Lifeboat News: The Blog – Safeguarding Humanity

Infrared AI Camera Proposed to Scan Earth’s Skies For Signs of Alien Visitors

Posted by Saúl Morales Rodriguéz in alien life, robotics/AI | Leave a Comment on Infrared AI Camera Proposed to Scan Earth’s Skies For Signs of Alien Visitors

Apr 11
2025

In 2021, the Office of the Director of National Intelligence (ODNI) released a report detailing recently declassified information on Unidentified Aerial Phenomena (UAP).

Since then, the Department of Defense has released annual reports on UAP through the All-domain Anomaly Resolution Office (AARO). Nevertheless, there is still a lack of publicly available scientific data.

To address this, a new study led by the Harvard-Smithsonian Center for Astrophysics (CfA) and the Galileo Project proposes an All-Sky Infrared Camera (Dalek) to search for potential indications of extraterrestrial spacecraft.

Read more | >

Incomplete Patch in NVIDIA Toolkit Leaves CVE-2024–0132 Open to Container Escapes

Posted by Saúl Morales Rodriguéz in computing | Leave a Comment on Incomplete Patch in NVIDIA Toolkit Leaves CVE-2024–0132 Open to Container Escapes

Apr 11
2025

Incomplete fix for CVE-2024–0132 in NVIDIA Toolkit leaves Linux Docker hosts vulnerable to container escapes and DoS attacks.

Read more | >

Malicious npm Package Targets Atomic Wallet, Exodus Users by Swapping Crypto Addresses

Posted by Saúl Morales Rodriguéz in futurism | Leave a Comment on Malicious npm Package Targets Atomic Wallet, Exodus Users by Swapping Crypto Addresses

Apr 11
2025

Malicious npm package pdf-to-office trojanizes Atomic Wallet, Exodus apps to steal crypto funds, persisting after deletion.

Read more | >

Europol Arrests Five SmokeLoader Clients Linked by Seized Database Evidence

Posted by Saúl Morales Rodriguéz in cybercrime/malcode | Leave a Comment on Europol Arrests Five SmokeLoader Clients Linked by Seized Database Evidence

Apr 11
2025

Europol arrested five SmokeLoader customers using seized database links, exposing cybercrime’s hidden demand chain.

Read more | >

Case Study: Are CSRF Tokens Sufficient in Preventing CSRF Attacks?

Posted by Saúl Morales Rodriguéz in cybercrime/malcode | Leave a Comment on Case Study: Are CSRF Tokens Sufficient in Preventing CSRF Attacks?

Apr 11
2025

As websites incorporate more third-party tracking technologies, robust CSRF attack prevention becomes paramount. This case study illustrates how a misconfigured third-party vendor exposed CSRF tokens on a major retailer’s website, highlighting the risks of inadequate third-party security.

The Problem

A misconfiguration allowed a third-party pixel used by a major online retailer to access CSRF tokens and authentication tokens, which, as we noted, are critical security elements for preventing unauthorized actions. This exposure transmitted the tokens to remote third-party servers, creating a significant vulnerability that risked potential data breaches.

Read more | >

AkiraBot Targets 420,000 Sites with OpenAI-Generated Spam, Bypassing CAPTCHA Protections

Posted by Saúl Morales Rodriguéz in cybercrime/malcode, robotics/AI | Leave a Comment on AkiraBot Targets 420,000 Sites with OpenAI-Generated Spam, Bypassing CAPTCHA Protections

Apr 11
2025

AkiraBot spammed 80,000 websites since September 2024 using GPT-4o-Mini, evading CAPTCHA with proxy tactics.

Read more | >

Sensata Technologies hit by ransomware attack impacting operations

Posted by Saúl Morales Rodriguéz in cybercrime/malcode, encryption | Leave a Comment on Sensata Technologies hit by ransomware attack impacting operations

Apr 11
2025

Sensata Technologies (known as Sensata) has suffered a ransomware attack last weekend that encrypted parts of the company network and disrupted operations.

In an 8-K filing to the U.S. Securities and Exchange Commission (SEC), Sensata says that the attack occurred on Sunday, April 6, and involved data theft, too.

“The incident has temporarily impacted Sensata’s operations, including shipping, receiving, manufacturing production, and various other support functions,” reads the notification.

Read more | >

Hackers exploit WordPress plugin auth bypass hours after disclosure

Posted by Saúl Morales Rodriguéz in robotics/AI, security | Leave a Comment on Hackers exploit WordPress plugin auth bypass hours after disclosure

Apr 11
2025

Hackers started exploiting a high-severity flaw that allows bypassing authentication in the OttoKit (formerly SureTriggers) plugin for WordPress just hours after public disclosure.

Users are strongly recommended to upgrade to the latest version of OttoKit/SureTriggers, currently 1.0.79, released at the beginning of the month.

The OttoKit WordPress plugin allows users to connect plugins and external tools like WooCommerce, Mailchimp, and Google Sheets, automate tasks like sending emails and adding users, or updating CRMs without code. Statistics show that the product is active on 100,000 websites.

Read more | >

Microsoft releases emergency update to fix Office 2016 crashes

Posted by Saúl Morales Rodriguéz in security | Leave a Comment on Microsoft releases emergency update to fix Office 2016 crashes

Apr 11
2025

Microsoft has released an out-of-band Office update to fix a known issue that caused Word, Excel, and Outlook to crash after installing the KB5002700 security update for Office 2016.

The company acknowledged these problems following user reports on social media that Office apps no longer open after applying the April 2025 security updates.

“We’re experiencing an issue on Windows 10 with Office 2016 where Word and Excel no longer open,” one impacted Office user said.

Read more | >