• Proofpoint uncovered fake RMM tool “TrustConnect” built as cover for RAT malware
• Criminals created website, paid for certificate, tricking firms into $300/month subscriptions
• Tool gave attackers full remote control; linked to Redline infostealer customer

A group of cybercriminals went to great lengths to infect businesses with a remote access trojan (RAT), setting up an entire company, vibe-coding a website, and paying thousands for a legitimate certificate.

In its report, Proofpoint said it was fairly common for cybercriminals to use legitimate remote monitoring and management (RMM) tools in their tech stack. They would trick their victims into installing their tool of choice and sharing login credentials which would enable them to deploy all sorts of stage-two malware, including infostealers, remote access trojans, or ransomware.

Douglas Trumbull’s 1972 sci-fi film appeared just as space tales were becoming increasingly cold and remote. Silent Running changed that by firmly rooting its futuristic vision in the kind of realistic, beat-up features found in everyday life. On board the Valley Forge, a gigantic converted cargo based on a real, retired aircraft carrier, the sets appeared to be in constant use. The pipes, consoles, and congested halls appeared practical rather than sleek. This method lured the viewer into a world that seemed plausible, one in which technology serviced human needs rather than the other way around.

Trumbull, who had recently completed the psychadelic effects work on 2001: A Space Odyssey, simply wanted to warm things up. He directed his debut picture with a strong emphasis on connecting with the characters on an emotional level. Bruce Dern plays Freeman Lowell, a botanist tasked with caring for the last of Earth’s trees, which happen to be floating in geodesic domes in space. When orders are issued to burn them down, Lowell takes great measures to do the right thing and save the flora. He has some unexpected assistance in the form of three small maintenance drones, Huey, Dewey, and Louie, who become his crew. Actors with amputations wore custom suits, so the machines all looked awkward and endearingly jerky in their movements, giving them a feeling of personality without the use of words.

Those little drones created an effect, and George Lucas even drew influence from them while designing R2-D2. The idea of a little, expressive robot that communicates through beeps and body language rather than words originated with the Silent Running helpers. Lucas even secured Trumbull’s permission to create a comparable figure. R2-D2 exudes the same quiet commitment, transforming a tool into a friend.

Not only did the robots have an impact, but the film’s visual language was also highly significant. Trumbull’s team created these extremely accurate miniatures with genuine texture and hundreds of model kit parts mixed together for surface detail, then shot them using a variety of unique approaches. John Dykstra, a young effects artist on Silent Running, went on to manage the special effects team for Star Wars. He introduced motion control photography and a dynamic camera approach, making spaceships feel alive during dogfights. Many of the personnel from Trumbull’s workshop ended up joining ILM, bringing some of the practical model work and devotion to realism with them.

Star Wars captured that lived-in feel on board, with spaceships displaying signs of wear, filth, and maintenance. The interiors felt industrial and utilitarian, similar to the Valley Forge’s carrier-inspired designs. The Death Star’s huge, metallic halls provide the same feeling of scale and function. This trend away from clean, polished futures and toward ones that were torn and worn became the genre’s new standard.

Many other films followed suit, such as Alien, which adopted the gritty, no-nonsense appearance of a working-class spaceship with crew members whining about wages and conditions. Blade Runner expanded the detailed, evocative surroundings. WALL-E paid respect by depicting a lonely robot maintaining a fragile plant in a destroyed planet. Even Interstellar and Avatar continue the environmental concern that Silent Running raised, highlighting our duty to nature in the face of technological advancement.
[Source]

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their systems within three days against a maximum-severity Dell vulnerability that has been under active exploitation since mid-2024.

According to security researchers from Mandiant and the Google Threat Intelligence Group (GTIG), this hardcoded-credential vulnerability (CVE-2026-22769) in Dell’s RecoverPoint (a solution used for VMware virtual machine backup and recovery) is being exploited by a suspected Chinese hacking group tracked as UNC6201.

After gaining access to a victim’s network in CVE-2026-22769 attacks, UNC6201 deploys several malware payloads, including a newly identified backdoor called Grimbolt. This malware is built using a relatively new compilation technique that makes it harder to analyze than its predecessor, the Brickstorm backdoor.

While the group swapped Brickstorm for Grimbolt in September 2025, it’s not yet clear whether this switch was part of a planned upgrade or “a reaction to incident response efforts led by Mandiant and other industry partners.”

