May 30, 2025Ravie LakshmananBrowser Security / Malware A new malware campaign is distributing a novel Rust-based information stealer dubbed EDDIESTEALER using the popular ClickFix social engineering tactic initiated via fake CAPTCHA verification pages. "This campaign leverages deceptive CAPTCHA verification pages that trick users into executing a malicious PowerShell script, which ultimately deploys the infostealer, harvesting sensitive data such as credentials, browser information, and cryptocurrency wallet details," Elastic Security Labs researcher Jia Yu Chan said in an analysis. The attack chains begin with threat actors compromising legitimate websites with malicious JavaScript payloads that serve bogus CAPTCHA check pages, which prompt site visitors to "prove you are not [a] robot" by following a three-step process, a prevalent tactic called ClickFix. This involves instructing the potential victim to open the Windows Run dialog prompt, paste an already copied command into the "verification window" (i.e., the Run dialog), and press enter. This effectively causes the obfuscated PowerShell command to be executed, resulting in the retrieval of a next-stage payload from an external server ("llll[.]fit"). The JavaScript payload ("gverify.js") is subsequently saved to the victim's Downloads folder and executed using cscript in a hidden window. The main goal of the intermediate script is to fetch the EDDIESTEALER binary from the same remote server and store it in the Downloads folder with a pseudorandom 12-character file name. Written in Rust, EDDIESTEALER is a commodity stealer malware that can gather system metadata, receive tasks from a command-and-control (C2) server, and siphon data of interest from the infected host. The exfiltration targets include cryptocurrency wallets, web browsers, password managers, FTP clients, and messaging apps. "These targets are subject to change as they are configurable by the C2 operator," Elastic explained. "EDDIESTEALER then reads the targeted files using standard kernel32.dll functions like CreateFileW, GetFileSizeEx, ReadFile, and CloseHandle." The collected host information is encrypted and transmitted to the C2 server in a separate HTTP POST request after the completion of each task. Besides incorporating string encryption, the malware employs a custom WinAPI lookup mechanism for resolving API calls and creates a mutex to ensure that only one version is running at any given time. It also incorporates checks to determine if it's being executed in a sandboxed environment, and if so, deletes itself from disk. "Based on a similar self-deletion technique observed in Latrodectus, EDDIESTEALER is capable of deleting itself through NTFS Alternate Data Streams renaming, to bypass file locks," Elastic noted. Another noteworthy feature built into the stealer is its ability to bypass Chromium's app-bound encryption to gain access to unencrypted sensitive data, such as cookies. This is accomplished by including a Rust implementation of ChromeKatz, an open-source tool that can dump cookies and credentials from the memory of Chromium-based browsers. The Rust version of ChromeKatz also incorporates changes to handle scenarios where the targeted Chromium browser is not running. In such cases, it spawns a new browser instance using the command-line arguments "--window-position=-3000,-3000 https://google.com," effectively positioning the new window far off-screen and making its invisible to the user. In opening the browser, the objective is to enable the malware to read the memory associated with the network service child process of Chrome that's identified by the "-utility-sub-type=network.mojom.NetworkService" flag and ultimately extract the credentials. Elastic said it also identified updated versions of the malware with features to harvest running processes, GPU information, number of CPU cores, CPU name, and CPU vendor. In addition, the new variants tweak the C2 communication pattern by preemptively sending the host information to the server before receiving the task configuration. That's not all. The encryption key used for client-to-server communication is hard-coded into the binary, as opposed to retrieving it dynamically from the server. Furthermore, the stealer has been found to launch a new Chrome process with the --remote-debugging-port=<port_num> flag to enable DevTools Protocol over a local WebSocket interface so as to interact with the browser in a headless manner, without requiring any user interaction. "This adoption of Rust in malware development reflects a growing trend among threat actors seeking to leverage modern language features for enhanced stealth, stability, and resilience against traditional analysis workflows and threat detection engines," the company said. The disclosure comes as c/side revealed details of