Connect with us
DAPA Banner
DAPA Coin
DAPA
COIN PAYMENT ASSET
PRIVACY · BLOCKDAG · HOMOMORPHIC ENCRYPTION · RUST
ElGamal Encrypted MINE DAPA
🚫 GENESIS SOLD OUT
DAPAPAY COMING

Tech

Electroplating 3D Prints Without Requiring A Big Vat

Published

on

Electroplating 3D prints is a good way to get a pretty nice coating on even a basic PLA part, but generally you’re expected to dunk the entire part into a big vat with electrolyte after coating it with the requisite conductive paint layer. This is great for small parts, like a ring you’d put on a finger, but gets rather silly when it’s a much larger part, such as the one in [Hendrik]’s recent video. Out of curiosity he tried to see whether rotating the part through a much smaller vat would still get you an even coating, or not.

Perhaps ironically this process required building a custom vat out of acrylic, as well as an entire rig to hold up the part and gently rotate it. This highlights the main disadvantage of this approach, in that unless you’re doing a small production run or otherwise get to re-use the rig a lot it’s a lot of extra effort.

That said, the rotation is controlled by an ESP32 and a stepper motor along with a requisite stepper driver, with the most exotic part being the whole custom PCB and enclosure, all of which can be used repeatedly. With all of that tested and confirmed working, the part to be plated was sanded, sprayed with conductive paint and hooked up to the rotating rig for an overnight run.

Advertisement

Following that the part’s new copper coating was polished before more layers of electroplating were applied to get the desired two different colors from different metals. Along the way no issues were found with this method of rotating electroplating, so if you regularly struggle with oversized parts to electroplate, this would seem to be a viable method.

Advertisement

Source link

Continue Reading
Click to comment

You must be logged in to post a comment Login

Leave a Reply

Tech

Mount Royal University confirms breach as hackers claim attack

Published

on

Mount Royal University confirms breach as hackers claim attack

Mount Royal University in Calgary says hackers stole and then deleted data from its file storage systems after breaching the university’s network.

In an update published on its website, MRU states that it has engaged technical teams and external cybersecurity experts to investigate the incident and to support recovery efforts following a cyberattack on June 17.

The incident disrupted a broad range of university systems, including online services, internet access, and certain internal systems.

image

MRU is a public university with a history of more than 100 years. It currently has 11,560 students and 12,500 undergraduates.

So far, the investigation confirmed that the attacker stole data stored on a drive used by students and employees for file storage, and the original copies were wiped to disrupt recovery operations.

Advertisement

“We regret to inform our community that our investigation has now shown that data within certain folders on the University’s “H drive” was accessed and taken by an unauthorized actor,” reads the announcement.

The university specified that the incident affected certain folders on the H drive, which contained information affecting current and former students, current and former employees of the university, and an unspecified category of “other individuals.”

Additionally, the attackers also wiped a separate drive, labeled “J,” which stored departmental data. “There is currently no evidence that J drive data was accessed or copied before it was deleted,” MRU says.

“We are still working to recover deleted J drive data, but a full recovery may not be possible.”

Advertisement

The university stated that the incident has been reported to the Alberta Information and Privacy Commissioner and to law enforcement authorities.

The university states that the exposed data varies by person, and because it has been deleted, determining the exact impact for each individual is complicated and will take time.

Once impacted individuals are identified, they will be contacted directly via personalized notifications.

CMD Organization claims the attack

The MRU attack was claimed by the threat group CMD Organization, which has published samples of the allegedly stolen data, including passport scans and other sensitive documents.

Advertisement

The threat actor asked for a 30 BTC ransom, currently around $1.9 million, and gave the university six days to respond before leaking the full set of stolen information.

CMD Org. extortion site
CMD Organization extortion site
Source: BleepingComputer

CMD Organization appears to use an auction-style system, offering to sell the stolen data exclusively to the highest bidder. The threat group currently lists 30 organizations on its extortion site and operates both a clear web and a dark web portal.

MRU said that the recovery of the affected systems may take between several weeks and months and will provide updates as soon as new details become available.

The university is also offering two years of credit monitoring and identity theft protection to all current employees and individuals employed in the past five years.


article image

Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.

