:
basefortify.eu/cve_reports/...
#CVE #DagorEngine #GameSecurity 🎮
Full report:
basefortify.eu/cve_reports/...
#CVE #DagorEngine #GameSecurity 🎮
January 28, 2026 at 9:48 AM
🚨 Critical memory corruption flaw disclosed: CVE-2026-24798 affects Gaijin Entertainment’s DagorEngine and can lead to crashes or potential code execution due to improper memory buffer restrictions.
Full report:
basefortify.eu/cve_reports/...
#CVE #DagorEngine #GameSecurity 🎮
Full report:
basefortify.eu/cve_reports/...
#CVE #DagorEngine #GameSecurity 🎮
Would you say that a speech one of whose main points was misleading was brilliant ? I agree with Martin Wolf @financialtimes.com that Mark Carney’s comparison of Communism and the rules based system was misleading (“The reality of a world after rupture”). That seems a pretty major flaw in the speech
January 28, 2026 at 9:41 AM
Would you say that a speech one of whose main points was misleading was brilliant ? I agree with Martin Wolf @financialtimes.com that Mark Carney’s comparison of Communism and the rules based system was misleading (“The reality of a world after rupture”). That seems a pretty major flaw in the speech
The Client-Side Con: How a Single Parameter Like ‘needValidSession’ Can Breach Your Web Application + Video
Introduction: In the relentless hunt for web application vulnerabilities, a recent bug bounty disclosure highlights a critical yet often overlooked flaw: misplaced trust in client-side…
Introduction: In the relentless hunt for web application vulnerabilities, a recent bug bounty disclosure highlights a critical yet often overlooked flaw: misplaced trust in client-side…
The Client-Side Con: How a Single Parameter Like ‘needValidSession’ Can Breach Your Web Application + Video
Introduction: In the relentless hunt for web application vulnerabilities, a recent bug bounty disclosure highlights a critical yet often overlooked flaw: misplaced trust in client-side access controls. A security researcher successfully identified a system where a parameter, aptly named needValidSession, was used to gatekeep sensitive functionality, but this check was performed only in the client-side JavaScript. This article deconstructs this vulnerability, demonstrating how attackers can bypass such controls and emphasizing the non-negotiable principle of server-side enforcement.
undercodetesting.com
January 28, 2026 at 9:41 AM
The Client-Side Con: How a Single Parameter Like ‘needValidSession’ Can Breach Your Web Application + Video
Introduction: In the relentless hunt for web application vulnerabilities, a recent bug bounty disclosure highlights a critical yet often overlooked flaw: misplaced trust in client-side…
Introduction: In the relentless hunt for web application vulnerabilities, a recent bug bounty disclosure highlights a critical yet often overlooked flaw: misplaced trust in client-side…
Which shows the flaw in the argument in that piece: in the current HE environment, if everyone over 60 or even 55 retired, universities wd replace none of them so it wouldn’t open any jobs up for young folk anyway.
(I am still young, by the way! It’s just my body that’s a little older than it was)
(I am still young, by the way! It’s just my body that’s a little older than it was)
January 28, 2026 at 9:39 AM
Which shows the flaw in the argument in that piece: in the current HE environment, if everyone over 60 or even 55 retired, universities wd replace none of them so it wouldn’t open any jobs up for young folk anyway.
(I am still young, by the way! It’s just my body that’s a little older than it was)
(I am still young, by the way! It’s just my body that’s a little older than it was)
Put effort into the actual crimes, you lazy bastards.
Fuck, women can go to prison if they get raped because of some stupid flaw in the judicial process and how it’s defined.
Like, no, fuck you. It’s not in their control. Punish pimps, not sex workers. You gonna go after cam models, too?
Fuck, women can go to prison if they get raped because of some stupid flaw in the judicial process and how it’s defined.
Like, no, fuck you. It’s not in their control. Punish pimps, not sex workers. You gonna go after cam models, too?
January 28, 2026 at 9:38 AM
Put effort into the actual crimes, you lazy bastards.
Fuck, women can go to prison if they get raped because of some stupid flaw in the judicial process and how it’s defined.
Like, no, fuck you. It’s not in their control. Punish pimps, not sex workers. You gonna go after cam models, too?
Fuck, women can go to prison if they get raped because of some stupid flaw in the judicial process and how it’s defined.
Like, no, fuck you. It’s not in their control. Punish pimps, not sex workers. You gonna go after cam models, too?