a ClickFix campaign that targets multiple platforms, such as Apple macOS, Android, and iOS, using techniques like browser-based redirections, fake UI prompts, and drive-by download techniques. The attack chain starts with an obfuscated JavaScript hosted on a website, that when visited from macOS, initiates a series of redirections to a page that guides victims to launch Terminal and run a shell script, which leads to the download of a stealer malware that has been flagged on VirusTotal as the Atomic macOS Stealer (AMOS). However, the same campaign has been configured to initiate a drive-by download scheme when visiting the web page from an Android, iOS, or Windows device, leading to the deployment of another trojan malware. The disclosures coincide with the emergence of new stealer malware families like Katz Stealer and AppleProcessHub Stealer targeting Windows and macOS respectively, and are capable of harvesting a wide range of information from infected hosts, according to Nextron and Kandji. Katz Stealer, like EDDIESTEALER, is engineered to circumvent Chrome's app-bound encryption, but in a different way by employing DLL injection to obtain the encryption key without administrator privileges and use it to decrypt encrypted cookies and passwords from Chromium-based browsers. "Attackers conceal malicious JavaScript in gzip files, which, when opened, trigger the download of a PowerShell script," Nextron said. "This script retrieves a .NET-based loader payload, which injects the stealer into a legitimate process. Once active, it exfiltrates stolen data to the command and control server." AppleProcessHub Stealer, on the other hand, is designed to exfiltrate user files including bash history, zsh history, GitHub configurations, SSH information, and iCloud Keychain. Attack sequences distributing the malware entail the use of a Mach-O binary that downloads a second-stage bash stealer script from the server "appleprocesshub[.]com" and runs it, the results of which are then exfiltrated back to the C2 server. Details of the malware were first shared by the MalwareHunterTeam on May 15, 2025, and by MacPaw's Moonlock Lab last week. "This is an example of a Mach-O written in Objective-C which communicates with a command and control server to execute scripts," Kandji researcher Christopher Lopez said. Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post. SHARE    

Michael Giannou, Global General Manager, HoneywellMay 29, 20254 Min ReadAndriy Popov via Alamy StockData centers are quickly becoming the backbone of our information-driven world. At the same time, the increasing sophistication of cybersecurity attacks, combined with the growing frequency of extreme climate events, means there is also greater operational risk than ever before, as bad actors have begun targeting cooling centers to purposefully compromise the equipment, causing irreversible loss and damage.  The best defense against these threats is an integrated system centered around situational awareness and security. By taking steps to safeguard key areas, data center operators can enhance the protection of their facility and data, helping prevent costly threats and downtime.  Seeing the Big Picture Developing a comprehensive awareness and monitoring system serves as a critical first step to protecting data centers. This is especially important as data centers begin to welcome more tenants into shared space, requiring vendors to consider each tenant individually and as part of the broader system. A threat to one tenant can quickly become a threat to all tenants. Centralizing all information in one system provides a single location for operators to view and analyze real-time data, allowing them to instantly access critical information, monitor incidents and respond quickly with pre-defined incident workflows. An intelligent system will integrate all security events -- including video recordings, access point clearance and data reporting -- together in one place to reduce coverage gaps and information silos.  Related:Another benefit of having one comprehensive system is the ability to integrate separate aspects of the system to improve response time. For example, a centralized security system could be configured to ensure that any fire or intruder alarm immediately triggers the CCTV cameras in the vicinity of the alarm, so the security team can quickly and efficiently respond to the situation. Close partnering between systems that transcend departments such as security, IT and the management of employees, contractors and visitors is key to protecting the facility and its data, both in low-friction (e.g. office space) and high-friction (e.g. server space) areas.  