The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.

Advertisement

Get the whitepaper

Source link

Continue Reading

Tech

An Analog Synth For The Modern World

Published

on

We cover so many projects here at Hackaday that lead the author down a rabbit hole of technological investigation that distracts us from the task of bringing them to you. Such a project is polyUAnalog, a very modern take on an analogue synthesizer. If you are imagining a synth of old with modules and patch cables, think again. The modern way to do this is it seems to use an individual synthesizer chip for each voice, resulting in a very versatile instrument indeed.

The integrated circuit in question is the AS3397, which when coupled on a PCB with a Raspberry Pi Pico makes for a self-contained single-voice analog synth. It’s controlled via I2C from a conductor board for which frustratingly the README doesn’t give a processor, but we think may be powered by another Pi Pico. This board does the job of taking MIDI and other controls, and farming them out tot he individual voices. The prototype has ten, but it can support many more.

It’s the work of a pair of researchers from the University of Angers in France, and we’re told it’s a side project from their work in the field of spectroscopy. There’s a video about it which we’ve placed below the break, and they’ve also written a paper about it.

Advertisement

Source link

Advertisement
Continue Reading

Tech

What Did ISTELive 26 Teach Us About Relational Intellige

Published

on

Ira Apfel sits down with Sarah McKibben, Editor-in-Chief of EdSurge to close out a full week of coverage from ISTELive 26 in Orlando. This conversation is a recap of everything that stood out once the keynotes ended and the convention floor quieted down, from a new idea called relational intelligence to a phrase about AI slop that stuck with educators all week. It only scratches the surface of what the EdSurge team gathered on the ground. Many more conversations recorded live at the conference are set to roll out across upcoming episodes in the weeks ahead. Listen now to hear what Apfel and McKibben took away from ISTELive 26 before the rest of the coverage arrives.

Listen to the episode.

Stories Mentioned in This Episode

This is a special recap episode from ISTELive 26 in Orlando where Ira and Sarah reflect on the hallway conversations, speaker presentations, and podcast interviews they enjoyed throughout the week. Featured speakers include:

Advertisement

This Week with EdSurge is a weekly podcast from EdSurge. Subscribe to the EdSurge newsletter for more news and analysis on education and technology.

Source link

Continue Reading

Tech

Your child isn’t the only one addicted to a phone, says new study

Published

on

For years, conversations around screen time have focused almost entirely on children. How much YouTube is too much? Should teenagers be on social media? When should a child get their first smartphone? A new study suggests we may have been asking the wrong question.

According to research published last month in the peer-reviewed journal Frontiers in Psychology (via Bloomberg), it’s not just children’s screen habits that matter. Parents who are constantly distracted by their phones may unintentionally weaken their emotional bond with their children, potentially leaving lasting developmental and psychological effects. The study surveyed 600 U.S. adolescents aged 12 to 17, many of whom reported feeling ignored or sidelined when their parents were absorbed in their devices.

The phone isn’t the problem. Feeling ignored is

The researchers found that excessive phone use by caregivers can contribute to what’s known as “insecure attachment” — a pattern that may make children more anxious, avoidant, and less confident in relationships later in life. According to Don Grant, a media psychologist, addiction expert, and fellow of the American Psychological Association, those effects can persist well into adulthood if left unchecked.

It “could really unfavorably impact their attachment security, which they will carry for life,” Grant said.

Grant described the issue as more than simply spending too much time on a phone. It’s about being physically present but emotionally absent. One example from the study highlights parents who proudly attended every recital or sports match, only for their children to remember them as constantly looking down at a screen instead of watching the moment unfold.

Why does this study feel different?

We’ve previously covered how excessive screen time and social media can affect children. What’s different here is that the researchers turn the spotlight onto parents instead. Their work represents one of the most comprehensive studies examining how children perceive their caregivers’ technology habits and how those habits shape the parent-child relationship.

Advertisement

The findings also build on growing research around “technoference” — the idea that digital devices quietly disrupt face-to-face relationships. While earlier studies largely examined its impact on romantic partners, this research suggests the same pattern may be playing out between parents and their children. It also aligns with broader trends. For instance, Bloomberg notes that nearly half of American teenagers surveyed by the Pew Research Center in 2024 said their parents were at least sometimes distracted by a phone during interactions, even though far fewer parents believed it was happening.