4-lane MMR bridge near Mumbai suddenly narrows to 2; MMRDA denies design flaw
https://timesofindia.indiatimes.com/city/mumbai/invitation-to-crashes-4-lane-mmr-bridge-near-mumbai-suddenly-narrows-to-2-mmrda-denies-design-flaw/articleshow/127663940.cms
https://timesofindia.indiatimes.com/city/mumbai/invitation-to-crashes-4-lane-mmr-bridge-near-mumbai-suddenly-narrows-to-2-mmrda-denies-design-flaw/articleshow/127663940.cms
January 28, 2026 at 9:23 AM
4-lane MMR bridge near Mumbai suddenly narrows to 2; MMRDA denies design flaw
https://timesofindia.indiatimes.com/city/mumbai/invitation-to-crashes-4-lane-mmr-bridge-near-mumbai-suddenly-narrows-to-2-mmrda-denies-design-flaw/articleshow/127663940.cms
https://timesofindia.indiatimes.com/city/mumbai/invitation-to-crashes-4-lane-mmr-bridge-near-mumbai-suddenly-narrows-to-2-mmrda-denies-design-flaw/articleshow/127663940.cms
Telnet flaw: 800,000 servers at risk amid active attacks. Sectors with lots of legacy/embedded tech (operational technology, ICS/SCADA) are among those most at risk, experts warn. www.databreachtoday.com/telnet-flaw-...
Telnet Flaw: 800,000 Servers at Risk Amid Active Attacks
Hackers are on the hunt for open telnet ports in servers after discovering that a version of the legacy client-server application protocol is vulnerable to an
www.databreachtoday.com
January 28, 2026 at 9:18 AM
Telnet flaw: 800,000 servers at risk amid active attacks. Sectors with lots of legacy/embedded tech (operational technology, ICS/SCADA) are among those most at risk, experts warn. www.databreachtoday.com/telnet-flaw-...
there is one flaw in your take, and that is that its 10am in europe so we all get to see it
January 28, 2026 at 9:11 AM
there is one flaw in your take, and that is that its 10am in europe so we all get to see it
Critical sandbox escape flaw found in popular #vm2 #nodejs library
https://www.bleepingcomputer.com/news/security/critical-sandbox-escape-flaw-discovered-in-popular-vm2-nodejs-library/
#cybersecurity
https://www.bleepingcomputer.com/news/security/critical-sandbox-escape-flaw-discovered-in-popular-vm2-nodejs-library/
#cybersecurity
Critical sandbox escape flaw discovered in popular vm2 NodeJS library
A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.
www.bleepingcomputer.com
January 28, 2026 at 9:00 AM
Critical sandbox escape flaw found in popular #vm2 #nodejs library
https://www.bleepingcomputer.com/news/security/critical-sandbox-escape-flaw-discovered-in-popular-vm2-nodejs-library/
#cybersecurity
https://www.bleepingcomputer.com/news/security/critical-sandbox-escape-flaw-discovered-in-popular-vm2-nodejs-library/
#cybersecurity
You don't get to be on the right side or the wrong side. You're always going to be right and you're always going to be wrong.
Being wrong isn't a character flaw. Embrace being wrong as normal and help one another be wrong less.
Punishing an error only incentivizes never admitting error.
Being wrong isn't a character flaw. Embrace being wrong as normal and help one another be wrong less.
Punishing an error only incentivizes never admitting error.
January 28, 2026 at 8:57 AM
You don't get to be on the right side or the wrong side. You're always going to be right and you're always going to be wrong.
Being wrong isn't a character flaw. Embrace being wrong as normal and help one another be wrong less.
Punishing an error only incentivizes never admitting error.
Being wrong isn't a character flaw. Embrace being wrong as normal and help one another be wrong less.
Punishing an error only incentivizes never admitting error.
WinRAR path traversal flaw still exploited by numerous hackers www.bleepingcomputer.com/news/securit...
WinRAR path traversal flaw still exploited by numerous hackers
Multiple threat actors, both state-sponsored and financially motivated, are exploiting the CVE-2025-8088 high-severity vulnerability in WinRAR for initial access and to deliver various malicious paylo...
www.bleepingcomputer.com
January 28, 2026 at 8:32 AM
WinRAR path traversal flaw still exploited by numerous hackers www.bleepingcomputer.com/news/securit...
“Here is the Starmer tragedy, a good and clever man not made for politics or leadership. His lack of arrogance and his earnest endeavour is what his admirers like, but lack of political instinct and firmness of direction is a fatal flaw.”
[email protected]
[email protected]
@pollytoynbee.bsky.social lists the MANY reasons why PM Keir Starmer keeping Manchester Mayor AndyBurnham from running for an MP seat in order to challenge him was a politically dumb, self-harming move. For a smart guy, Keir is so ham-handed politically.
www.theguardian.com/commentisfre...
www.theguardian.com/commentisfre...
