How do you cowboycore? Or maybe you call it coastal cowgirl? Whatever your preferred terminology, the rich ranch aestheticpopularized on shows like Yellowstone and beloved for juxtaposing rustic farmhouse style with contemporary furnishingsis everywhere lately. Its not confined to the Lone Star State, though youll see traces of the aesthetic in homes in Austin and Houston, nor does one have to have a sprawling Napa Valley estate. But why is rich ranch decor so popular right now, and how does one bring the look home? We spoke to a few ELLE DECOR A-List designers for their yee-haute takes.Douglas FriedmanA rustic kitchen in a Sonoma, California, home designed by Ken Fulk.What Is Rich Ranch Decor?Surprisingly, the rich ranch decor trend may have started thousands of miles from the nearest corralin Switzerland. Or ELLE DECOR A-List designer Miles Redd cant help but think so, given the similarities between the look and the aprs-ski vibe of a Swiss chalet. A-List designer Ken Fulk considers the rich ranch aesthetic a mix of the Mexican vaquero and the gaucho culture in Argentina with the rustic charm of Provence and the romantic agrarian lifestyle of Tuscany. You see roots of ranch style throughout all cultures and continents.I think that people have been recently drawn to luxurious ranch living because it feels casual and approachable with an emphasis on organic materiality, says designer Augusta Hoffman. Being from Texas, I gravitate toward a Mexican hacienda influence: considered layers of limestone, terra-cotta, wrought iron, and reclaimed wood. Even better if there is a tequila bar welcoming the cowboys when they come home!I gravitate towardconsidered layers of limestone, terra-cotta, wrought iron, and reclaimed wood. Even better if there is a tequila bar welcoming the cowboys when they come home!Augusta HoffmanDallas-based Jean Liu similarly advises considered layersor what one might call restraint. Part of achieving the rich ranch look is to not infuse this type of home with as much of the expected patterns, fabrics, and decorative objects, says Liu, i.e., plaid, cowhide, and antlers. The gist of the trend is that the elements are similar, but the amount of the expected design ingredients is adjusted and refined to feel more sophisticated, elevated, and polished.A delicate touch is key when melding such disparate influences. The styles versatility shines through in its detailsfrom hand-stitched leather pillows to vintage Navajo textiles and burnished bronze fixtures, says designer Alfredo Paredes. Whether its a city-ranch vibe with dark, industrial contrasts or a California ranch with laid-back light wood, each setting can reinterpret the classic ranch look with fresh, tailored details while honoring authentic craftsmanship.Tim LenzIn a New York City residence designed by Augusta Hoffman, an antique Spanish Missionstyle table serves as a sideboard.What Makes Rich Ranch Decor Controversial?The look is not always PC, says Redd, since it can be heavy on the furs and spoils of trophy hunting. But Redd advises having luxurious faux sables and minks tossed over sofas, instead. [And] I do think antlers are a must. I love the Black Forest variety, which are often carved entirely out of wood.If youre a hunter, it makes sense to display the trophies, says Liu. But perhaps the mounts feature just the horns and not the entire head. Retailers including Pottery Barn also sell faux antler chandeliers, a sort of country lodge tiara for your living room. Fulk, wholl soon open his first standalone retail space in West Hollywood, California, suggests shopping for vintage trophy mounts and mixing them with Belgian boucl throws and pillows, to pay tribute to the classic California ranch.Chris MottaliniA Vermont ski house designed by Alfredo Paredes.How Do I Get the Rich Ranch Look at Home?Thematic decorating can get tricky, acknowledges L.A.-based designer Oliver Furth, whose firm has designed mountain homes in Aspen; Jackson Hole, Wyoming; and Park City, Utah. How to imbue a sense of place without it feeling clich or trite? To avoid getting too literal with your decorating, Furth suggests using pieces that will develop a patina with age and incorporating wood and stone to reference nature.Playing with contrastsplaster walls combined with a wood floor and wood ceilingcan provide a beautiful end result, adds New Yorkbased designer Shawn Henderson. I love adding richly textured fabrics and leaning into pattern, whether a plaid, a crewel, or even a large check for depth and warmth.The moral of the story is that no matter where you are in the world, you have a place at the rough-hewn, well-patinated, plaid-tablecloth-covered table of rich ranch decor. Giddyup!Sean SantiagoDeputy EditorSean Santiago is ELLE Decor's Deputy Editor, covering news, trends and talents in interior design, hospitality, travel, and luxury. He writes the So Courant! column for the magazine and elledecor.com.