The funny thing is that we’ve spent years worrying about children becoming glued to their screens. This study flips that conversation on its head, suggesting the bigger issue may be what children see when they look up. After all, the moments kids tend to remember aren’t the ones spent staring at a screen, but the ones when the people they wanted to connect with were staring at theirs.

Source link

Advertisement
Continue Reading

Tech

Messi and Ronaldo Are Building Tech Portfolios. Mo Salah Is Playing a Different Game

Published

on

Lionel Messi, Cristiano Ronaldo, and Mohamed Salah have spent the past two decades defining one of soccer’s greatest eras. Now, as the 2026 FIFA World Cup marks Ronaldo’s final appearance at the tournament and another defining moment in the careers of Messi and Salah, they’re also preparing for life beyond the pitch.

Before Messi’s Argentina beat Salah’s Egypt in one of the tournament’s best matches on Tuesday, Salah was asked which player he would choose for one final “last dance” from a generation that included both Messi and Ronaldo. He chose Messi without hesitation. The answer carried extra weight given that Ronaldo had already confirmed this would be his final FIFA World Cup before Portugal’s Round of 16 defeat to Spain, bringing an end to his six-tournament World Cup career.

Away from football, however, the players’ futures are beginning to diverge. Messi and Ronaldo have increasingly embraced equity stakes in AI, health tech, and startup companies, while Salah has largely stuck to a more traditional mix of commercial partnerships, property, and philanthropy.

That shift has accelerated over the past decade as venture capital firms and startups increasingly seek celebrity investors who bring more than money. A footballer with hundreds of millions of followers can offer global reach, credibility, and distribution that few traditional investors can match.

Advertisement

“The shift from traditional sponsorship agreements towards equity stakes and startup investments reflects a broader focus on long-term wealth creation and financial security beyond an athlete’s playing career,” says Kamraan Khan, a partner at Dubai-based firm Archers Valuation and Advisory.

Over the past decade, elite athletes have increasingly traded one-off endorsement fees for ownership stakes in companies, joining a broader trend that has seen sports stars become investors rather than just brand ambassadors. In October 2022, Messi launched Play Time HoldCo, a San Francisco–based investment firm alongside entrepreneur Razmig Hovaghimian, founder of video-streaming platform Viki, which had earlier been acquired by Rakuten. The firm’s goal is simple: invest in companies operating across sports, media, and technology.

“While sponsorships typically generate income during an athlete’s peak earning years, equity investments can provide the potential for capital appreciation and, where applicable, future dividend income, helping to build more sustainable wealth after retirement,” notes Khan.

Initially reported to be targeting roughly $200 million, Play Time has since assembled a portfolio that increasingly resembles a Silicon Valley venture fund.

Advertisement

Per Play Time’s website, its bets include FieldAI, Fish Audio, World Labs, Perceptron, Intangible, and SuperAnnotate, alongside sports-specific investments in the FIFA-licensed mobile game Matchday and the memorabilia marketplace AC Momento.

Outside Play Time, Messi also holds an equity stake in fantasy football platform Sorare, which lets users buy and trade officially licensed digital player cards, and joined the ownership group of KRÜ Esports, the Valorant and Rocket League organization founded by his former Argentina teammate Sergio Agüero. His three-year, reportedly $20 million deal to serve as global ambassador for the blockchain fan-token platform Socios.com is a paid promotional contract, not an undisclosed equity stake.

As part of his landmark 2023 move to Inter Miami, Messi received an ownership component alongside his salary and signing bonus—an unprecedented arrangement in Major League Soccer. While reports have speculated about the size of that stake, neither the club nor MLS has publicly confirmed the details.

Sportico valued Inter Miami at $1.45 billion in February 2026, up 22 percent year-on-year and the highest valuation in MLS history.

Advertisement

If Messi’s investments reflect Silicon Valley’s AI boom, Ronaldo’s are centered almost entirely on health technology—an area that aligns closely with the personal brand he has spent decades cultivating around fitness and longevity.