Here’s the lesson of the Andy Burnham saga: Labour needs a new leader – fast | Polly Toynbee
Keir Starmer’s dismal decision to block the Greater Manchester mayor has bought him time, but it won’t change his fate, says Guardian columnist Polly Toynbee
www.theguardian.com
January 28, 2026 at 8:25 AM
“Here is the Starmer tragedy, a good and clever man not made for politics or leadership. His lack of arrogance and his earnest endeavour is what his admirers like, but lack of political instinct and firmness of direction is a fatal flaw.”
[email protected]
[email protected]
Rafael Behr has an insightful profile of Starmer, the politician whose fatal flaw is disdain for politics. When his inevitable fall comes, he’ll go quietly, I think - to avoid a fuss.
From the Burnham row to the China visit, avoiding hard choices is the Starmer doctrine | Rafael Behr
Whether at home or abroad, the pattern of ducking difficult arguments and calling it pragmatism is the same, says Guardian columnist Rafael Behr
www.theguardian.com
January 28, 2026 at 8:16 AM
Rafael Behr has an insightful profile of Starmer, the politician whose fatal flaw is disdain for politics. When his inevitable fall comes, he’ll go quietly, I think - to avoid a fuss.
So the play assistant for DWIS I've been working on for forever might be almost ready to share.
January 28, 2026 at 8:03 AM
So the play assistant for DWIS I've been working on for forever might be almost ready to share.
Their only flaw is that they don’t have a single vegetable in them. These with some pico de gallo would be elite
January 28, 2026 at 7:58 AM
Their only flaw is that they don’t have a single vegetable in them. These with some pico de gallo would be elite
The flaw is a security feature bypass that allows attackers to evade OLE protections by tricking users into opening a specially crafted Office file. The Preview Pane is not affected.
Source: thehackernews.com/2026/01/micr...
Source: thehackernews.com/2026/01/micr...
January 28, 2026 at 7:50 AM
The flaw is a security feature bypass that allows attackers to evade OLE protections by tricking users into opening a specially crafted Office file. The Preview Pane is not affected.
Source: thehackernews.com/2026/01/micr...
Source: thehackernews.com/2026/01/micr...
We in Europe need to have alternatives, US tech firms are not our friends!
They already weaponize US social media, throttling topics and politics who they deem hostile.
Microsoft Gave FBI Keys To Unlock Encrypted Data Exposing Major Privacy Flaw
www.youtube.com/watch?v=lJH9...
They already weaponize US social media, throttling topics and politics who they deem hostile.
Microsoft Gave FBI Keys To Unlock Encrypted Data Exposing Major Privacy Flaw
www.youtube.com/watch?v=lJH9...
Microsoft Gave FBI Keys To Unlock Encrypted Data Exposing Major Privacy Flaw
YouTube video by Forbes
www.youtube.com
January 28, 2026 at 7:25 AM
We in Europe need to have alternatives, US tech firms are not our friends!
They already weaponize US social media, throttling topics and politics who they deem hostile.
Microsoft Gave FBI Keys To Unlock Encrypted Data Exposing Major Privacy Flaw
www.youtube.com/watch?v=lJH9...
They already weaponize US social media, throttling topics and politics who they deem hostile.
Microsoft Gave FBI Keys To Unlock Encrypted Data Exposing Major Privacy Flaw
www.youtube.com/watch?v=lJH9...
At the end of the day they had the fatal flaw of thinking too much of themselves they spent on how long stealing everybody else's technology and then suddenly they're the greatest thing in the world they're like academics but three times worse.
January 28, 2026 at 7:21 AM
At the end of the day they had the fatal flaw of thinking too much of themselves they spent on how long stealing everybody else's technology and then suddenly they're the greatest thing in the world they're like academics but three times worse.
NVIDIA “Vera” CPUs Contain PCIe Hardware Compatibility Flaw Impacting non-NVIDIA GPUs
NVIDIA recently released its “Vera” CPUs as standalone SoCs available to...
🔗 https://www.madshrimps.be/news/nvidia-vera-cpus-contain-pcie-hardware-compatibility-flaw-impacting-non-nvidia-gpus/
NVIDIA recently released its “Vera” CPUs as standalone SoCs available to...
🔗 https://www.madshrimps.be/news/nvidia-vera-cpus-contain-pcie-hardware-compatibility-flaw-impacting-non-nvidia-gpus/
January 28, 2026 at 7:18 AM
NVIDIA “Vera” CPUs Contain PCIe Hardware Compatibility Flaw Impacting non-NVIDIA GPUs
NVIDIA recently released its “Vera” CPUs as standalone SoCs available to...
🔗 https://www.madshrimps.be/news/nvidia-vera-cpus-contain-pcie-hardware-compatibility-flaw-impacting-non-nvidia-gpus/
NVIDIA recently released its “Vera” CPUs as standalone SoCs available to...
🔗 https://www.madshrimps.be/news/nvidia-vera-cpus-contain-pcie-hardware-compatibility-flaw-impacting-non-nvidia-gpus/