When you think of British company Farrow & Ball, the first thing that comes to mind is probably its unique, exceedingly rich paint colors. But savvy design prosand now you, tooare wise to the brand's lesser-known but no-less-luxurious small-batch, handcrafted wallpapersa guaranteed way to make a space feel special.Unlike many mass-produced papers that are digitally printed using ink, Farrow & Ball's are created with the brand's actual paintswhich are made in a building that is literally next door to the wallpaper factoryso they deliver that same renowned depth of color. And each roll is unique, due to the company's commitment to traditional artisanal techniques that result in slight variations in tone and texture. "People are at the heart of every stage of our process," says Farrow & Ball creative director Charlotte Cosby. "Our experts cut the foam pads used for our striped designs by hand, line up the paper for multi-layered patterns, and even wrap the finished rolls in our brown paper packaging."Robin KitchinShallot No.CB3They start the process by mixing colored pigment into a white base paint. Each pigment is added by hand or a dispenser, depending on how much is needed, and arriving at the desired end color requires precise calibration and multiple quality-control checks, given that the shades can look very different in the vat. (The seemingly bright red pigment being stirred above is Shallot, from the Carte Blanche collectionwhich, by the time it's ready to be applied to paper, will be "a cheerful pink," according to the company.)Courtesy of Farrow & BallTented Stripe 1351Once the paints have been prepared, Farrow & Ball's craftspeople employ labor-intensive techniques like open-trough and roller-block printing to make the wall coverings. In the former, shown above, a foam pad is cut by hand to create the patternin this case, stripes. Paint flows through the pad, and the paper is dragged along it, applying a continuous flow of color. (The neutral background color in this Tented Stripe pattern has already been applied and allowed to dry.)Robin KitchinAuguste 6504James MerrellAuguste 6504In the latter process, a foam roller applies paint to a roller block into which the pattern has been carved. The whimsical floral above, shown both being printed and cheering up a bedroom wall, is Auguste, one of five patterns in the company's latest wallpaper collection, Purnon Papers. The green leaves (colored with Farrow & Ball's Bancha paint) have previously been applied using a different roller block, and now the blooms, in India Yellow, are being added in a second pass through the equipment. Once the paints have dried, a Farrow & Ball expert checks the wallpaper to make sure the two colored elements of the design are lined up correctly.James MerrellAdelaide 6303The Purnon Papers patterns are all inspired by designs found in the 18th-century Chteau de Purnon, in France's Loire Valley. Above is Adelade, named for one of the daughters of the marquis who built the residence and modeled on a pattern found in her dressing room. (The aforementioned yellow-and-green Auguste floral takes the name of the eldest son.) James MerrellPurnon 6204Other entries in the collection were similarly discovered in the centuries-old chteaunot an atypical source of inspiration for Farrow & Ball's creative team. Barac was inspired by a fading fragment unearthed in the home's attic. Purnon (shown above), a toile-like pattern that incorporates a heron, was found on a folding screen that had likely been used as a room divider. The geometric Achard was inauspiciously discovered inside a linen cabinet, then grandly given the family's surname."One of the main considerations we make when adding patterns to our wallpaper collection is whether the design complements our techniques," Cosby says. "Naturally, a lot of our more traditional designs are well suited to the traditional methods we use." This also applies to many designs beyond the Purnon Papers; Wisteria, for instance (Wisteria 2212 is pictured at top), is drawn from 19th-century woven fabrics.Regardless of what century inspired the brand's various wallpaper patterns (53 are currently offered), all are made with very 21st-century, planet-friendly practices. The company sources its raw materials for both paint and wallpaper from ethical suppliers and powers its factory with renewable energy. In addition, many of the designs are made to order, and Farrow & Ball's paint is made in small batches, Cosby points out. Mostly, though, the company's focus is on creating both stunning designs and devoted customers. "We don't follow trends," the designer says. "We want to empower people to understand color. It's all about helping people create a home they love for years to come."