Addressing the Gaps Once a centralized security system is in place, operators can address the cybersecurity gaps where the data center is most vulnerable to bad actors. A strong, always-on cybersecurity program should be tailored to the specific facility and its compliance needs, often including:  Data encryption: Whether data is stored in the system or just passing through, encryption is key to preventing unauthorized access. A strong encryption process goes beyond thwarting attacks -- it is critical for establishing trust, ensuring the authenticity of data exchanged, guaranteeing the integrity of commands to smart devices and maintaining secrecy where it is needed most.  Related:Network security: Data center operators can help prevent unauthorized access and cyberattacks by developing strong intrusion detection/prevention systems, firewalls and network segmentation. Facility protection: By integrating technologies such as electronic access control, biometrics, CCTV and perimeter detection, operators can maintain security around the physical facility. Security also requires vendors to adhere to standard operating procedures, often overlooked in today’s technology-focused environment, such as enforcing visitor security policies and requiring visitors to have escorts.  Regular audits and updates: It may seem to be a lower priority than the often-urgent concerns set forth above, but out-of-date firmware carries a significant cybersecurity risk. Proactive attention and system maintenance can reduce operating costs in the long run and help avoid costly downtime. Related:Looking Ahead With so many current considerations to focus on, data center operators must also look ahead to future-proof their facility. As quickly as the industry has grown in recent years, the momentum will likely continue to accelerate. One new frontier emerging is quantum security: using quantum-enhanced randomness to deliver truly unpredictable key generation and safeguard sensitive information. This enables the system to develop armor that evolves just as quickly as cybersecurity threats. As the largest companies make significant investment in data centers -- for example, Microsoft’s plan to invest approximately $80 billion in AI-enabled datacenters in FY25 -- many in the industry are watching to see how these companies’ actions and investments shape the future of both data centers and building security overall.  Another forward-looking trend is military-grade solutions entering the commercial and industrial marketplace. It is clear to understand how a system hardened for integrated perimeter security in harsh environments can also fit the security and resilience needs of a data center. In addition, those solutions have often been certified through rigorous testing and evaluation, giving operators confidence their system can withstand almost all third-party attacks.  Finally, the industry will begin to prioritize modularity -- meaning systems that can be added to in the future, will work with third-party solutions and are both user-friendly and energy-efficient. This allows operators to expand their facilities to include the latest and greatest technology without a costly overhaul of their existing infrastructure. By integrating with their business systems and leaning into wider stakeholder influence, organizations can more effectively monitor and manage their facilities using modular systems. Cybersecurity risks can never truly be considered resolved -- it is constantly evolving. But by continuously revisiting the areas detailed above, data center operators can enhance their facility and systems protections, helping to protect their data now and in the future.  About the AuthorMichael GiannouGlobal General Manager, HoneywellMichael Giannou is a global sales executive with over 15 years of experience leading high-performing teams and driving growth in the data center and technology sectors. As Global General Manager of Data Centers at Honeywell, he built and led a global sales team, delivering double-digit growth and now leads the company’s global data center vertical. Previously, at Schneider Electric, he grew division sales from $70M to $350M over six years. Known for transforming underperforming programs and developing trusted customer relationships, Michael is a strategic, growth-focused leader passionate about mentoring enterprise sales professionals.  See more from Michael GiannouWebinarsMore WebinarsReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like