Ronaldo became an investor in Whoop—the wearable fitness tracker and health analytics company—in May 2024, a deal that Whoop itself called “one of Ronaldo’s most significant investments to date,” after he had already been a paying member for years. “Whoop has become one of the most important tools I use to support my long-term health,” he said at the time. Whoop’s foray into the UAE is backed by both the Qatar Investment Authority and Mubadala Investment Company.

Source link

Advertisement
Continue Reading

Tech

HubSpot backs down over using customer data for AI

Published

on

HubSpot has scrapped a plan to use its customers’ data for a new AI feature, just four days after announcing it. The CRM firm changed its terms on 1 July to pool customer data, including contact and employer details, for a tool that finds sales leads, The Information reported.

It opted users in by default. The backlash came at once.

The objection was less about AI than about consent. Customers argued that the data they had built up in HubSpot belonged to them, not to the company to share around. HubSpot set the default to opt-out. It enrolled everyone unless they hunted down a toggle. That turned a product tweak into a trust problem.

A four-day retreat

The revolt played out mostly on LinkedIn, where sales leaders and RevOps teams piled in. Some said they would switch providers. Within days HubSpot folded.

Advertisement

Chief product and technology officer Duncan Lennox apologised and called the change “a mistake”. He said HubSpot would not implement the new terms, and that any future use of customer data would be opt-in. The plan, in short, is dead.

Advertisement

The bigger nerve it hit

The speed of the climbdown says as much as the policy. Software firms are racing to bolt AI onto their products, and customer data is the obvious fuel. HubSpot is not the first to get burned. Slack drew fire in 2024, and Zoom in 2023, over terms that let them train AI on customer data. What stung this time is that CRM data is a company’s competitive asset, not just its files.

It also shows where power sits. In an era when a business can rebuild a workflow with cheap AI tools, big software vendors have less room to dictate terms. Annoy the customer base and it has more exits than it used to.

Why it matters

The episode is small, but it is a marker. Every SaaS company is weighing how to feed its AI without spooking the people who pay for it. HubSpot just ran the experiment in public, and learned that “opt-out” is now a fighting word.

Advertisement

Source link

Continue Reading

Tech

5 New Harbor Freight Products Available In July 2026

Published

on





The weather is warm, flowers are blooming, and many DIYers are hard at work on summer projects. Whether you’re adding a new deck, building raised garden beds, or constructing your own fire pit, it’s a great time of year to knock some items off of your “to do” list. Harbor Freight quietly dropped some great deals that may make you pull out your wallet even if the holiday sales are over.

There are more than 1,600 Harbor Freight locations across the U.S., but if you don’t have a store near you, many of these deals are also available online. You can find everything from power tools to storage solutions to shop equipment and everything in between, often for lower prices than competitors. Products are often categorized in tiers according to different needs, including casual use and up through more professional jobs. If you change your mind, Harbor Freight offers a 90-day return policy for exchanges or refunds. Proof of purchase is required, and some items are exempt from this policy. Here are five new products that can help you get the job done on time (or at least before winter sets in!) and on budget.

Advertisement

ICON Professional handheld inspection camera

If you’re hard at work renovating a new home or on a tough plumbing job, you may want to invest in a handheld inspection camera. It’s a perfect tool for when you need a look into tight, dark, or other inaccessible space. It can be used for HVAC inspection, taking a peek into your roof or attic, and more. This inspection camera from ICON is currently priced at $179.99. It’s lightweight and has a dual-lens probe and a 5.5 mm camera.

The 4.3-inch LCD screen is backlit to provide a clear image no matter where you’re working. Accessories include a water-resistant probe that comes with a 36-inch cable for maximum reach. When you’re not using the probe, it has integrated cord management for easy storage so you don’t misplace it. This camera also has front and side LED lights to provide maximum illumination. A zippered case for storage is included, along with the necessary four AA batteries. It has a USB-C port if you want to transfer your photos to a computer, and interested buyers should note this camera does not have a slot for an additional SD card.