Sometimes a design idea that looks great on Pinterest isn't actually all that practical in real life. Think elegant marble countertops that hold no chance against dribbles of red wine or open-door showers that create slip-and-fall hazards. Or maybe that wild wallpaper you took a risk on in the powder room turns out to be less fun and more headache. Design professionals have hear about their fair share of renovation regrets, so we asked contractors and interior designers to tell us about some of the most common design issues theyre called in to fix. Heres what they had to say.Related StoriesMarble Countertops Marble countertops are a classic. But the soft, porous stone is not always practical, which is why Laura Hammett, founder and creative Director of Laura Hammett Interiors finds herself frequently swapping out the material heavily used kitchens. (She recommends a sintered stone like Neolith.)Fernando BengoecheaClients love the look of marble but then find the reality is you cant spill a drop of food or drink before it gets stained, she says. For clients who love to cook, especially with colorful spices, we recommend stones which still look beautiful, but are much more durable and hardier."Open-Floor PlansWith the rise in multi-generational households and a rapid increase in the number of people who work from home, Bethany Adams of Bethany Adams Interiors says her clients are no longer fans of open-plan living and crave a little more alone time. She started to notice this trend during the pandemic when people were spending a lot of time together. To accommodate these requests, I've added hidden pocket doors behind new built-ins and sleek glass and steel framed partitions and doors to section off more open spaces, she says. Adams has found theres plenty of ways to allow for separation without building full walls. Glass doors and partitions strike the right balance between the privacy the clients want, and the openness that they may have originally desired, she says.Open-Air Outdoor Living SpacesYou may imagine yourself lounging outdoors with a book or enjoying al fresco meals and dips in a pool. But homeowners frequently change their mind about expansive loggias and open-air lounging spaces, Robert W. Burrage, founder of Palm Beach County, Florida-based RWB Concierge Builder, says. Factors like humidity, heat, and seasonal storms can make it tough to enjoy those outdoor living spaces to the max. As a result, we often find ourselves enclosing these outdoor spaces to create comfortable, usable areas that can be enjoyed year-round, he says. Barn Doors and Shiplap Walls When the farmhouse trend started to explode around 2015, everyone asked their contractor for barn doors and faux shiplap wallseven if it didn't suit the house's architecture or family's needs, says Lesley Myrick, an Atlanta area interior designer. She has since removed several barn doors from clients homes, adding that they are a terrible choice because they let sound and light through. She has also scrapped plenty of shiplap walls, which are known to collect dust between the horizontal boards.SDI ProductionsShiplap on a bathroom wall.Many people saw the farmhouse trend as both current and timeless and rushed to upgrade their homes with these design elements, she says. But when these types of additions dont prove to be functional for your home or lifestyle, it's a design disaster. Some of her projects have included removing barn doors and tracks and installing a single-paneled doors, and in at least one case, removing a floating shiplap wall, which made room for a kitchen reconfiguration with a large kitchen island. Trendy Tiles Tile selection has been an issue on a number of projects that Alexis Woodbury Earman, Wilmington, a North Carolina-based interior designer with The Woodbury Home, has worked on. Many homeowners choose tiles based on inspiration photos and current trends, she says. Though these tile choices can be beautiful in pictures, the owner can grow tired of the trend and want to replace it with something more classic.She ends up remedying these types of designs by choosing neutral-colored tiles and adding color to spaces with paint. That way, anytime in the future they want to change the color in the space, they can do so much more easily. Clear Glass Doors Kitchen cabinets or pantry doors with clear glass doors can be beautiful, but they come with a few practical challenges that make them hard to live with on a daily basis, says designer Ashley Macuga of Collected Interiors.Since glass doors reveal what's inside, any clutter or mismatched items are easily