“Analysis of incident response engagements revealed that UNC6201, a suspected PRC-nexus threat cluster, has exploited this flaw since at least mid-2024 to move laterally, maintain persistent access, and deploy malware including SLAYSTYLE, BRICKSTORM, and a novel backdoor tracked as GRIMBOLT,” they said.

The security researchers have also found overlaps between UNC6201 and the Silk Typhoon Chinese state-backed cyberespionage group (although the two are not considered identical by GTIG), also tracked as UNC5221 and known for exploiting Ivanti zero-days to target government agencies with custom Spawnant and Zipline malware.

Silk Typhoon has previously breached the systems of several U.S. government agencies, including the U.S. Treasury Department, the Office of Foreign Assets Control (OFAC), and the Committee on Foreign Investment in the United States (CFIUS).

Feds ordered to prioritize CVE-2026-22769 patches

CISA has now added the security flaw to its Known Exploited Vulnerabilities (KEV) catalog on Wednesday and ordered Federal Civilian Executive Branch (FCEB) agencies to secure their networks by the end of Saturday, February 21, as mandated by Binding Operational Directive (BOD) 22-01.

“These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise,” CISA warned on Wednesday. 

“Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.”

Last week, CISA also gave U.S. federal agencies three days to secure their BeyondTrust Remote Support instances against an actively exploited remote code execution vulnerability (CVE-2026-1731).

Hacktron, which reported the vulnerability on January 31, warned in early February that around 11,000 BeyondTrust Remote Support instances were exposed online, and that around 8,500 were on-premises deployments that required manual patching.

Modern IT infrastructure moves faster than manual workflows can handle.

In this new Tines guide, learn how your team can reduce hidden manual delays, improve reliability through automated response, and build and scale intelligent workflows on top of tools you already use.

Advertisement

Get the guide

from the first-do-no-harm dept

The good folks over at Adafruit are raising the alarm about a new New York State 3D printing law that could greatly imperil the public’s freedom to tinker and could generally make life way more annoying for the schools, libraries, hospitals, small businesses, hobbyists, and garages that utilize 3D printers.

New York’s 2026–2027 executive budget bill (S.9005 / A.10005) includes language requiring that all 3D printers operating in the state need to include software or firmware that scans every print file through a “firearms blueprint detection algorithm” and then locks the hardware up so it refuses to print anything it flags as a potential firearm or firearm component.

As Adafruit’s Phillip Torrone notes, the key problem here is it’s largely impossible to detect firearms from geometry alone:

“A firearms blueprint detection algorithm would need to identify every possible firearm component from raw STL/GCODE files, while not flagging pipes, tubes, blocks, brackets, gears, or any of the millions of legitimate shapes that happen to share geometric properties with gun parts. This is a classification problem with enormous false positive and false negative rates.”

NY’s new law would apply to open source firmware like Marlin, Klipper, and RepRap, which are generally maintained by volunteers without the resources for compliance. As well as office printers that never touch the internet, or CNC milling machines that can basically generate any shape you can imagine.

Torrone goes on to explain how the bill could be dramatically improved by exempting open source firmware, and focusing more concretely on the intent to create fire-arms, instead of waging an impossible enforcement war on ambiguous shapes. They’re also recommending limited liability for retailers, schools, and libraries, and the elimination of mandatory file scanning:

“But the answer to misuse isn’t surveillance built into the tool itself. We don’t require table saws to scan wood for weapon shapes. We don’t require lathes to phone home before turning metal. We prosecute people who make illegal things, not people who own tools.

The Open Source 3D printing community probably does not know about this. OSHWA and other open source advocacy orgs have ignored many of the things we really need their help with. That needs to change. This bill is in early stages — the working group hasn’t even convened yet. There’s time to work together, in the open, for amendments that make sense.”

Random aside: it’s worth reminding folks that this proposal comes on the heels of a recently passed New York State “right to repair” law (supposed to make it easier and cheaper to repair technology you own) that Governor Kathy Hochul basically lobotomized at lobbyist behest after it was passed, ensuring it doesn’t actually protect anybody’s freedom to tinker.

Filed Under: 3d printer, 3d printing, consumers, hobbyists, legislation, new york, new york state, tinker

For three days in February, porn star Alix Lynx flew to Miami for her first exclusive creator gathering where she was in full grind mode: shooting Reels and talking strategy with other creators. “It was kind of like SoHo House for OnlyFans girls,” she says of the experience, which is called The Circle and drew more than a dozen sex workers, including Remy LaCroix and Forrest Smith.

