Connect with us
DAPA Banner
DAPA Coin
DAPA
COIN PAYMENT ASSET
PRIVACY · BLOCKDAG · HOMOMORPHIC ENCRYPTION · RUST
ElGamal Encrypted MINE DAPA
🚫 GENESIS SOLD OUT
DAPAPAY COMING

Tech

Newly discovered PamStealer isn’t your typical macOS malware

Published

on

Researchers have found a never-before-seen piece of macOS malware that combines a series of clever tradecraft to infect Macs with stealthy, custom-developed credential-stealing code.

The malware is delivered in two stages. The first is distributed in a disk image that masquerades as Maccy, a clipboard manager for Macs. It’s compiled as AppleScript that is notable for the way it delivers the second stage. The malware is named PamStealer because the Rust-written infostealer uses the Pluggable Authentication Modules interface built into macOS to validate the target’s login password before sending it to an attacker-controlled server.

A quieter execution chain

The use of both disk image and AppleScript is common in malware for Macs. More unusual is the way PamStealer combines them to gain stealth. When the AppleScript is double-clicked, it’s opened in the macOS Script Editor, where the malicious functionality is buried deep within the file.

“Rather than relying on shell commands such as curl or zsh, the AppleScript executes a self-contained JavaScript for Automation (JXA) downloader that retrieves and stages the payload using native Objective-C APIs,” researchers from Jamf, a security firm for macOS users, wrote. “Combined with a Rust-based second stage and a password capture workflow that validates credentials locally through PAM, the result is a quieter execution chain than we typically observe in commodity macOS stealers.”

Advertisement

When a user, expecting to install a trustworthy clipboard manager, encounters the disk image, they’re prompted to press Command-R immediately after double-clicking it. This command executes malicious code inside the AppleScript directly. It also allows the execution to bypass com.apple.quarantine, a macOS attribute that provides warnings and restrictions when executable files have been downloaded from the Internet.

As Jamf explained:

PamStealer combines a recently emerging delivery surface with a less familiar payload. While the clickable .scpt and Script Editor lure build on tradecraft that is already gaining adoption across the macOS threat landscape, the malware distinguishes itself through a self-contained JXA dropper, a Rust-based second stage, and a password capture workflow that validates credentials locally through PAM before harvesting them. That second stage puts considerable effort into staying hidden, masquerading as Finder, encrypting its command-and-control traffic, and holding back prompts like the Full Disk Access request for as long as forty minutes so its activity does not line up with launch. Together, these behaviors illustrate how commodity macOS stealers continue to evolve, adopting quieter execution chains and native implementations that reduce traditional detection opportunities while remaining compatible with standard macOS features.

The first stage puts its payload inside an app bundle that impersonates real components built into macOS. The component changes from sample to sample of the malware. Finder.app under com.apple.finder.core or com.apple.finder.monitor, and a Software Update.app under com.apple.security.daemon, are two examples. In either case, they run hidden. They also display macOS’s genuine Finder.icns as its icon.

Advertisement

Source link

Continue Reading
Click to comment

You must be logged in to post a comment Login

Leave a Reply

Tech

Boeing’s autonomous air taxi subsidiary faces a whistleblower lawsuit over rushed software testing

Published

on

TL;DR

A former Wisk Aero software manager is suing the Boeing subsidiary, alleging she was fired for flagging cuts to FAA-required testing.

A former software manager at Wisk Aero, Boeing’s autonomous air taxi subsidiary, has filed a lawsuit alleging she was fired after raising internal safety concerns about reduced software testing, the Seattle Times first reported. Briahna O’Neill filed the suit in Santa Clara Superior Court, claiming wrongful termination and discrimination. According to the complaint, O’Neill submitted two internal safety reports alleging that company executives pushed engineers to cut FAA-required software testing in order to meet a 2025 test flight deadline.

O’Neill says she was terminated in March 2025, weeks after filing her second internal complaint. Wisk said it cannot comment on ongoing litigation, and Boeing declined to comment on the matter. The allegations have not been proven in court, and the case is in its early stages.

Wisk was founded in 2019 as a joint venture between Boeing and Kitty Hawk, the air taxi company backed by Google co-founder Larry Page, and is now a wholly owned Boeing subsidiary. The company is developing a fully autonomous electric air taxi designed to fly without any pilot on board, supervised remotely by a single operator overseeing up to three aircraft at once. That approach sets it apart from competitors like Joby Aviation, which uses a piloted model and is the furthest along in the FAA certification process.