visible, which can make even a new kitchen look messy if not perfectly maintained, she says. A quick fix is to update the clear glass to reeded glass, which obscures the visual, while still keeping the elegance of the material, she says.Courtesy Nicole Dianne PhotographyReeded glass, like those featured here on pantry doors in one of designer Ashley Macuga of Collected Interiors projects, are an alternative to more transparent glass doors or cabinets. Doorless ShowersDoorless showers may look great, but people who have actually had them installed often find them to be more trouble than theyre worth, says interior designer Shiva Samiei, the CEO of Shiva Samiei & Co. Water tends to splash outside of the shower area, causing moisture damage and slip-and-fall hazards. They can also be decidedly un-cozy, leaving you feeling exposednot a pleasant sensation when you're bathing.Custom glass panels and new drainage solutions are usually the fix that strikes a middle ground, helping bathrooms preserve a modern look while containing all the water.Follow House Beautiful on Instagram and TikTok.

When Apple Watch Series 10 was announced in September, the company also unveiled a new Gold Link Bracelet made of stainless steel. However, while the Natural and Slate versions were available from day one, the gold version was unavailable but that has just changed.Apple Watch Gold Link Bracelet now availableTwo months after it was announced, the gold version of the Link Bracelet for the Apple Watch is now available to order from Apples online store. However, theres a catch. As noted by Bloombergs Mark Gurman, Apple says that the first orders will be shipped in 5 to 6 weeks, which is around Christmas.Although the website gives the option for users to search for pickup availability at a nearby Apple Retail Store, it seems that the accessory is not available anywhere for now.The Link Bracelet was one of the first watch bands created for the Apple Watch. Its made of 316L stainless steel and has more than 100 components in its composition. With the launch of the Series 10, Apple has updated the Link Bracelet with new colors to match the finishes of the latest Apple Watch.Its worth noting that the 42mm version also works with previous smaller Apple Watch models, while the 46mm version also works with previous versions of the larger Apple Watch including the Ultra.You can now order the new Apple Watch Gold Link Bracelet for $349. Dont forget to take a look at some of the deals on Apple Watch bands at Amazon.Add 9to5Mac to your Google News feed. FTC: We use income earning auto affiliate links. More.Youre reading 9to5Mac experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Dont know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Apple recently announced a new generation of the Mac mini, which introduced a new and much more compact design. Weve already seen some tidbits about whats inside this Mac mini, but iFixit has now shared its traditional teardown showing even more details about how Apple built its most compact Mac ever.iFixit tears down the new Mac MiniFrom the start, iFixit praises how easy the Mac mini is to disassemble despite having a much more compact design. The bottom plate is held on by clips that can be detached without causing any damage. The first thing users will see after removing the bottom plate is the CMOS battery, which can be easily replaced just by removing two screws.By removing a few other screws, users can access the wireless module cables and then remove the inner plate that gives access to most of the internal components, such as the speaker and the large fan that takes up half of the Macs space.Apple has redesigned the thermal management of the new Mac mini so that the fan keeps the computer cool by drawing air from the base and circulating it through the components before expelling it. Interestingly, the version with the M4 Pro chip has a larger copper heatsink than the base M4 version.As previously reported, the new Mac mini has a replaceable storage module. However, upgrading isnt exactly easy since the module is proprietary, but it is possible. iFixit successfully swapped modules between two Mac minis and it worked. One thing to keep in mind is that the M4 Pro version has a larger storage module, so you cant use it in the M4 version and vice versa.The USB-C ports and the headphone jack on the front can also be removed, but the same cant be said for the ports on the back. The logic board is protected with a copper layer for better heat dissipation, and unsurprisingly, the M4 chip has RAM soldered onto it.Even so, iFixit gave the new Mac mini a 7 in its repairability score. According to the company, the Macs main components are easily replaceable, which makes it easier for users to keep their computer running for years if something stops working. iFixit said the new Mac mini has a bright and repairable future ahead.The new Mac mini is now available in stores with prices starting at $599.Add 9to5Mac to your Google News feed. FTC: We use income earning auto affiliate links. More.Youre reading 9to5Mac experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Dont know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

