Silver Fox spreads ABCDoor via 1,600 phishing emails in 2026 targeting India and Russia, enabling data theft and remote control.
Get the latest international news and world events from around the world.
CISA Adds Actively Exploited Linux Root Access Bug CVE-2026–31431 to KEV
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a recently disclosed security flaw impacting various Linux distributions to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The vulnerability, tracked as CVE-2026–31431 (CVSS score: 7.8), is a case of local privilege escalation (LPE) flaw that could allow an unprivileged local user to obtain root. The nine-year-old flaw is also tracked as Copy Fail by Theori and Xint. Fixes have been made available in Linux kernel versions 6.18.22, 6.19.12, and 7.0.
“Linux Kernel contains an incorrect resource transfer between spheres vulnerability that could allow for privilege escalation,” CISA said in an advisory.
Amazon SES increasingly abused in phishing to evade detection
The Amazon Simple Email Service (SES) is being increasingly abused to send convincing phishing emails that can bypass standard security filters and render reputation-based blocks ineffective.
Although the resource has been leveraged for malicious activity in the past, the current spike may be due to a large number of AWS Identity and Access Management access keys exposed in public assets.
Because it is a legitimate, trusted resource, phishing operations can leverage Amazon SES to send out malicious emails that pass authentication checks.
Backdoored PyTorch Lightning package drops credential stealer
A malicious version of the PyTorch Lightning package published on the Python Package Index (PyPI) delivers a credential-stealing payload targeting browsers, environment files, and cloud services.
The developer disclosed the supply-chain attack on April 30, saying that version 2.6.3 of the package included a hidden execution chain that downloads and executes a JavaScript payload.
PyTorch Lightning is a deep learning framework used for pretraining and fine-tuning AI models. It is a popular package, amassing more than 11 million downloads last month.
How a ‘90s Zelda PC port became a fangame factory, turning one legend into a thousand
The same way you might play Dragon Quest and rush to assemble a tribute in RPG Maker, players have been making their own old-school adventures in ZQuest for decades. The results range from the quaint to the damn near authentic, and the cream of the crop is collected on a database-slash-forum called PureZC. It’s a visually lean, community-driven treasure trove the likes of which I didn’t think existed on the internet anymore. Custom games, all of which are called “quests” and disseminated as.qst files to be plugged into ZQuest, are split up into a few genres: Metroidvania, NES-style, dungeon romper, randomizer, and so on.
Like Venezia and Clark said, you can go a long way without writing so much as a line of code (though the option is there, should you opt to push the engine beyond its normal scope using the ZScript language). A fan favorite metroidvania quest from 2024, The Deep, features puzzles that incorporate shadows and fog, conveyor belts, a hookshot like you might remember from A Link to the Past, and all sorts of other novelties.
It’s easy to see how it took home the gold in a community contest, but all the more intriguing when you learn it did so in a “non-scripted bracket” and was built in just over three weeks. Bigger, multi-year endeavors like Lost Isle and The Hero of Dreams are lengthy and fully-featured games in their own right—projects that, if you squint, look and feel remarkably like unreleased Game Boy Advance games. While the quests are diverse, numbering over a thousand, reverence for the 40-year-old Nintendo series is the one thing that makes it all cohere.
A common parasite in the brain is far more active than we thought
A parasite carried by billions isn’t dormant at all—it’s running a secret survival operation inside the brain.
A common parasite long thought to lie dormant is actually much more active and complex. Researchers found that Toxoplasma gondii cysts contain multiple parasite subtypes, not just one sleeping form. Some are primed to reactivate and cause disease, which helps explain why infections are so hard to treat. The discovery could reshape efforts to develop drugs that finally eliminate the parasite for good.
Physical exercise protects against Toxoplasma gondii infection-induced muscle atrophy and microvascular rarefaction
FNDC5/irisin detection was performed by a sandwich ELISA reaction using DuoSet® ELISA Development Systems kit (R&D Systems), according to manufacturer’s instructions. Blood samples were collected at 10 or 40 dpi, allowed to sit for at least 1 h, and then centrifuged for 10 min at 224 g in a refrigerated centrifuge (4 °C) to isolate the serum. Samples were stored at −80 °C until irisin detection.
Serum samples were assayed for TNF-α, INF-γ, IL-2, IL-4, IL-6, IL-10, and IL-17a using a Cytometric Bead Array (CBA) Th1/ Th2/ Th17 kit (BD Biosciences), according to the manufacturer’s instructions. Data were acquired using a Cytoflex S (Beckman Coulter) flow cytometer. After data acquisition, dedicated software (FCAP Array, BD Biosciences) was used to analyze the results by gating bead populations, calculating MFI values, generating standard curves, and determining analyte concentrations. These analyses were performed at the Flow Cytometry Facility of the Instituto Oswaldo Cruz (Fiocruz).
T. gondii infection was quantified using RT-qPCR with bag1 and enolase2 primers to detect bradyzoite and tachyzoite forms, respectively, according to49. Ct values were compared to a standard curve amplification, derived from known T. gondii RNA concentrations. The standard curve was constructed with six 10-fold dilutions, starting with 6.0 × 106 parasites for either bradyzoites or tachyzoites. Primer sequences are available in Table 2.
Full Metal Gear Solid 2 source code leaks online on 30th April
The full source code for Metal Gear Solid 2: Sons of Liberty has leaked online.
The files, posted to 4chan, reportedly include the raw, uncompressed source code for “every version up to [the PS] Vita”, as well as “30+GB of assets, including unused stuff”