Advertisement

The 💜 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol’ founder Boris, and some questionable AI art. It’s free, every week, in your inbox. Sign up now!

Wisk’s Generation 6 aircraft completed its first flight in December 2025, and a second prototype flew in May 2026, doubling its test fleet. The company is one of eight selected for the FAA’s eVTOL Integration Pilot Program, which launched in March 2026 and allows supervised commercial testing across 26 states over a three-year period. Wisk is preparing for operations in Texas as part of that programme.

The lawsuit lands at a difficult moment for Boeing’s broader safety reputation. The company has faced 32 whistleblower complaints filed with OSHA since 2020, according to federal records, and a Senate subcommittee has held hearings on what it described as Boeing’s “broken safety culture.Corporate retaliation against employees who raise concerns has become a recurring theme across the tech and aerospace industries, with legal actions multiplying in recent years.

Advertisement

Whether O’Neill’s allegations hold up in court remains to be seen, but for Wisk the timing is particularly sensitive. The company is asking the FAA to certify the first fully autonomous passenger aircraft in the United States, a process that depends entirely on regulators’ confidence that its software systems meet the highest safety standards. A lawsuit alleging that those same software testing requirements were deliberately weakened to hit an internal deadline raises exactly the kind of question the FAA will need to answer before any certification is granted.

Source link

Advertisement
Continue Reading

Tech

More IPO Fluffing: Musk’s Starlink Hints At Becoming Full Wireless Phone Company

Published

on

from the pie-in-the-sky dept

Last month, SpaceX began making lobbying filings in support of phone unlocking rules making it easier to switch your phone between wireless providers. You might recall that the Biden FCC was on the cusp of installing such rules before the Trump administration, hand in hand with giant telecoms, dismantled them (Trump’s FCC will have to decide whether they love Verizon/AT&T/T-Mobile or Elon Musk more).

SpaceX’s push now makes a little more sense with the company saying it is “considering” launching a Starlink retail product and could eventually build its own terrestrial US mobile network:

“The company’s president and chief operating officer, Gwynne Shotwell, told investors during a recent IPO roadshow that the group was considering launching a Starlink retail product and could build its own terrestrial US mobile network, according to four people familiar with the matter.”

To be clear, I think a lot of this is simply more bullshit to justify the insane SpaceX IPO valuation. But the fact SpaceX has lobbied for phone unlocking rules suggests there is at least some kernel of real curiosity about an actual plan.

One major problem for SpaceX and Starlink is that Starlink is already too congested to handle the traffic they currently deal with. They’re already struggling under the load of 10 million low-Earth orbit (LEO) satellite users; the idea, as proposed in their IPO prospectus, that they’ll very quickly surge to more than 300 million subscribers was already the stuff of fantasy.

Advertisement

But when it comes to building out a cellular network to reach that goal, they simply don’t have the spectrum for this kind of thing:

“New Street Research estimates that the three US mobile network operators have a total of about 1,020MHz of spectrum, while SpaceX has just 65MHz.”

Building out telecom networks is a massive, costly, and expensive chore. Even when you own a government. Directly threatening AT&T and Verizon — some of the most politically powerful companies in the country — wouldn’t be a cake walk, even for Musk. And while Musk clearly has influence at the FCC (remember that time he got Brendan Carr to launch a fake investigation to acquire more spectrum?), turning Starlink into a full wireless/cellular/satellite carrier would be very slow and very expensive.

So if you were a logic-driven investor you’d likely and correctly view this as a costly money pit with no returns anywhere on the horizon. The only real way to make it work would be to acquire somebody like T-Mobile, which would cost billions, take years to integrate, and face all sorts of operational and political challenges — especially if the economy is going to break (further) or control of Congress shifts.

So while a Starlink jump into wireless is certainly possible, I think it’s more likely that this is just putting a toe in the water in a way that might help them extract more favorable terms from their existing cellular partners (they currently offer an “out of range” option via T-Mobile). It’s also likely more IPO fluffing by people who know U.S. journalists and investors no longer truly inhabit operational reality.