"You couldn't open the doors."Horrific EndFour people were killed in Toronto after the Tesla they were riding in crashed into a pillar and burst into flames.A fifth rider, an unidentified woman in her twenties, narrowly survived the crash after a bystander smashed open a window, allowing her to escape the burning vehicle.According to the heroic bystander's account, the Tesla Model Y's electronic doorsmay have been at fault for why the passengers were trapped inside the electric vehicle."You couldn't open the doors," the rescuer, Rick Harper, told the Toronto Star in a new interview. "I would assume the young lady would have tried to open the door from the inside, because she was pretty desperate to get out." Harper added that he didn't realize there were others trapped inside because the smoke was so thick."I don't know if that was the battery or what," Harper said. "But she couldn't get out."Death TrapPolice said the crash, which took place on October 24, occurred after the driver lost control of the vehicle, struck a guardrail, and then slammed into a pillar, per the CBC, catching fire upon impact.Authorities are still investigating the crash and fire. But the details that we have so far implicate to some degree the electronic doors used by Tesla and other automakers, which require power to open.The Elon Musk-owned automaker has a troubling history of owners getting locked in their cars without power. Some of these cases may be down to user error, since most Teslas come with manual release levers.However, these emergency measures have been criticized for being poorly designed and unintuitively placed for certain models, often requiring intimate knowledge of the car something that most owners, let alone a passenger in a panic, aren't likely to have.Moreover, with the Model Y in particular, not all vehicles come with manual releases for the rear doors, as Tesla warns in the car's manual. It's unclear if the Model Y involved in the crash was equipped with the emergency feature.Fire HazardThis isn't the first time that occupants have died after being allegedly trapped in a Tesla.In 2019, a father of five was burned alive in his Model S after the car's auto-retracting door handles failed to deploy, his family alleged in a lawsuit, preventing bystanders and first responders from setting him free from the intense blaze.Another driver nearly suffered the same fate in 2021. When his Tesla Model S caught fire, he claimed he was briefly stuck inside due to the vehicle's malfunctioning high tech door handles, though he eventually managed to escape.Considering that EV battery fires are some of the most formidable out there and often take tens of thousands of gallons of water and hours of work to extinguish, a reliable way of getting out of one of these vehicles in a pinch is the least you could ask for.Share This Article

People will believe anything these days including, it seems, obvious AI slop.As a viral post on X-formerly-Twitter highlights, one such example poorly,which attempts to show Donald Trump's son Barron singing a treacly AI-generated song, has picked up an astonishing number of fawning comments though in a further sign of the times, it's unclear what percentage of those commentators are bots themselves."Forever great America," the uncanny AI voice, which sounds nothing like the youngest Trump son, sings over swelling Hillsong Church-style drumlines. "God bless all the people."In the comments viewed on the screen-recorded video, users with multiple numbers in their handles a trademark of bot accounts sounded off like parodies of sycophants."I love songs so much," one such user replied, ending their missive with three red heart emojis."I love your song," wrote another. "Thank you so much for your Dad the PRESIDENT DONALD TRUMP will be going to protect the country GOD BLESS PRESIDENT DONALD TRUMP and Family."As several folks in the comments on X pointed out, these responses seem very much like they're AI-generated themselves."Bots applauding a bot," Johns