Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog – Page 2

Get the latest international news and world events from around the world.

Log in for authorized contributors

Better helium reporting to improve fission and fusion materials modeling

Standardizing calculations of the helium byproducts generated in advanced fission and fusion energy system materials can increase reactor safety and longevity, according to a study led by University of Michigan Engineering with collaborators at Oak Ridge National Laboratory and its management contractor UT-Battelle.

Through a series of simulations, the researchers found that modeling assumptions and key alloy elements—like carbon, nitrogen and nickel—significantly influence helium generation predictions. If left unaddressed, excess helium in real-world reactors could lead to faster component failure as materials swell and become brittle.

“If used, our reporting methods will improve the experimental and modeling fidelity of the nuclear materials databases being generated both domestically and internationally, driving the rapid deployment of advanced nuclear,” said Kevin Field, a professor of nuclear engineering and radiological sciences at U-M and corresponding author of the study published in the Journal of Physics: Energy.

Microsoft shares mitigation for YellowKey Windows zero-day

Microsoft has shared mitigations for YellowKey, a recently disclosed Windows BitLocker zero-day vulnerability that grants access to protected drives.

The security flaw was disclosed last week by an anonymous security researcher known as ‘Nightmare Eclipse,’ who described it as a backdoor and published a proof-of-concept (PoC) exploit.

Nightmare Eclipse said that exploiting this zero-day involves placing specially crafted ‘FsTx’ files on a USB drive or EFI partition, rebooting into WinRE, and then triggering a shell with unrestricted access to the BitLocker-protected storage volume by holding down the CTRL key.

Ukraine identifies infostealer operator tied to 28,000 stolen accounts

The Ukrainian cyberpolice, working in conjunction with U.S. law enforcement, has identified an 18-year-old man from Odesa suspected of running an infostealer malware operation targeting users of an online store in California.

According to the Ukrainian police, the threat actor used information-stealing malware between 2024 and 2025 to infect users’ devices and steal browser sessions and account credentials.

Infostealers are a popular type of malware that harvests sensitive data, including passwords, browser cookies, session tokens, crypto wallets, and payment information, from infected devices and sends it to cybercriminals for account theft, fraud, and resale.

Exploit released for new PinTheft Arch Linux root escalation flaw

A recently patched Linux privilege escalation vulnerability now has a publicly available proof-of-concept (PoC) exploit that allows local attackers to gain root privileges on Arch Linux systems.

The vulnerability, named PinTheft by the V12 security team and still waiting to be assigned a CVE ID for easier tracking, exists in the Linux kernel’s RDS (Reliable Datagram Sockets) and was patched earlier this month.

“PinTheft is a Linux local privilege escalation exploit for an RDS zerocopy double-free that can be turned into a page-cache overwrite through io_uring fixed buffers,” V12 said in a Tuesday advisory.

/* */