🚨 Apple on Monday backported fixes for a recently patched security flaw that has been actively exploited in the wild. The vulnerability in question is CVE-2025-43300 (CVSS score: 8.8), an out-of-bounds write issue in the ImageIO component that could result in memory corruption when processing a malicious image file.

🚨 Microsoft Corp. today issued security updates to fix more than 80 vulnerabilities in its Windows operating systems and software. There are no known "zero-day" or actively exploited vulnerabilities in this month's bundle from Redmond, which nevertheless includes patches for 13 flaws that earned Microsoft's most-dire "critical" label. Meanwhile, both Apple and Google recently released updates to fix zero-day bugs in their devices.

🤔 The more I use LLMs and the more I think about their potential, the more I am convinced that most countries currently behind in terms of development and with a controlled corruption will be able to advance themselves forward at warp speed. Many fear LLMs, in my opinion, mainly the ones with the most to loose, to loose control over people, to loose resources and profits. Hopefully exciting times ahead

#APERTUS An open source, multilingual AI model called "Apertus" that aims to challenge the dominance of proprietary systems like ChatGPT while prioritizing transparency, accessibility, and ethical AI practices. Considering Switzerland latest developments related to their dead neutrality and their slowly but surely move towards EU Orwellian ideology... (See Proton current position and their consideration to move to another jurisdiction), I will be cautious, yet, interesting. Using AI? Support Open Source, avoid using closer sourced products. #AI #LLM

@Vitor Pamplona, maybe Amethyst own repository for F-Droid solves the F-Droid non sense... Others have done as Samorai Wallet used to and nowadays Session does as well... If people uses F-Droid they are savvy enough to add your repo.

🚨 Linux Malware Delivered via Malicious RAR Filenames Evades Antivirus Detection Cybersecurity researchers have shed light on a novel attack chain that employs phishing emails to deliver an open-source backdoor called VShell. The "Linux-specific malware infection chain that starts with a spam email with a malicious RAR archive file," Trellix researcher Sagar Bade said in a technical write-up. "The payload isn't hidden inside the file content or a macro, it's encoded directly.

🚨

It's FOSS

Security Researchers Find XZ Utils Backdoored Debian Images on Docker Hub

Investigation reveals concerning findings.

Open source is the way