Advertisement

Bauer Modular Tool Bag

Whether you simply don’t want to spend hundreds of dollars on tool storage or you’re looking for a portable tool bag, this bag from Bauer may be the perfect solution. Nothing will slow a job down faster than having to dig through a disorganized, messy tool bag, but this Bauer product offers several compartments for organization. It is considered a modular solution because it locks into all of the brand’s Modular Storage System components, such as rolling toolboxes or organizers.

Advertisement

The tool bag, which cost $69.99 at time of writing and is sold only in stores, is made from professional-quality, reinforced polyester fabric for durability. It has a main compartment with a wide opening that makes it easy to access and load your tools. The base is freestanding and water-resistant to keep the contents dry and clean, and the padded shoulder strap and handles make the bag easier to transport even when fully loaded.

In addition to the main compartment, this tool bag also has 40 pockets and a removable divider with five additional pockets. There are 12 daisy chain loops to help keep everything in place, and a clip just for your tape measure. You can also use the full-length zippered pockets on the front and back of the bag to store extra gear, towels, or other handy equipment.

Advertisement

BRAUN LED Rechargeable Heavy Duty Clamp Light

When you’re at work on a big job, sometimes you need to turn up the brightness. Harbor Freight offers plenty of lighting solutions, from inexpensive, tiny portable lights to tripod work lights, but it’s hard to beat the versatility of a clamp light. Forget the tangled cords and disposable batteries, the BRAUN LED rechargeable clamp light can be secured onto pipes, work stations, lumber, tables, ladders, and more. The foldable spring clamp also allows you to simply prop the light on the ground or table surface without worrying that it will fall over.

Depending on your needs, you can use this light at low, medium, or high mode. It provides up to 4,200 Lumens and has an adjustable head that swivels 270 degrees and also pivots 60 degrees, allowing you to target the light exactly where you need it. The spring clamp has a heavy-duty design, and the light is both water- and dust-resistant.

This LED light has a rechargeable USB-C battery and can run for 16 hours on a full charge. A battery indicator removes the guesswork and lets you know how much charge remains. It can also be used as an additional power source on your job site, offering a USB-A output for charging your phone, tablet, or other tools. This clamp light was priced at $49.99 at time of writing.

Advertisement

Franklin 22-Foot Ladder With Wheels

A ladder is a ladder, right? The American Ladder Institute begs to differ! Choosing the right type of ladder for your job is important for several reasons. If you’re doing electrical work, for example, you should avoid metal ladders. If you select a ladder that is too short or too tall, you won’t be able to set it up properly, it may not reach, or it may slide out from under you. A multitask ladder like the Franklin 22-foot ladder with wheels is a great option if you want a space-saving option that fits many needs.

Advertisement

This type IAA ladder is professional-grade and can support up to 375 pounds. It is made of aluminum (so avoid those electrical jobs), and offers 31 possible configurations. The wide-flared base provides extra stability, and it has non-slip industrial-grade rubber feet that are safe for most surfaces. It folds flat for storage and transport, and weighs about 42 pounds. Basic setups include an A-frame ladder, an extension ladder and scaffolding. Available in-store only, this ladder costs $219.99.

Advertisement

ATLAS 80V Brushless Cordless Backpack Blower Kit

This ATLAS 80V Brushless Cordless Dual-Port Backpack Blower Kit is a bit of an investment at $499.99, but it’s probably worth it if you have a large yard or do some landscaping work on the side. In addition to yard maintenance, however, you can also use a backpack blower for snow removal and even to dry your car after a hand wash. This kit includes two batteries that together offer 60 minutes of a run time at full throttle, and a charger.

The blower has a padded waist belt and shoulder straps, and the backpack is designed to help evenly distribute the weight. There are two battery ports — you can use one battery at a time, or both for the longest run time. The blower has up to 760 CFM and 190 MPH of power, and a turbo button gives a boost when you need it most. A variable-speed trigger allows you to adjust the power as you work, or a cruise control lever allows you to set it and forget it. The tube has an adjustable length to make it more comfortable to use and for the greatest coverage.