Advertisement

Filed Under: cellular, competition, congestion, elon musk, fcc, phone unlocking, satellite, telecom, wireless

Companies: spacex, starlink

Source link

Advertisement
Continue Reading

Tech

Daily Deal: MYNT3D Professional Printing 3D Pen with OLED Display

Published

on

from the good-deals-on-cool-stuff dept

The MYNT3D 3D Printing Pen is a handheld creative tool that allows users to draw in three dimensions using heated plastic filament. Instead of printing from a machine, this pen lets you manually create 3D objects by extruding melted plastic that quickly hardens. It uses FDM technology similar to 3D printers and is designed for applications like crafting, prototyping, and artistic modeling. The kit includes the pen, PLA filament, and a power adapter, making it ready to use out of the box. Its main features include adjustable temperature control, allowing precise material handling for different effects and variable speed control for smoother, more accurate drawing. It also has an OLED display for monitoring settings and a slim, ergonomic design for comfortable use during extended sessions. It’s on sale for $40.

Note: The Techdirt Deals Store is powered and curated by StackSocial. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Filed Under: daily deal

Source link

Advertisement
Continue Reading

Tech

News – CNET

Published

on

Darren Aronofsky’s ‘1776’ AI Video Series Is Unhinged, and I Can’t Look Away


1 hour ago

Goodbye, Energy-Saving Appliances? US Eyes Efficiency-Rule Rollback


2 hours ago

Amazon Has New AI Chips for Home Tech Devices and Future Mobile Gadgets


2 hours ago

SpaceX Secretly Unveiled New AI Device to Investors. Is It a Phone or Not?


3 hours ago

Advertisement

‘Does He Think He’s Real?’ Social Media Reacts to Trump’s Talk With AI Teddy Roosevelt


4 hours ago

Government-Backed AI? OpenAI Reportedly in Talks Over US Equity Stake


4 hours ago

Apple Reportedly Revamping iPad Pro Lineup and Building More Foldables


4 hours ago

Google Has Been Fighting a Gargantuan Fine in Court. The Final Verdict? It Must Pay Up


8 hours ago

Advertisement

New Poll Connects Social Media and Chatbots With Spread of Vaccine Misinformation


12 hours ago

Winners of the 2026 iPhone Photography Awards Redefine the Notion of ‘iPhone Photos’


13 hours ago

I Did the Scrolling So You Don’t Have To: Here Are the 70+ Best Fourth of July Deals


18 hours ago

56% of US Adults Would Support a Social Media Ban for Teens


1 day ago

Advertisement

Major Apple Bug Appears to Disclose All Real Emails for ‘Hide My Email’ Users


1 day ago

Meta Limits the Usage of an AI Glasses Feature, Even if You Pay for a $20 Subscription


1 day ago

Record-Breaking Heat Waves Continue in the US. How to Stay Safe


1 day ago

Advertisement

Source link

Continue Reading

Tech

How to watch Switzerland vs Algeria: Free Streams & TV Channels at World Cup 2026

Published

on

After two contrasting group-stage campaigns, Switzerland and Algeria will now meet in a round-of-32 World Cup 2026 clash in Vancouver.

Switzerland’s road to the knockouts has been relatively smooth. Since conceding a late equalizer to Qatar, Murat Yakin’s men bossed Bosnia and Herzegovina 4-1 before beating co-hosts Canada 2-1 in their final group-stage match. Johan Manzambi has three goals and an assist, despite starting the tournament on the bench, and the 20-year-old Newcastle target will likely again be the Nati’s prime goal threat. Granit Xhaka will lead by example in midfield.

Advertisement

Source link

Continue Reading

Tech

A leaked Microsoft experiment reveals a new OS built entirely around Copilot and AI agents

Published

on


Back when Copilot was still a brand-new AI experience, Microsoft was already trying to turn the service into a cloud-based OS. That experiment appears to be long gone now, but Microsoft is apparently still trying to bring Copilot everywhere, despite stating otherwise.
Read Entire Article
Source link

Continue Reading

Tech

iFixit Shows How Replacement iPhone Batteries Take Shape Inside a Chinese Factory

Published

on

iFixit How iPhone Replacement Batteries are Made
A visit by iFixit to one of China’s large battery production sites offers a rare look at how replacement batteries for iPhones actually get finished and tested. The team captured the work on video, showing lead teardown technician Shahram Mokhtari walking through the final assembly steps that turn a bare lithium-polymer cell into a complete, safe pack ready for installation.



The facility operates on a massive scale, manufacturing approximately 13 million battery cells per month. These cells begin life as a stack of dozens of ultra-thin layers that are sealed to extremely tight tolerances, ensuring that the chemistry inside remains stable and efficient throughout years of continuous use. Quality control tests are performed at each stage to detect any potential problems that could affect capacity, heat buildup, or long-term reliability, down to the smallest details that can make a significant difference.