Hopkins English professor Drew Daniel wrote, "the circle of virtual life completes itself, no humans necessary."While the now-viral video does indeed look like it was posted on YouTube, we weren't able to independently verify where it came from. We did, however, find others in a similar vein and they too appeared to harbor an unsettling mix of comments by bots and delusional humans.One such video, published by the "MAGA Songs" YouTube channel about a month ago, employs the same shoddy lip-syncing effect that has been used to turn static images into "singing" moving pictures for years now. Titled "My Father's Work is Never Done," the almost certainly AI-generated lyrics to this bizarre song essentially cast the serially-adultering president-elect in the role of an American Jesus."From the towers to the White House lawn, hes been the light when hope was gone," the fake Barron sings. "With every word, with every stand, he fights to save this promised land.""Never seen a family work so hard to Make America Great Again.!" one reply reads. "You deserved to win, congratulations!""Barron where are all the Beautiful songs that first hit YouTube, now wheres to be found??" another likely bot queries. "I just love your singing, is there a CD out to purchase?"Some human viewers are definitely being taken in, though; a video that went viral a few months ago showed two baffled elderly people insisting that a similar video of Barron singing as a younger cameraperson tries to explain that it's not.The entire experience of listening to these megachurch jam knockoffs offers an uncanny look into the world of conservative AI slop and it portends a grim future.Share This Article

Nov 12, 2024Ravie LakshmananVirtualization / VulnerabilityCybersecurity researchers have disclosed new security flaws impacting Citrix Virtual Apps and Desktop that could be exploited to achieve unauthenticated remote code execution (RCE)The issue, per findings from watchTowr, is rooted in the Session Recording component that allows system administrators to capture user activity, and record keyboard and mouse input, along with a video stream of the desktop for audit, compliance, and troubleshooting purposes.Particularly, the vulnerability exploits the "combination of a carelessly-exposed MSMQ instance with misconfigured permissions that leverages BinaryFormatter can be reached from any host via HTTP to perform unauthenticated RCE," security researcher Sina Kheirkhah said.The vulnerability details are listed below -CVE-2024-8068 (CVSS score: 5.1) - Privilege escalation to NetworkService Account accessCVE-2024-8069 (CVSS score: 5.1) - Limited remote code execution with the privilege of a NetworkService Account accessHowever, Citrix noted that successful exploitation requires an attacker to be an authenticated user in the same Windows Active Directory domain as the session recording server domain and on the same intranet as the session recording server. The defects have been addressed in the following versions -Citrix Virtual Apps and Desktops before 2407 hotfix 24.5.200.8Citrix Virtual Apps and Desktops 1912 LTSR before CU9 hotfix 19.12.9100.6Citrix Virtual Apps and Desktops 2203 LTSR before CU5 hotfix 22.03.5100.11Citrix Virtual Apps and Desktops 2402 LTSR before CU1 hotfix 24.02.1200.16It's worth noting that Microsoft has urged developers to stop using BinaryFormatter for deserialization, owing to the fact that the method is not safe when used with untrusted input. An implementation of BinaryFormatter has been removed from .NET 9 as of August 2024."BinaryFormatter was implemented before deserialization vulnerabilities were a well-understood threat category," the tech giant notes in its documentation. "As a result, the code does not follow modern best practices. BinaryFormatter.Deserialize may be vulnerable to other attack categories, such as information disclosure or remote code execution."At the heart of the problem is the Session Recording Storage Manager, a Windows service that manages the recorded session files received from each computer that has the feature enabled.While the Storage Manager receives the session recordings as message bytes via the Microsoft Message Queuing (MSMQ) service, the analysis found that a serialization process is employed to transfer the data and that the queue instance has excessive privileges.To make matters worse, the data received from the queue is deserialized using BinaryFormatter, thereby allowing an attacker to abuse the insecure permissions set during the initialization process to pass specially crafted MSMQ messages sent via HTTP over the internet."We know there is a MSMQ instance with misconfigured permissions, and we know that it uses the infamous BinaryFormatter class to perform deserialization," Kheirkhah said, detailing the steps to create an exploit. "The 'cherry on top' is that it can be reached not only locally, through the MSMQ TCP port, but also from any other host, via HTTP.""This combo allows for a good old unauthenticated RCE," the researcher added.Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE

Nov 12, 2024Ravie LakshmananEmail Security / Threat IntelligenceCybersecurity researchers are calling attention to a new sophisticated tool called GoIssue that can be used to send phishing messages at scale targeting GitHub users.The program, first marketed by a threat actor named cyberdluffy (aka Cyber D' Luffy) on the Runion forum earlier this August, is advertised as a tool that allows criminal actors to extract email addresses from public GitHub profiles and send bulk emails directly to user inboxes."Whether you're aiming to reach a specific audience or expand your outreach, GoIssue offers the precision and power you need," the threat actor claimed in their post. "GoIssue can send bulk emails to GitHub users, directly to their inboxes, targeting any recipient."SlashNext said the tool marks a "dangerous shift in targeted phishing" that could act as a gateway to source code theft, supply chain attacks, and corporate network breaches via compromised developer credentials."Armed with this information, attackers can launch customized mass email campaigns designed to bypass spam filters and target specific developer communities," the company said.A custom build of GoIssue is available for $700. Alternatively, purchasers can gain complete access to its source code for $3,000. As of October 11, 2024, the prices have been slashed to $150 and $1,000 for the custom build and the full source code for "the first 5 customers."In a hypothetical attack scenario, a threat actor could use this method to redirect victims to bogus pages that aim to capture their login credentials, download malware, or authorize a rogue OAuth app that requests for access to their private repositories and data.Another facet of cyberdluffy that bears notice is their Telegram profile, where they claim to be a "member of Gitloker Team." Gitloker was previously attributed to a GitHub-focused extortion campaign that involved tricking users into clicking on a booby-trapped link by impersonating GitHub's security and recruitment teams.The links are sent within email messages that are triggered automatically by GitHub after the developer accounts are tagged in spam comments on random open issues or pull requests using already compromised accounts. The fraudulent pages instruct them to sign in to their GitHub accounts and authorize a new OAuth application to apply for new jobs.Should the inattentive developer grant all the requested permissions to the malicious OAuth app, the threat actors proceed to purge all the repository contents and replace them with a ransom note that urges the victim to contact a persona named Gitloker on Telegram."GoIssue's ability to send these targeted emails in bulk allows attackers to scale up their campaigns, impacting thousands of developers at once," SlashNext said. "This increases the risk of successful breaches, data theft, and compromised projects."The development comes as Perception Point outlined a new two-step phishing attack that employs Microsoft Visio (.vdsx) files and SharePoint to siphon credentials. The email messages masquerade as a business proposal and are sent from previously breached email accounts to bypass authentication checks."Clicking the provided URL in the email body or within the attached .eml file leads the victim to a Microsoft SharePoint page hosting a Visio (.vsdx) file," the company said. "The SharePoint account used to upload and host the .vdsx files is often compromised as well."Present within the Visio file is another clickable link that ultimately leads the victim to a fake Microsoft 365 login page with the ultimate goal of harvesting their credentials."Two-step phishing attacks leveraging trusted platforms and file formats like SharePoint and Visio are becoming increasingly common," Perception Point added. "These multi-layered evasion tactics exploit user trust in familiar tools while evading detection by standard email security platforms."Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE

The company -- taking direct aim at OpenAI, Anthropic, and other incumbents in the GenAI arms race -- plans to use the funding to fuel its agentic AI efforts.