Advertisement



Source link

Continue Reading

Tech

Intel-backed AI chip startup SambaNova breathes new life into aging Nvidia GPUs in latest benchmarks

Published

on

ai and ml

Third-party testing shows heterogeneous compute platform combining H200s and SN50 RDUs churning out 763 tok/s in MiniMax M2.7

Intel’s big bet on SambaNova appears to be paying off in a big way. This week, the AI chip startup shared benchmark results showing its latest generation of AI acceleration, which combines Nvidia GPUs and the company’s accelerators, beating GPU-only inference platforms by a wide margin.

The testing, conducted by the AI benchmarking gurus at Artificial Analysis, showed SambaNova’s SN50-series accelerators, announced in February, churning out 763 tokens a second in MiniMax M2.7 at short context lengths (10,000 input tokens) — several times faster than competing inference providers running on GPUs alone.

Advertisement

Meanwhile, for longer context lengths, the company says that its platform is able to sustain more than 450 tokens a second. 

Benchmark chart comparing SambaNova SN50 accelerators with GPU-only inference platforms.

At short context lengths (10,000 tokens) Artificial Analysis found SambaNova’s heterogeneous compute platform, which combined four H200 GPUs with 16 of its SN50 RDUs was able to achieve decode speed of 763 tok/s in MiniMax M2.7.

This feat was accomplished by combining Nvidia GPUs with SambaNova Reconfigurable Dataflow Units (RDUs) to form a heterogeneous inference platform.

Specifically, the computationally intensive prefill phase of the inference pipeline, during which prompts are processed and key value caches are generated, was handled by four Nvidia H200 GPUs.

Meanwhile, memory-bandwidth-bound decode operations, where output tokens are generated, were done on a single SambaNova rack containing 16 SN50 accelerators.

Advertisement

Disaggregating prefill from decode has become a key lever for reducing token costs for long-running AI agents, like code assistants. Nvidia initially demonstrated this with its NVL72 rack systems, by varying the ratio of GPUs used for prefill versus decode. The company further disaggregated this with its Groq-based LPX racks revealed at GTC this spring. Since then, just about everyone from AMD to AWS and Cerebras has announced some kind of disaggregated or heterogeneous inference platform using one or more accelerators.

With SambaNova’s latest performance figures, the startup hopes to demonstrate how customers can breathe new life into their aging GPU fleets by using its systems as decode accelerators. And because its systems are air-cooled, they can be deployed in existing datacenters — something that can’t be said of Nvidia’s latest generation of Rubin GPUs, which absolutely need liquid cooling.

SambaNova plans to show off even more powerful inference configs, with 128 and eventually 256 accelerators to demonstrate its ability to maintain high token generation rates at high throughput. As we’ve previously explored, this is something that GPUs alone have historically struggled with and one of the key drivers behind Nvidia’s Groq acquihire late last year.

The results come just a month after SambaNova and Intel announced Vector Core Compute would be among the first to deploy the combined GPU + RDU offering with TogetherAI as their first large-scale customer.

Advertisement

Ramping production of any chip isn’t a cheap prospect, but for its fifth-gen part, capital shouldn’t be an issue. On Wednesday, SambaNova completed the first close of a $1 billion Series F funding round led by General Atlantic, giving the AI chip startup an $11 billion valuation. ®

Source link

Continue Reading

Tech

Pi 5 Becomes ALSA-Compatible TOSLINK Sound Card

Published

on

This is one of those hacks that makes you stop in your tracks and say, “wait, you can do that!?” — before realizing, oh, yes, of course you can do that. With enough computational power, you can do a lot of things, and the Raspberry Pi 5 is a far cry from the single-board computer’s humble beginnings. In this case, the “you can do that!?” is both that [Oliver] was able to get the digital audio TOSLINK working via an LED tied to one GPIO pin on the Pi, but also the larger project that is embedded in: using the Pi as a full featured 8-channel USB sound card called Camilla DSP.

For the first one: the old TOSLink standard is very simple, and all you need to do is blink an LED quickly enough. Considering the clock frequency of the Pi 5 is in the GHz range and the TOSLINK is the same 3.1 Mbit/s S/PDIF signal you could pull off your CD-ROM drive to your Sound Blaster, there’s no problem there. Except, wouldn’t the operating system get in the way? Well, not when you have enough clock cycles to throw at the problem. Using a Pi 5 doesn’t hurt: the RP1 I/O chip included on the board is keeping things smooth with its included PIO while Linux mucks about in the background. There’s a reason we called it the most important product Raspberry Pi ever made.