Unlike the rest of us mere mortals, animated characters need not age. Bart Simpson has been fourth grade for decades. Homer hasn’t gotten any balder in that time either. (Admittedly when you only have three hairs to begin with, there’s not many to lose.)So it’s always kind of interesting when the characters on an animated series do get older. That’s what’s happened on the new TV revival of King of the Hill for Hulu. Its central couple, Hank and Peggy Hill, are now retirement age, and their lovably little son Bobby ain’t so little anymore. He’s now in his 20s. That image above says it all.The series, created by Mike Judge and Greg Daniels, premiered on Fox in 1997 and endured for 13 seasons and over 250 episodes in its initial run, even though the show never quite attained the same level of cultural ubiquity as its longtime lead-in, The Simpsons. Both Judge and Daniels returned to work on the new version of the show as executive producers; Saladin Patterson serves as the new showrunner.First announced in 2023, this revival is going straight to streaming. Hulu just revealed the opening credits for the new season, which blazes through the years since King of the Hill went off the air to catch us up on the Hills lives in just 30 seconds. Watch the clip below:READ MORE: TV Shows Brought Back After They Got CanceledHere is the new season’s synopsis:After years working a propane job in Saudi Arabia to earn their retirement nest egg, Hank and Peggy Hill return to a changed Arlen, Texas to reconnect with old friends Dale, Boomhauer and Bill. Meanwhile, Bobby is living his dream as a chef in Dallas and enjoying his 20s with his former classmates Connie, Joseph and Chane.Hulu’s new season of King of the Hill premieres on August 4 on Hulu.Get our free mobile app10 TV Revivals That Were So Bad They Ruined Their Original ShowsFiled Under: Greg Daniels, Hulu, King of the Hill, Mike JudgeCategories: Trailers, TV News

Location: Springfield, VA / St. Louis, MO / Dayton, OH Salary: $180k-$250k (TS/SCI w Poly Required) Job Description: We are seeking an experienced Remote Sensing Algorithm Engineer who specializes in multiple modalities, sensor technologies and spectral phenomenology such as EO/IR, MSI, and HSI to support a large R&D program that is focused on providing advanced intelligence analysis for the benefit of the DoD and IC communities. Please note that we are not looking for an imagery analyst. The right candidate will have software engineering/software development skills coupled with an in depth background and understanding of sensor capabilities and expertise in processing collected data to derive meaningful insights. Responsibilities: collaborate with analysts and engineers to create innovative solutions that improve data exploitation capabilities. design and implement algorithms that enhance target detection, material identification, and geospatial analysis focus on integrating and optimizing software tools for end-users in the GEOINT and IMINT analytic community produce technical documentation Required Skills: Active TS/SCI Security Clearance Ability to develop, test, and validate remote sensing algorithms for geospatial applications. Strong programming skills in Python, ENVI/IDL, C++ and Matlab Background in remote sensing techniques, especially with hyperspectral image processing techniques and data calibration. Demonstrated experience developing tools for hyperspectral data analysis Effective collaboration skills to work with interdisciplinary teams across the DoD and IC Desired Bonus Skills: Advanced mathematical expertise in areas such as machine learning for spectral data. Background in physics-based modeling and signal processing for remote sensing applications. Familiarity with hyperspectral image calibration and preprocessing techniques. Hands-on experience with portable or handheld field instrumentation devices such as FTIRs, Hyperspectral imaging cameras, spectroradiometers, or spectrometers (e.g. ASD, SVC, D&P, Exoscan, Bayspec - OCI Series, Spectral Evolution - PSR Series, Headwall Photonics - Nano-Hyperspec, Micro-Hyperspec )Apply NowLet's start your dream job Apply now Meet JobCopilot: Your Personal AI Job HunterAutomatically Apply to Remote Full-Stack Programming JobsJust set your preferences and Job Copilot will do the rest-finding, filtering, and applying while you focus on what matters. Activate JobCopilot

Kloo didn’t set out to eliminate the ritual of making coffee; they set out to refine it. Equal parts culinary secret weapon and everyday indulgence, Kloo is a small-batch coffee concentrate that delivers bold, specialty-grade flavor to everything from your first morning cup to cocktails and desserts. It’s part chef’s tool, part personal luxury – crafted for those who love to cook, love to host, and love a good cup of coffee. Kloo’s frosted glass bottle adorned with an artful screen-printed design, looks more like a fine spirit than a morning essential. The logo – a maze-like looped ‘K’ – reflects the brand’s ethos: complexity distilled into simplicity. It’s a bottle that signals premium, not just in flavor, but in form. Founded by mother-daughter duo Claudia Snoh and Mariella Cho, Kloo was created from a shared obsession with the nuance of great coffee. Mariella, a certified Q Grader (the coffee world’s