Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: security

New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores

A newly disclosed vulnerability dubbed ‘PolyShell’ affects all Magento Open Source and Adobe Commerce stable version 2 installations, allowing unauthenticated code execution and account takeover.

There are no signs of the issue being actively exploited in the wild, but eCommerce security company Sansec warns that “the exploit method is circulating already” and expects automated attacks to start soon.

Adobe has released a fix, but it is only available in the second alpha release for version 2.4.9, leaving production versions vulnerable. Sansec says that Adobe offers a “sample web server configuration that would largely limit the fallout,” but most stores rely on a setup from their hosting provider.

New “Darksword” iOS exploit used in infostealer attack on iPhones

A new exploit kit for iOS devices and delivery framework dubbed “DarkSword” has been used to steal a wide range of personal information, including data from cryptocurrency wallet apps.

DarkSword targets iPhones running iOS 18.4 through 18.7 and is linked to multiple actors, including UNC6353, suspected to be Russian, who used the Coruna exploit chain disclosed earlier this month.

Researchers at mobile security company Lookout discovered DarkSword while investigating the infrastructure used for the Coruna attacks. Google’s Threat Intelligence Group and iVerify also collaborated for a more comprehensive analysis of this previously unknown threat and the adversaries leveraging it.

Apple pushes first Background Security Improvements update to fix WebKit flaw

Apple has released its first Background Security Improvements update to fix a WebKit flaw tracked as CVE-2026–20643 on iPhones, iPads, and Macs without requiring a full operating system upgrade.

The CVE-2026–20643 flaw allows malicious web content to bypass the browser’s Same Origin Policy.

Apple says the flaw is a cross-origin issue in the Navigation API that was addressed with improved input validation.

DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage

To establish persistence, the LNK files are copied to the Windows Startup folder so that they are automatically launched following a system reboot. The attack chain then displays a URL containing lures related to installing Starlink or a Ukrainian charity named Come Back Alive Foundation.

The HTML file is eventually executed via the Microsoft Edge browser in headless mode, which then loads the remote obfuscated script hosted on Pastefy.

The browser is executed with additional parameters like –no-sandbox, –disable-web-security, –allow-file-access-from-files, –use-fake-ui-for-media-stream, –auto-select-screen-capture-source=true, and –disable-user-media-security, granting it access to the local file system, as well as camera, microphone, and screen capture without requiring any user interaction.

Microsoft: Windows 11 users can’t access C: drive on some Samsung PCs

Microsoft is investigating a new issue affecting some Samsung laptops running Windows 11 after installing the February 2026 security updates, in which users lose access to their C:\ drive and are unable to launch applications.

The company says it is working with Samsung to determine whether the problem is related to the Windows updates or Samsung software installed on affected devices.

“Users might encounter the error, ‘C:\ is not accessible – Access denied’, which prevents access to files and blocks the launch of some applications including Outlook, Office apps, web browsers, system utilities and Quick Assist,” explains Microsoft.

Rates of Unbalanced Chromosome Rearrangements Associated with Pericentric and Paracentric Inversions: Analysis of Molecular Chromosome Results in Embryo Samples

PGT-SR reveals that even small pericentric and paracentric inversions carry a small but measurable reproductive risk, challenging assumptions of minimal impact in IVF outcomes.

This website uses a security service to protect against malicious bots. This page is displayed while the website verifies you are not a bot.

Scientists use ‘negative light’ to send secret messages hidden inside heat

Researchers have developed a technology to invisibly transmit information disguised as background thermal radiation. Using a phenomenon called “negative light,” they transferred 100 kilobits of data per second in a way that was completely undetectable to outside observers.

Most methods for concealing data during transfer involve hiding it among other data or encrypting it in a way that makes it impossible to read without a cipher or other means of decryption. The new technique, by contrast, makes the data almost impossible to intercept because there’s no indication it’s being sent at all. It can also be encrypted through traditional means to further harden security, the team wrote in a paper published March 5 in the journal Light: Science & Applications.

Cardiopathogenic T Cells Govern Progression and Functional Remodeling in Inflammatory Cardiomyopathy and Chronic Myocarditis

In this JACCBTS article, Joachimbauer et al. demonstrate that cardiopathogenic CD4+ T cells induce acute yet reversible inflammation-driven myocardial changes, and that the persistence of these cells is a key factor driving functional cardiac remodeling.

This website uses a security service to protect against malicious bots. This page is displayed while the website verifies you are not a bot.

/* */