Sale


UGREEN Nexode Power Bank 20000mAh 165W with Built-in USB C Cable Laptop Travel Portable Charger, 100W…
  • 25.6-inch Retractable Cable (65cm) – Built-in & Clutter-Free: Stay organized during business travel. The integrated 25.6inch (65cm) retractable…
  • 165W Max Output – Dual Device Power Without Compromise: Charge your MacBook Pro and iPhone simultaneously with 100W + 65W output. Efficiently handle…
  • 100W Fast Recharging – Fully Recharged in Just 1.9 Hours: Quick top-ups between flights or overnight hotel stays. With 100W max input, this power…

When a finished cell reaches the assembly area, the true integration begins. Rows of blank battery management system boards, or BMS boards, are waiting to be programmed. A machine places a contact pin into each board and applies the firmware that protects the cell from damage. That software protects the battery from overcharging or overdischarge, monitors the temperature, and delivers correct health data to the phone. Without it, even raw cells cannot be trusted to function securely within an iPhone.

Advertisement

iFixit How iPhone Replacement Batteries are Made
The next step is attachment, which involves a machine pressing a programmed BMS board and its flexible cable onto the bare cell extremely nicely. It’s critical that the connection is solid but small, as any misalignment at this step could come back to get you later when the battery needs to fit into an iPhone. Folding follows, with workers or machines folding the BMS board down twice to fit snuggly against the cell. The edges are wrapped with Kapton tape to prevent any exposed contacts from contacting and causing a short, and the sticker machine applies a little label that folds back on itself to keep the board in place and from shifting during handling or installation.

iFixit How iPhone Replacement Batteries are Made
Now it’s time to remove the protective films that were applied to both sides of the cell during early manufacture. Those films have kept the surfaces pristine up until now. Removing them prepares the battery for the adhesive strips that will keep it securely in place within the iPhone case. Quality control must be nearly excellent at this time. A testing machine takes the battery through a variety of checks, including impedance, capacity, and overcurrent tests, and returns a simple pass or fail result. A pass indicates that the battery is in good working order and will behave as expected in a genuine device, whereas failed batteries are removed.

iFixit How iPhone Replacement Batteries are Made
Mohktari then plugs the finished battery with a diagnostic tool. The screen displays all of the live data obtained directly from the BMS, such as the current charge level, condition of health, temperature, design capacity, and actual maximum capacity. It’s all the proof you need to know the battery will function correctly, just like a fresh new pack in a phone. The final step in preparation is to apply the adhesive pull strips that Apple uses to secure batteries inside iPhones. Those strips allow technicians to cleanly remove the old battery during a repair and secure the new one without adding excessive bulk. To ensure that everything works properly, the completed battery is inserted into an actual iPhone, which switches on without a hitch, demonstrating that the pack works from start to finish. Every step up to that point has been taken to ensure that the last bit happens as planned.

Source link

Continue Reading

Tech

Claude Fable 5 isn’t permanently leaving subscriptions, Anthropic says

Published

on

claude

Anthropic says Claude Fable 5 won’t be accessible via Claude subscriptions after July 7, but it’s not a permanent change, and the company expects the model to return outside the usage-based plan soon.

Fable 5 was recently restored after the US government lifted export controls on Anthropic’s most powerful models, Fable 5 and Mythos 5.

As part of the redeployment, Anthropic said Fable 5 would be available globally on Claude.ai, Claude Code, Claude Cowork, and the Claude Platform.

image

However, Anthropic has restricted Claude Fable usage due to high demand, and plans to move the model to usage-based billing next week.

“For Pro, Max, Team, and select Enterprise plans, Fable 5 will be included for up to 50% of weekly usage limits through July 7, after which it will be available via usage credits,” Anthropic said in its original blog post.

Advertisement

That line led to concerns that Fable 5, Anthropic’s most powerful model, was becoming a permanent pay-to-play upgrade for regular Claude users.

However, a Claude Code lead engineer has now clarified that Fable is expected to return to subscriptions once Anthropic has enough capacity.

“I’ve heard a lot of questions about Fable’s availability on subscription plans,” the engineer wrote in a post on X. “While it will come off subscriptions after July 7th, we aim to restore Fable as a standard part of our subscriptions as soon as capacity allows, as we mentioned in our original blog post.”

Anthropic says Fable 5 demand is difficult to predict

In its announcement, Anthropic said it expects demand for Fable 5 to be “very high, and difficult to predict.”