Lynx, who is a former webcam model turned OnlyFans starlet, has a combined 2 million followers across Instagram, TikTok, and X. She joined OnlyFans in 2017 with “the luxury of having my own following,” she says, but those numbers haven’t always translated to subscriptions. It’s why she was in Miami.

“I don’t think people understand. I do a shitload of marketing,” Lynx says.“That’s the big misconception with OnlyFans—when creators join they think it’s going to be easy. But unless you’re a genius at marketing on social media, which is few and far between, it’s genuinely hard to get found and gain a following.”

Many of OnlyFans’ 4 million creators have said the same thing: native discovery on the platform sucks. “There’s just a frustration,” Lynx says. “In a perfect world, there would be that searchability feature because it makes it an even playing field for creators.” (According to OnlyFans, the platform limits its search feature as a safety precaution so users don’t accidentally stumble across content they didn’t intend to see.)

It’s a problem that Presearch—a free, private, decentralized search engine—wants to fix with the launch of its image-based discovery tool Doppelgänger.

Doppelgänger is the newest addition to Presearch’s Spicy Mode, a NSFW feature for searching adult content. Users can upload an image of a celebrity—or any person they think is hot—to find OnlyFans creators that resemble them. The technology matches the user with similar creators who want an audience rather than to deepfake platforms that are nonconsensual and illegal. Ever wondered who Sabrina Carpenter’s or Pedro Pascal’s porn doppelgängers were? Wonder no more.

According to the company, Doppelgänger is built with specific guardrails—no tracking what users search, explicit age-gating—and runs on Presearch’s decentralized index, “which surfaces content traditional search engines and commercial AI suppress,” says Brenden Tacon, head of product and business development at Presearch.

“We’re trying to offer a place where you might serendipitously become discovered,” Tacon tells WIRED. “You won’t on OnlyFans. If you’re hustling yourself on Instagram, Reddit, and all these places, it’s so hard to break through the noise.”

With 300,000 daily active searches on Presearch—according to the company—Doppelgänger is one of the first tools on the market pushing for ethical discovery of adult creators at scale. Unlike traditional reverse image tools that scan across the open web to locate where a photo appears or attempt to trace someone’s identity, Doppelgänger does not search the broader internet, does not surface personal information, and does not attempt to identify a person. “It simply returns visually similar public profiles based on image features, making it structurally more limited and, in many ways, more privacy-protective than a standard reverse image search,” Tacon says.

Still, the accuracy of Doppelgänger could use some improvement. In multiple tests run by WIRED, the AI seems better tailored to find matches for women than men. I had no problem finding look-alikes for Cardi B and Sydney Sweeney. But when searching for Michael B. Jordan look-alikes, it suggested female creators Chanell Heart (the number 3 match) and Chamile Symone, in addition to Uncut Jock NYC, a white-presenting Brazilian sex worker. In fact, five women were suggested among Jordan’s top 40. Curious if this was a glitch, I dragged a photo of actor Jeff Goldblum—a perennial “hottie,” according to the subreddit r/VintageLadyBoners—into the image finder, and the top search result was for Jean B, a self-described “twink content creator,” followed by 38 suggestions of large-breasted women. (A second search for Goldblum—who, for what it’s worth, is more zaddy than twink—with a different photo, did not fare any better; the lone male “look-alike” was for YCC, who is Chinese.)

A low-key demonstration high in the hills of central California recently showcased some new military technology. Scout AI, a new defense startup, integrated its Fury software into a self-driving ground vehicle and two armed drones. The entire system collaborated to hunt down a truck and blow it up, all activated by a single simple instruction written in plain English.

Fury serves as the central coordinator. A commander types or speaks a goal, such as sending a vehicle to a spot and launching drones to strike a specific target, and Fury takes care of breaking it all down into individual steps, assigning tasks to the machines, monitoring what’s going on through video feeds and data, and stepping in to adjust things as needed. One drone detects the truck, Fury reroutes the others, and the strike is launched. A human is present to keep an eye on things, but the majority of the specifics are handled by machines on their own.