version of a sommelier), developed Kloo’s proprietary “super concentrate” brewing method to bring out the purest, most expressive flavor of each bean – then aged each batch for up to 21 days to deepen body and complexity. From sourcing to shipping, every detail is intentional. Kloo uses only specialty-grade beans (each scoring 85+ by Q Graders), roasted in-house and brewed in small batches. The concentrate is then cold-shipped and kept refrigerated to preserve every note. A taste of the single-origin varieties: Colombia (Venecia, Cundinamarca): Almond, maple syrup, blackberry Kenya (Karundu, Nyeri): Grapefruit, lemongrass, dark chocolate Ethiopia (Adado, Yirgacheffe): Peach, jasmine, wild berry Guatemala (Pasajquim, Atitlán): Toffee, burnt toast, dark chocolate Each profile is bold enough to stand on its own, yet balanced enough to complement whatever you’re making. Unlike many concentrates, Kloo’s strength and consistency make it a natural fit for chefs and bakers, especially in large batches where precision matters. Whether you’re stirring it into a sauce or folding it into a batter, Kloo delivers depth, not bitterness. It’s a shortcut that doesn’t feel like one. And while it’s a favorite among chefs, it also belongs in every home cook’s fridge. You’ll find yourself reaching for it more than you expect – whether for an impromptu dessert, a 4pm boost, or an elevated cocktail. For those who love to gather, Kloo is a quiet revolution. It makes the art of hosting feel seamless – adding flavor, elegance, and just a little flair to your moments of connection. One of the best-kept secrets of the seasoned host? Bookend your gathering with memorable moments. Start high, end high – and do it with something that’s bold, caffeinated, and effortlessly chic. Welcome your guests with a low-ABV drink, perfect for warm afternoons. Kloo Stout 1.5 oz Kloo coffee concentrate 12 oz chocolatey stout or lager Preparation: Add chilled Kloo to the bottom of a pint glass, then slowly pour in the beer and let it mix naturally. Smooth, rich, and just unexpected enough to be a conversation starter. Close the evening by serving guests an easy and elegant dessert that never disappoints. Kloo Affogato 1 scoop vanilla gelato 1 shot (about 1.5 oz) Kloo concentrate Preparation: Pour Kloo directly over the gelato just before serving. Dessert and coffee, all in one beautiful moment. Like most devout daily coffee drinkers, I’ve always been skeptical of concentrates – too often they’re bitter, flat, or forgettable. Kloo is different. It doesn’t replace the ritual of great coffee; it respects it, while making room for all the ways we actually live. Whether you’re brewing slowly, moving quickly, cooking for others, or just trying to get out the door, Kloo brings depth and intention – without asking you to compromise. For more information on Kloo, visit drinkkloo.com. Photography courtesy of Kloo.

In this writing, I discuss how the Generative AI (GenAI) system, DeepSeek, handles the request to suggest a tetrad color harmony that…Continue reading on UX Collective »

We may earn a commission from links on this page. Deal pricing and availability subject to change after time of publication.Losing your luggage might not be the end of the world, but it’s definitely the worst part of a trip. That’s where something like the SmartLock comes in, and a four-pack of these TSA-approved travel locks is going for $79.99 on StackSocial right now, which is the same price Amazon charges for a three-pack. It’s designed for Apple users, integrating directly with the Find My app, so you can track your bags on a map, ping them with sound if they’re nearby, or get alerts if you’ve walked off and left them behind.Each lock uses a simple three-digit combination and is TSA-approved, meaning airport security can access it without cutting it open. The build feels solid, with a durable alloy shell and thick cable loop tough enough for typical travel abuse. It’s also refreshingly low-maintenance, with no constant charging needed. The built-in battery lasts about three months and is replaceable, so you’re not tossing the whole thing when it dies. You don’t need to install a separate app to manage the tracking either, if you’ve used Apple’s Find My for AirTags or devices, the setup will feel familiar and straightforward. You also get solid tracking features like Lost Mode and sound alerts. That said, this is Apple-only. If you use Android, the Find My functionality won’t work, so you're better off with a traditional smart tracker or lock. If you're traveling with multiple bags or coordinating group travel, getting four in one pack makes the price easier to swallow. For frequent flyers or anyone with a track record of forgetting their carry-on at Gate 17, this is one of those travel add-ons that might actually be worth it.

