HackRead: New PyStoreRAT Malware Targets OSINT Researchers Through GitHub. “These convincing projects/repositories were so well-made that several quickly climbed high on GitHub’s trending lists. Only after gaining this traction and trust did the criminals introduce subtle code updates, disguised as simple ‘maintenance, to plant the PyStoreRAT backdoor.”

https://rbfirehose.com/2025/12/14/hackread-new-pystorerat-malware-targets-osint-researchers-through-github/

A thought I have a lot, lately, after decades of software engineering:

"Hmmmmm, the ostensible value of that thing is so little its not worth adding an attack/DoS vector to my workflows or toolbox. I'll pass!"

#security
#DoS
#vulnerabilities
#attacksurface
#threatmodel
#TrojanHorses

@GrapheneOS is one of the very few (maybe the only!) platforms that do provide excellent default protection against megacorp #espionage and even state actors like #trojanhorses and border espionage by rogue states like #USA, #China, #Russia, ...

One of the few systems that isn't hackable by #Palantir and other bad actors.

If you do want protection, do yourself a favor and switch to #GrapheneOS using a (cheap/used/older) #Pixel phone. Recommended: Pixel 8 or newer.

Setup (flashing) is basically connecting your phone via a proper USB-C cable to another Android device and pressing a few buttons in the web browser: https://www.youtube.com/watch?v=L1KZWjZVnAw + https://grapheneos.org/install/web 👍

Please do setup a monthly bank transfer of just a few bucks if you want to fund their effort: https://grapheneos.org/donate (they really do have many donating options!)

They're currently porting #Android16 which should be available soon.

#Android #security #privacy #smartphone #Staatstrojaner #Bundestrojaner #PIM

I am not certain if I shared this, but #SmartTV are almost #TrojanHorses in your home

You have to air gap them, or use something like pie hole in order to be safe from these devices phoning home without your consent. The data harvesting in Smart tv's is so ridiculous, that the FCC is getting involved

#InfoSec #programming #ClosedSource #PieHole #OpenSource #POSIX

https://arstechnica.com/gadgets/2024/10/streaming-industry-has-unprecedented-surveillance-manipulation-capabilities/