As for making a USB sound card from an SBC — well, we’re not sure why that got the “you can do that” reaction. The Raspberry Pi family had ‘gadget mode’ for over a decade now, allowing you to present the computer as a USB device, so why not a sound card? That’s a valid class of USB device.

Advertisement

Source link

Advertisement
Continue Reading

Tech

Fake Paysafe, Skrill SDKs on NPM and PyPi steal credentials

Published

on

Fake Paysafe, Skrill SDKs on NPM and PyPi steal credentials

Malicious packages on the Node Package Manager (npm) and the Python Package Index (PyPI) delivered stealer malware to developers and users of Paysafe, Skrill, and Neteller payment applications.

The threat actor published at least 17 malicious packages simultaneously, each tasked to exfiltrate credentials and access tokens to a command-and-control server hosted on Amazon Web Services (AWS).

All three payment platforms are popular, with Paysafe being mostly used by e-commerce sites and online marketplaces, gaming platforms, travel businesses, and financial services or software-as-a-service (SaaS) providers.

image

Skrill and Neteller are digital wallets and money transfer services used in online betting, cryptocurrency exchanges, and on Forex trading platforms.

Software developers working on such platforms integrate Paysafe’s SDKs into apps and websites to implement a secure payments and funds management system.

Advertisement

According to application security company Socket, these developers are the targets of the latest campaign via the following packages:

  1. npm/paysafe-checkout
  2. npm/paysafe-vault
  3. npm/neteller
  4. npm/skrill-payments
  5. npm/paysafe-js
  6. npm/paysafe-api
  7. npm/paysafe-node
  8. npm/paysafe-cards
  9. npm/paysafe-fraud
  10. npm/paysafe-kyc
  11. npm/skrill
  12. npm/skrill-sdk
  13. npm/paysafe-payments
  14. pypi/paysafe-kyc
  15. pypi/paysafe-payments
  16. pypi/paysafe-sdk
  17. pypi/paysafe-api

The researchers say that the 13 npm packages published four malicious versions, from 1.0.0 to 1.0.3, whereas the PyPI packages published only one malicious version, 1.0.0.

All 17 packages pretend to be legitimate payment SDKs, even exposing the expected APIs, but instead return fake success responses rather than communicate with Paysafe’s backend services.

The real purpose is credential theft, as the embedded malicious code searches compromised environments for secrets such as tokens, passwords, and API keys.

According to Socket, the exfiltrated data includes Paysafe API keys, AWS keys, GitHub tokens, npm tokens, hostname, username, and metadata about API usage.

Advertisement
Data theft logic on npm (left) and on PyPI (right)
Data theft function on npm (left) and on PyPI (right)
Source: Socket

The data theft module in the npm packages attempts exfiltration only if a Paysafe API key is present and activates when the fake SDK is called.

The PyPI packages automatically activate the data theft routine upon initialization and do not require a Paysafe API key to be present at all.

Socket’s analysis of the malware reveals that it includes some rather basic anti-analysis features, stopping execution if it detects fewer than 2 CPU cores or if the hostname or username contains cues indicating a virtualized environment.

Anti-analysis checks
Anti-analysis checks
Source: Socket

It is unclear who is behind this campaign, but Socket’s report highlights some attributes suggesting that the threat actor is sufficiently technical and may return in a more organized way.

The researchers warn that the attacker’s ability to pivot between ecosystems may make it more difficult to defend if there is only one ecosystem of visibility.

If any of the listed packages were installed, developers are recommended to immediately “rotate all secrets on any machine that imported or executed this package.”

Advertisement

 The researchers also advise searching dependency trees for the package names used in the campaign and deny any requests for them at the registry proxy level.

It is also recommended to look in the logs of Continuous Integration (CI) systems for PAYSAFE_API_KEY in combination with any of the listed package names.


article image

Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.

The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.

Get the whitepaper

Source link

Advertisement
Continue Reading

Trending

Copyright © 2025