The Death of Windows 10 Could Net You a Bunch of Free Linux PCs https://www.howtogeek.com/the-death-of-windows-10-could-net-you-a-bunch-of-free-linux-pcs/

The laptop I am writing from is a beast that boots Arch Linux in less than 7 seconds and was discarded by a large corporation for who knows what reason. Anyway, some people's trash, others' treasure!

#linux #circulareconomy

There was a time during my lifetime where the president wearing a blue suit to the Pope’s funeral would have been the biggest scandal of the year.

Ah, simpler times.

A look at one of the most pressing problems of 2023: the lament that "the left" wouldn't be friends with "the right," over "political views."

Defining these terms and dealing with a strange spectacle: the world's most unfriendly people, demanding friendliness.

https://www.the-reframe.com/if-you-want-to-be-friends-then-why/

It’s a bit of weird request, but do you know any artists whose art reminds you of mine?

I have trouble finding people who do similar things. If they are on Mastodon it’s even better!  I want to follow them!

Boost appreciated! 🔁

#MastoArt #Art

I know people like to make fun of niche operating systems, but for the five years I was at Microsoft I used Windows (10 then 11) as my daily driver. It’s much less stable than a professional OS, but it does kind-of work. I wouldn’t say it’s ready for the desktop. The UI is inconsistent and changes randomly between releases, a load of common software is basically useable only in a VM, it lags and freezes periodically (unlike an OS designed for interactive use, random drivers run a load of things directly in interrupt handlers, so you get latency spikes that you wouldn’t see in a more mainstream desktop OS) and the update process can hose the system, so it’s mostly of interest to people who like tinkering with their machines than people who actually want to get work done. Oh and a load of random bits of the OS have ads, but that’s what you get from a free ad-supported system instead of one developed by an active open-source community.

I don’t think I’d recommend anyone use it as their daily driver or in a work setting, but it’s not totally unusable. It’s not at the level of maturity than you’d expect from, say, Linux or FreeBSD, especially not for client workloads. If you do have to use it, I recommend that you install FreeBSD in a Hyper-V VM for real work. That’s what I did and it works quite well.

🚨 SAP NetWeaver Zero-Day Under Active Exploitation — Patch Immediately

SAP has released an out-of-band emergency update to fix a critical zero-day vulnerability (CVE-2025-31324) in NetWeaver Visual Composer — and it’s already being exploited in the wild.

The flaw (CVSS 10.0) allows unauthenticated remote attackers to upload malicious files and gain full remote code execution — no login required.

Here’s what’s happening:
- Threat actors are abusing the `/developmentserver/metadatauploader` endpoint
- They're dropping JSP web shells and executing commands directly from browsers
- Post-exploitation activity includes tools like Brute Ratel and MSBuild injection for stealth
- Even fully patched systems were compromised — confirming this was a true zero-day

Both ReliaQuest and watchTowr have confirmed active exploitation, with attackers already moving to establish persistence and lateral movement.

Who’s affected:
- SAP NetWeaver Visual Composer 7.50 environments
- Systems exposed to the internet, especially if Visual Composer is enabled

What you need to do:
- Apply the emergency patch from SAP (released after the April 8 update)
- If you can’t patch immediately:
- Restrict access to the vulnerable endpoint
- Disable Visual Composer if unused
- Forward logs to SIEM and scan for unauthorized servlet uploads

Also included in the emergency update:
- CVE-2025-27429 — Code injection in SAP S/4HANA
- CVE-2025-31330 — Code injection in SAP Landscape Transformation

In a world where zero-days are increasingly exploited within hours of discovery, patching isn’t optional — it’s urgent.

#SAP #NetWeaver #CyberSecurity