Advertisement

The company said Fable 5 is fully available today on the Claude API and consumption-based Enterprise plans, but access on subscription plans is being handled more conservatively.

“For subscription plans, we’d rather give access sooner than later, so we’re rolling out more conservatively, in stages,” Anthropic said.

Anthropic also said that after the included subscription window ends, it aims to restore Fable 5 as a standard part of subscription plans “when sufficient capacity allows us to do so.”

For now, Claude users who rely on Fable 5 should expect usage-credit billing after the deadline, and there’s nothing you can do about it.

Advertisement

article image

Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.

The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.

Get the whitepaper

Source link

Continue Reading

Tech

Meta Has Released An App For Making Generative AI Games

Published

on

Vibe-coding right in your Pocket.

Meta appears to have soft-launched a new app called Pocket that’s aimed at getting people to vibe-code their own minigames. Mobile developer and reverse engineer Alessandro Paluzzi spotted Pocket and posted about it to X today, but reporting platform AppFigures told TechCrunch that the app has been available on both iOS and Android since June 29. Though the app is listed publicly, it’s not available in the US on any of the half dozen phone models associated with our Google accounts, and a help page on Meta’s site says “the Pocket app is not yet available everywhere.” 

The company has not made any public announcement yet about the launch or where the app is being trialed. We’ve reached out for comment and will update this post if we receive a response.

From cosmetic tweaks to a standalone app for AI slop, Meta has been going gangbusters on getting artificial intelligence into its services in the past year. TechCrunch suggested that Pocket may be the result of the company wholesale hiring the team behind of Gizmo, an app that used AI to create interactive experiences based on prompts from users, earlier this year. Pocket uses that exact same nomenclature, dubbing itself “a creative platform for making and sharing gizmos” in the app listing, and the Play Store shortcode of “com.facebook.gizmo” does little to dispel the notion either.

Advertisement

Source link

Continue Reading

Tech

Claude Fable relaunch disappoints users with nerfed performance

Published

on

Claude

Claude Fable, the company’s most powerful model, is now available to all users, but early impressions are disappointing, as it appears to be nowhere near the original release.

When the Department of Commerce announced that it was lifting the ban on Claude Fable, I was holding my breath and counting seconds for the model to show up on Claude Code. I had also loaded up my usage-based credit wallet, just in case the model debuted as strictly usage-based.

To our surprise, Claude Fable shipped for everyone, including those with a $100 Max subscription, but there are multiple restrictions.

image

According to Anthropic, while Fable 5 is included in Max, Pro, and Team plans, it is heavily capped.

For example, you can use Fable for up to 50% of your weekly usage limits, which is not significant for such a powerful model. But it’ll get worse after July 7, as the model will transition entirely to a pay-to-play system via usage credits.

Advertisement

However, the real gut punch is the degraded performance, or as famously used in the AI community, the “nerfed” performance.

On Reddit, users are reporting that the restored Fable 5 feels weaker, or is simply being routed through stricter safety systems more often than before.

“The new guardrails are kicking in on way too many tasks and falling back to Opus 4.8,” one user wrote in a Reddit post. “This is not the model that got banned.”

The problem is not just limited to Claude desktop, as Claude Code is also struggling with similar issues.

Advertisement

One user said Fable “didn’t even let me search for dead code without switching to Opus,” while another said it was “very very obvious” when the fallback triggers because Claude tells the user and visibly shifts to Opus.

Another developer claimed the model was unusable for some systems-level coding work, saying that C, C++, Rust, Win32 API references, memory-related work, and files mentioning words like “security,” “vulnerable,” “unsafe,” or “hook” appeared to trigger a fallback or block.

Fable 5 may still be powerful when it actually handles the task, but the restored version appears to be far more sensitive to prompts, project files, and security-adjacent language.

However, BleepingComputer understands that the model itself has not been nerfed. Instead, it is likely that Anthropic is being extra careful with the safety guardrails, which is negatively affecting Fable’s daily use cases.

Advertisement

In fact, we observed that Fable is sometimes routed to Opus 4.8 even when the task does not appear to be a safety risk.

Anthropic has said that its updated safeguards rely on a large “safety margin,” which could explain the subpar experience some users are seeing with Fable.

Anthropic hasn’t acknowledged the reports of false positives yet, but it’s likely the company is aware of the problem and will address it in a future update.


article image

Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.

The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.

Advertisement

Get the whitepaper

Source link

Continue Reading

Trending

Copyright © 2025