After two years of negotiating, ZeniMax Workers United-CWA, the union representing quality assurance workers at ZeniMax Media, has reached a tentative union contract with Microsoft, according to the Communication Workers of America. The union originally formed in 2023 and was immediately recognized by Microsoft, which made its commitment to stay neutral towards union organizing at ZeniMax official in 2024. The new contract will cover over 300 ZeniMax employees and includes "substantial across-the-board wage increases as well as new minimum salaries for workers," the CWA says. The contract also includes language protecting workers from the impacts of AI and "a crediting policy that clearly acknowledges the QA workers’ contributions to the video games they help create." "Video games have been the revenue titan of the entire entertainment industry for years, and the workers who develop these games are too often exploited for their passion and creativity," Jessee Leese, a QA tester and ZeniMax Workers United-CWA bargaining committee member shared in the CWA announcement. "Our first contract is an invitation for video game professionals everywhere to take action. We're the ones who make these games, and we'll be the ones to set new standards for fair treatment." The new contract is considered "tentative" until union members ratify it, but because existing contracts often act as a reference in ongoing negotiations, the agreements ZeniMax workers secured will likely serve as a standard for other unions going forward. ZeniMax QA testers aren't the only video game union at Microsoft — QA workers at Raven Software, QA workers at Activision, workers at ZeniMax Online Studios and the development team behind Overwatch are all still in active negotiations with the company. Outside of Microsoft, the CWA also announced the United Game Workers-CWA union at this year's GDC, as a another option for representation. United Game Workers-CWA is a direct-join union, a labor organization that all workers in an industry can participate in without needing legal recognition from an employer. The idea is that currently employed workers, anyone who's been laid off and freelancers can all still wield power together, even without a potential contract hanging in the balance.This article originally appeared on Engadget at https://www.engadget.com/gaming/zenimax-qa-workers-win-tentative-union-contract-with-microsoft-194204789.html?src=rss

The new campus in Irpin, west of Kyiv, is intended to act as a hub for research and regeneration following wartime destruction Source: StantecStantec’s winning design for the State Tax University in Irpin, Ukraine Stantec has been named the winner of an international architectural competition to redesign the State Tax University in Irpin, Ukraine, after the partial destruction of its campus during the early stages of Russia’s invasion.  Located approximately 20 kilometres from Kyiv, the State Tax University specialises in training students in public finance, law and accounting. The competition was organised by the US-based nonprofit Center for Innovation, in partnership with the university itself, Ukraine’s Ministry of Finance, and Dobrobat, a Ukrainian volunteer construction organisation that supports the reconstruction of housing and social infrastructure. A total of 49 entries from 18 countries were submitted, with the jury composed of Ukrainian, European and American architects. The competition brief sought submissions that addressed a broad range of goals, including sustainability, equity and accessibility. Stantec’s proposal is intended to reflect the identity of Irpin, nicknamed the “City of Parks”, and aims to combine educational, ecological and civic functions within a new campus framework. The scheme is described as inclusive and adaptive, applying a “Design for All” ethos in response to the university’s stated ambitions of becoming an international research institution. The design retains the footprint of the destroyed main building and reinterprets it as a central civic and academic space. The proposed structure is envisaged as an open and permeable environment, with shared areas intended to promote collaboration and exchange. Stantec's winning design for the State Tax University in Irpin, UkraineSource: Stantec Stantec's winning design for the State Tax University in Irpin, UkraineSource: Stantec Stantec's winning design for the State Tax University in Irpin, UkraineSource: Stantec 1/4 show caption Commenting on the outcome, jury chair Wendy Hillis said: “The jury unanimously agreed that this submission presented a strong engagement with the city of Irpin and the forest nearby. We liked the openness of the plan and the way the proposed buildings draw people into the site while also offering transparency of common areas.” Stantec design director Dathe Wong said: “It is a privilege to contribute to a project that will heal, inspire, and imagine a brighter future through the power of education, community, and design.” Dymtro Serebrianskyi, acting rector of the university, added: “Designing an architecturally significant and sustainable building will inspire students and faculty and continue to support Ukraine.”

Here are hints and the answer for today's Wordle, No. 1443, for June 1.