Sale

DJI Neo, Mini Drone with 4K UHD Camera for Adults, 135g Self Flying Drone that Follows You, Palm Takeoff…

• Due to platform compatibility issue, the DJI Fly app has been removed from Google Play. DJI Neo must be activated in the DJI Fly App, to ensure a…
• Lightweight and Regulation Friendly – At just 135g, this drone with camera for adults 4K may be even lighter than your phone and does not require FAA…
• Palm Takeoff & Landing, Go Controller-Free [1] – Neo takes off from your hand with just a push of a button. The safe and easy operation of this drone…

Fury’s approach is based on large AI models that have been taught to figure out what’s going on in a scene, devise a plan, and provide directions. The largest model, with over 100 billion parameters, functions similarly to the mission commander in that it accepts the command and begins working. It then assigns jobs to smaller models, each with approximately 10 billion parameters, which run directly on the various machines. The smaller models then handle movement, navigation, and the final explosive release. The system employs conventional cameras rather than expensive sensors, and it can connect to a variety of devices without interfering with their built-in functions. Fury just examines the technical specifications for each platform and determines the appropriate commands to deliver to their systems.

Everything in the test was real, done on actual equipment in tough terrain, with no pre-scripted situations, fake special effects, or constant human steering. The ground vehicle followed a dirt road, unleashed the drones, and set off to search. Once the truck arrived, one of the drones zeroed in and detonated its payload on impact, capping off the mission with a rapid damage assessment. The entire process went well, demonstrating how well the program can handle a variety of air and ground units from various manufacturers.

Scout AI created Fury to address a long-standing issue with unmanned systems. Older setups rely on tight, unchanging code that adheres to rigorous rules, so when things change or unanticipated challenges arise, they struggle. Fury allows the machines to think through difficulties, devise new solutions, and adjust to changing situations while remaining focused on the reward. It also simplifies communication, even when things get hectic, and scales up to larger groups working in different venues.

Colby Adcock, who co-founded the company with Collin Otis, describes the transition as follows. AI bots are already quite good at managing jobs in simulated environments, and Fury brings that same adaptable brainpower to real-world operations for American forces. The software serves as a buffer between command systems and machines, allowing units from all around to collaborate as a single team under human supervision.
[Source]

A Ukrainian national was sentenced to five years in prison for providing North Korean IT workers with stolen identities that helped them infiltrate U.S. companies.

39-year-old Oleksandr Didenko of Kyiv, Ukraine, pleaded guilty in November 2025 to aggravated identity theft and wire fraud conspiracy after being arrested in Poland in May 2024.

This week, he was sentenced to 60 months in prison and 12 months of supervised release, and agreed to forfeit more than $1.4 million, including cash and cryptocurrency seized from Didenko and his accomplices.

“Oleksandr Didenko participated in a scheme that stole the identities of hundreds of people, to include United States citizens, which were used by North Korea to fraudulently secure lucrative IT jobs,” said James Barnacle, Assistant Director in Charge of the FBI’s New York Field Office. “This massive operation not only created an unauthorized backdoor into our country’s job market, but helped fund the regime of an adversary.”

According to court documents, Didenko stole U.S. citizens’ identities and sold them to overseas IT workers through an online platform known as UpWorkSell (which was seized by the Justice Department), who used them to fraudulently secure jobs with 40 U.S. companies in California and Pennsylvania.

Throughout this scheme, he provided the North Korean remote workers with at least 871 proxy identities and proxy accounts on three freelance IT hiring platforms. He also facilitated the operation of at least eight “laptop farms” in Virginia, Tennessee, California, Florida, Ecuador, Poland, and Ukraine that allowed the North Koreans to make it look like their devices were located in the United States.

One of these “laptop farms” was run by Christina Marie Chapman, a 50-year-old woman from Arizona, from her own home between October 2020 and October 2023. Chapman was charged in May 2024 and was sentenced to 102 months in prison after a July 2025 guilty plea.

The FBI has been warning about the danger presented by North Korean threat actors impersonating U.S.-based IT staff since at least 2023. As the law enforcement agency repeatedly noted, North Korea maintains a large and well-organized army of IT workers who use stolen identities to secure employment with hundreds of American companies.

In July 2024, U.S. authorities sanctioned, charged, or indicted 20 individuals and 8 companies across three separate enforcement waves. These actions were followed by a fourth wave of sanctions in August 2025 that targeted companies associated with North Korean IT worker schemes operated by Russian and Chinese nationals.

More recently, in December 2025, security researchers revealed that Famous Chollima (or WageMole) operatives, part of the notorious North Korean state-backed Lazarus hacking group, tricked recruiters using AI tools and stolen identities and got hired by Fortune 500 companies.

Modern IT infrastructure moves faster than manual workflows can handle.

In this new Tines guide, learn how your team can reduce hidden manual delays, improve reliability through automated response, and build and scale intelligent workflows on top of tools you already use.

Get the guide