Recently I opened up Microsoft Teams and was greeted with a deepfaked version of my own face. Here's how we got the Chinese-language software being marketed to scammers, and which can be used on WhatsApp, Zoom, other platforms. This is where fraud is right now

More: https://www.404media.co/hello-boss-inside-the-chinese-realtime-deepfake-software-powering-scams-around-the-world/

heads up if you have a yarbo lawnmower, switch it off, change your home wifi password, and potentially move house

(root access with the same root password on every mower - reset to the same thing after every update even if you change it, your wi-fi credentials + gps in plaintext. also for some reason all the safety features designed to stop them hitting people can be overridden remotely)

https://www.theverge.com/tech/925696/yarbo-robot-lawn-mower-hack-remote-control-camera-access-mqtt

“the browser moves the passwords into memory in cleartext as soon as it opens, despite requiring authentication to view passwords. Edge exhibits this behavior with all passwords, even those that are never used during a session.”

“Furthermore, passwords remain visible in RAM if a user logs into another account on the same device without closing Edge.”

#Microsoft https://www.techspot.com/news/112310-microsoft-edge-stores-all-saved-passwords-unencrypted-memory.html

Imagine being a scientist, and being told that your mere presence in a facility would alter the crystals being grown, that no joke you cannot step foot inside:

Scientists who had been exposed to Form II in the past seemingly contaminated entire manufacturing plants by their presence, probably because they carried over microscopic seed crystals of the new polymorph

Fact, not fiction!

In materials science, a disappearing polymorph is a form of a crystal structure (a morph) that is suddenly unable to be produced, instead transforming into a different crystal structure with the same chemical composition (a polymorph) during nucleation

and points for being airborne!

In a few cases, such as progesterone and paroxetine hydrochloride, the disappearance gradually spread across the world, and it is suspected that it is because Earth's atmosphere has over time become permeated with tiny seed crystals

https://en.wikipedia.org/wiki/Disappearing_polymorph

#science #TIL #crystals

> The trick is in the subject line, not the email
>
> When most people think "phishing email," they picture sketchy senders, broken English, and links to weird domains. This scam is the opposite. The email passes every authenticity check — SPF, DKIM, DMARC, all green. It comes from PayPal's actual mail servers. The fonts are right. The footer is right. The unsubscribe link works. If you forwarded it to a security expert and asked "is this really from PayPal?" they'd have to say yes.
>
> So how is it a scam?
>
> Scammers have figured out that PayPal lets anyone send small amounts of money to anyone else, and that PayPal will dutifully email the recipient a notification. The scammer sends you a payout of, say, one Hungarian forint — about a quarter of a cent. PayPal's system then automatically generates and sends you a real, legitimate, fully-authenticated email confirming the transaction.
>
> Here's the catch: the email's subject line is whatever the scammer typed when they set up the payout. PayPal doesn't sanitize it. So they write something terrifying like "Pending charge of USD 987.90 — call this number with questions" and PayPal's servers cheerfully deliver that subject line straight to your inbox, wrapped in a perfectly legitimate-looking notification.
>
> The actual transaction in the email body is for 1 forint. There is no $987.90 charge. There never was. But by the time most people read carefully enough to notice that, they've already dialed the number.

https://www.tedcromwell.com/blog/that-pending-paypal-charge-email-is-a-scam-even-though-it-really-came-from-paypa

Microsoft Edge loads all your saved passwords into memory in cleartext — even when you’re not using them; Microsoft will not fix, says the behavior is "by design"

https://mander.xyz/post/51532642