The world of open-source software development, while fostering collaboration and innovation, is also a breeding ground for malicious actors. A recent discovery by Checkmarx researchers reveals a critical vulnerability within programming ecosystems like PyPI, npm, Ruby Gems, and others, allowing attackers to exploit entry points and launch sophisticated supply chain attacks. These attacks are particularly stealthy, capable of evading traditional security measures and silently infiltrating systems.
Tuesday, October 15, 2024
Akira/Fog Ransomware Is Being Deploy to Unpatched Veeam Backup/Replication
Cybercriminals are exploiting a patched security flaw in Veeam Backup & Replication to deploy Akira and Fog ransomware, highlighting the ongoing threat posed by vulnerabilities even after they've been addressed. Cybersecurity firm Sophos has observed a recent spike in attacks leveraging compromised VPN credentials and the now-patched CVE-2024-40711, a critical vulnerability allowing unauthenticated remote code execution.
How to Setting Up Django on Render & Storages on AWS S3
Deploying a Django application to the cloud can be a significant step towards scalability and reliability. This guide will walk you through a comprehensive process of deploying your Django application to Render, a cloud platform designed to simplify the deployment process. We'll also integrate Amazon S3 for secure and efficient storage of your application's media files, such as images and documents.
Setting the Stage: Preparing Your Django Project
Monday, October 14, 2024
Ivanti CSA Zero-day Is Being Weaponizing by "Suspected Nation-state Hacker"
A sophisticated nation-state adversary has been exploiting a series of vulnerabilities in Ivanti's Cloud Service Appliance (CSA) to gain unauthorized access to networks and steal sensitive data. The attack, uncovered by Fortinet FortiGuard Labs, leverages three zero-day vulnerabilities, including a command injection flaw, a path traversal vulnerability, and an authenticated command injection vulnerability.
BASH Tutorial: How to Using xargs
Xargs is an indispensable command-line utility in the Linux environment. It elegantly bridges the gap between commands, allowing you to seamlessly funnel output from one command as arguments for another. This dynamic interaction makes Xargs a potent tool for streamlining tasks and enhancing your command-line efficiency.
How to Create Email Server on VPS
Setting up your own email server can provide you with greater flexibility and control over your email system compared to using a third-party service. This is especially beneficial for businesses that need to host a large number of email accounts.
Sunday, October 13, 2024
ASRock has launched two new Z890 Motherboards
How to Running Large Language Model (LLM) On Raspberry Pi 5
The world of artificial intelligence is rapidly advancing, and with it, the capabilities of smaller and more accessible hardware are expanding. Recently, I was inspired by a video on the NVIDIA AI channel showcasing the Gemma 2 language model, boasting 2 billion parameters, running on a Jetson Orin Nano. This prompted me to delve into the world of running LLMs on the Raspberry Pi 5, a device known for its affordability and versatility. My journey led me to the Phi-3 mini 4K Instruct, a 3.8 billion parameter LLM from Microsoft, which surprisingly runs smoothly on the Raspberry Pi 5 using the ONNX Runtime GenAI framework.
Iranian & Chinese Hacker is Already Using ChatGPT to Enhanced Their Malware
The recent surge in cyberattacks utilizing generative AI, specifically ChatGPT, has ignited a wave of concern within the cybersecurity community. OpenAI's confirmation of over twenty attacks leveraging its powerful language model underscores the alarming reality that AI, in the wrong hands, can be a potent tool for malicious activity.
How to Fix "cannot install the best update candidate for package" on Oracle Linux 9
The error message "cannot install the best update candidate for package" is a common one for Linux users, especially those working with Oracle Linux 9 and Red Hat 9 distributions. This particular error usually arises when attempting to install a package that depends on another package which isn't available in the system's repositories.
Inkscape 1.4 Is Officially Released, Update Now
Inkscape 1.4, the latest iteration of the powerful, open-source, cross-platform, and free SVG (Scalable Vector Graphics) editor, has officially arrived. This major release boasts an impressive array of new features and improvements, making it a compelling upgrade for both seasoned users and newcomers alike.
Saturday, October 12, 2024
How to set Raspberry Pi 5 Headless Mode
Setting up a Raspberry Pi can be a fun and rewarding experience, but it often requires a monitor, keyboard, and mouse. For those who prefer the command line or lack these peripherals, setting up your Raspberry Pi headlessly – without a visual interface – is a viable and convenient option. This guide will walk you through the process, enabling you to remotely access and configure your Raspberry Pi using only your computer and an Ethernet cable.