Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog – Page 5

Get the latest international news and world events from around the world.

Log in for authorized contributors

Scientists Solve 100-Year-Old Schrödinger Mystery About Color Perception

New research into how humans perceive color differences is helping resolve questions tied to a theory first proposed nearly 100 years ago by physicist Erwin Schrödinger. A team led by Los Alamos National Laboratory scientist Roxana Bujack used geometry to mathematically describe how people experience hue, saturation and lightness. Their findings, presented at a visualization science conference, strengthen and formalize Schrödinger’s model by showing these color qualities are fundamental properties of the color system itself.

“What we conclude is that these color qualities don’t emerge from additional external constructs such as cultural or learned experiences but reflect the intrinsic properties of the color metric itself,” Bujack said. “This metric geometrically encodes the perceived color distance — that is, how different two colors appear to an observer.”

By formally defining these perceptual characteristics, the researchers believe they have supplied a crucial missing piece in Schrödinger’s long-standing vision of a complete model capable of defining hue, saturation, and lightness entirely through geometric relationships between colors.

JDownloader site hacked to replace installers with Python RAT malware

The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows and Linux installers, with the Windows payload found deploying a Python-based remote access trojan.

The supply chain attack affects those who downloaded installers from the official website between May 6 and May 7, 2026 via the Windows “Download Alternative Installer” links or the Linux shell installer.

According to the developers, the attackers modified the website’s download links to point to malicious third-party payloads rather than legitimate installers.

New GhostLock tool abuses Windows API to block file access

A security researcher has released a proof-of-concept tool named GhostLock that demonstrates how a legitimate Windows file API can be abused in attacks to block access to files stored locally or on SMB network shares.

This technique, created by Kim Dvash of Israel Aerospace Industries, abuses the Windows ‘CreateFileW’ API and file-sharing modes to prevent other users and applications from opening files while handles remain active.

The GhostLock technique abuses the ‘dwShareMode’ parameter in the CreateFileW function, which specifies the type of access other processes have to a file while it is opened.

Instructure confirms hackers used Canvas flaw to deface portals

Education technology giant Instructure has confirmed that a security vulnerability allowed hackers to modify Canvas login portals and leave an extortion message.

BleepingComputer has learned that both the breach and defacements involved multiple cross-site scripting (XSS) vulnerabilities that enabled the attacker to obtain authenticated admin sessions.

The second hack was to draw attention and to pressure Instructure into entering negotiations to pay a ransom following an initial breach disclosed a week before.

Google: Hackers used AI to develop zero-day exploit for web admin tool

Researchers at Google Threat Intelligence Group (GTIG) say that a zero-day exploit targeting a popular open-source web administration tool was likely generated using AI.

The exploit could be leveraged to bypass the two-factor authentication (2FA) protection in a popular open-source, web-based system administration tool that remains unnamed.

Although the attack was foiled before the mass exploitation phase, the incident shows that threat actors are relying more on AI assistance for their vulnerability discovery and exploitation efforts.

TrickMo Android banker adopts TON blockchain for covert comms

A new variant of the TrickMo Android banking malware, delivered in campaigns targeting users across Europe, introduces new commands and uses The Open Network (TON) for stealthy command-and-control communications.

The TrickMo banker was first spotted in September 2019 and has remained in active development, constantly receiving updates since then.

In October 2024, Zimperium analyzed 40 variants of the malware delivered via 16 droppers, communicating with 22 distinct command-and-control (C2) infrastructures, and targeting sensitive data belonging to users worldwide.

/* */