Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog – Page 11

Get the latest international news and world events from around the world.

Log in for authorized contributors

Negative Energy ‘Ghosts’ Flashing in Space Could Reveal New Physics

A ‘boom’ of light that appears when a particle exceeds the speed of light set by a medium could, in other contexts, signal a kind of quantum instability that could trigger what’s known as vacuum decay.

If ever spotted in the emptiness of space, according to theoretical physicist Eugeny Babichev of the University of Paris-Saclay, the eerie blue glow of Cherenkov radiation could be interpreted as a manifestation of negative-energy ghost perturbations.

Why does it matter? Because our current theory of gravity is incomplete, and such a signal would offer rare insight into how spacetime behaves in regimes where existing theories break down, and potentially narrow the search for better models.

Ghost Particles Interacting With Dark Matter Could Solve a Huge Cosmic Mystery

A new investigation of the early Universe led by Poland’s National Centre for Nuclear Research has just found that there may be an interaction between two of the most elusive components of the cosmos.

By combining different kinds of observations, cosmologists have shown that what we see is more easily explained if neutrinos, aka ‘ghost particles’, weakly interact with dark matter.

With a vexing certainty of three sigma, the signal isn’t strong enough to be definitive, but is also too strong to be a mere hint or noise in the data.

New Malware Campaign Delivers Remcos RAT Through Multi-Stage Windows Attack

Cybersecurity researchers have disclosed details of a new campaign dubbed SHADOW#REACTOR that employs an evasive multi-stage attack chain to deliver a commercially available remote administration tool called Remcos RAT and establish persistent, covert remote access.

“The infection chain follows a tightly orchestrated execution path: an obfuscated VBS launcher executed via wscript.exe invokes a PowerShell downloader, which retrieves fragmented, text-based payloads from a remote host,” Securonix researchers Akshay Gaikwad, Shikha Sangwan, and Aaron Beardslee said in a technical report shared with The Hacker News.

“These fragments are reconstructed into encoded loaders, decoded in memory by a. NET Reactor–protected assembly, and used to fetch and apply a remote Remcos configuration. The final stage leverages MSBuild.exe as a living-off-the-land binary (LOLBin) to complete execution, after which the Remcos RAT backdoor is fully deployed and takes control of the compromised system.”

Malicious Chrome Extension Steals MEXC API Keys by Masquerading as Trading Tool

Cybersecurity researchers have disclosed details of a malicious Google Chrome extension that’s capable of stealing API keys associated with MEXC, a centralized cryptocurrency exchange (CEX) available in over 170 countries, while masquerading as a tool to automate trading on the platform.

The extension, named MEXC API Automator (ID: pppdfgkfdemgfknfnhpkibbkabhghhfh), has 29 downloads and is still available on the Chrome Web Store as of writing. It was first published on September 1, 2025, by a developer named “jorjortan142.”

“The extension programmatically creates new MEXC API keys, enables withdrawal permissions, hides that permission in the user interface (UI), and exfiltrates the resulting API key and secret to a hardcoded Telegram bot controlled by the threat actor,” Socket security researcher Kirill Boychenko said in an analysis.

Microsoft January 2026 Patch Tuesday fixes 3 zero-days, 114 flaws

To learn more about the non-security updates released today, you can review our dedicated articles on the Windows 11 KB5074109 & KB5073455 cumulative updates and Windows 10 KB5073724 extended security update.

This month’s Patch Tuesday fixes one actively exploited and two publicly disclosed zero-day vulnerabilities.

New VoidLink malware framework targets Linux cloud servers

A newly discovered advanced cloud-native Linux malware framework named VoidLink focuses on cloud environments, providing attackers with custom loaders, implants, rootkits, and plugins designed for modern infrastructures.

VoidLink is written in Zig, Go, and C, and its code shows signs of a project under active development, with extensive documentation, and likely intended for commercial purposes.

Malware analysts at cybersecurity company Check Point say that VoidLink can determine if it runs inside Kubernetes or Docker environments and adjust its behavior accordingly.

/* */