Android 17 blocks non-accessibility apps from the Accessibility API in Advanced Protection Mode, reducing malware abuse and the attack surface.
Get the latest international news and world events from around the world.
GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos
The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories.
“The attack targets Python projects — including Django apps, ML research code, Streamlit dashboards, and PyPI packages — by appending obfuscated code to files like setup.py, main.py, and app.py,” StepSecurity said. “Anyone who runs pip install from a compromised repo or clones and executes the code will trigger the malware.”
According to the software supply chain security company, the earliest injections date back to March 8, 2026. The attackers, upon gaining access to the developer accounts, rebasing the latest legitimate commits on the default branch of the targeted repositories with malicious code, and then force-pushing the changes, while keeping the original commit’s message, author, and author date intact.
DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage
To establish persistence, the LNK files are copied to the Windows Startup folder so that they are automatically launched following a system reboot. The attack chain then displays a URL containing lures related to installing Starlink or a Ukrainian charity named Come Back Alive Foundation.
The HTML file is eventually executed via the Microsoft Edge browser in headless mode, which then loads the remote obfuscated script hosted on Pastefy.
The browser is executed with additional parameters like –no-sandbox, –disable-web-security, –allow-file-access-from-files, –use-fake-ui-for-media-stream, –auto-select-screen-capture-source=true, and –disable-user-media-security, granting it access to the local file system, as well as camera, microphone, and screen capture without requiring any user interaction.
Stryker attack wiped tens of thousands of devices, no malware needed
Last week’s cyberattack on medical technology giant Stryker was limited to its internal Microsoft environment and remotely wiped tens of thousands of employee devices.
The organization says in an update on Sunday that all its medical devices are safe to use but electronic ordering systems remain offline, and customers must place orders manually through sales representatives.
Stryker emphasizes that the incident was not a ransomware attack and that the threat actor did not deploy any malware on its systems.
Microsoft Exchange Online outage blocks access to mailboxes
Microsoft is working to address an ongoing Exchange Online outage that is preventing customers from accessing their mailboxes and calendars.
“We’re investigating reports of some users experiencing issues when accessing their Exchange Online mailbox via one or more connection methods,” Microsoft said when it acknowledged the issue at 06:42 AM UTC.
As Microsoft explained in a Microsoft 365 admin center update under EX1253275, Outlook on the web, Outlook desktop, Exchange ActiveSync, and other Exchange Online connection protocols are all affected by this outage.
Introduction: Charles Liu
Does the universe need observers to exist? Neil deGrasse Tyson and co-hosts Chuck Nice and Gary O’Reilly explore questions about entropy, spontaneous symmetry breaking, spectroscopy and more with astrophysicist Charles Liu.
Does the universe require observers for information to exist? From Niels Bohr and the Copenhagen interpretation to modern neuroscience and philosophy, the crew explores whether measurement creates reality or reveals it. How does the double-slit experiment fit into this? Are wave and particle behaviors determined by how we measure them?
The conversation turns to information itself. What do physicists mean by “information”? How is entropy connected to hidden information in a system? We discuss entropy through everyday examples like coin flips, burning wood, and boiling water. How does this relate to quantum computing? We explore how astronomers separate cosmic redshift from stellar motion using spectroscopy, how interstellar dust and extinction curves complicate observations, and why mapping that dust is both a challenge and a source of discovery.
We discuss why the Big Bang didn’t form a black hole, how spontaneous symmetry breaking may have split the fundamental forces, and whether science can meaningfully investigate the universe’s earliest moments. Wrapping up, the team looks ahead to multi-messenger astronomy, next-generation telescope technology, exotic ideas about the speed of light, and how information continues to reshape what we know about the cosmos.
Thanks to our Patrons Avery Ellis, Markus Riegler, Linda Tullberg, Gami Lannin, Arief Aziz, Ron Lawhon, Corie Prater, Patrick McNaught, FracturedEquality, Spengler, Peter Harbeson, Oddron86, Hudson Lowe, Drew Romaniak, V2022, Kyle Ferchen, Branko Denčić, Patrick Borgquist, DJ Sipe, Andy Blair, Alan Keizer, SR, Nihat Cubukcu, Greg Lance, Diwas Pandit, Anik Kasumi, Alexander Albert, Kodai, Dyonne Peters Lewoc AKA DPTaterTot, Adrian, Ben Goff, Jose Barreiro, Saurabh Chaudhari, Wimberley Children’s House, Jean Arthur Deda, Jerrel Thomas, Serkan Ergenc, Douglas Kennedy, Lee Browner, Manuel Palmer, Dans Jansons, Russell Harvey, BladiX, Lars-Ove Torstensson, Norman Weizer, Arian Farkhoy, S. Madge, Pavel Seraphimov, Amanda Wolfe, Heisenberg, Mattchew Phillips, Caleb Berumen, Sretooh, Gary Tabbert, Oscar Abreu Lamas, Kevin Attebury, Volker Haberlandt, SeaGolly, B. Shoemaker, Ruben Ferrer, Steven Adams, Daniel Hintz, Nathaniel Richardson, Nick Griffiths, Adam Schmidt, Scott Plummer, Northernlight, JoMama, Beth, Frank Cottone, Yinj, Betty Anderson, Paul Smith, John Little, Emad Uddin, Brian O’Brien, Jayden Moffatt, Kevin Mace, Zara DeBresoc, Rain Bresee, Mara (Farmstrong), Rose, Stiven, Demethius Jackson, Alejandro Rodriguez, J Davis, Chris Buhler, Nathan Davieau, Sourav Prakash Patra, Wayne Rasmussen, John from Bavaria, Stephanie Phillips, Yohojones, Josh Farrell, John, Oo-De-Lally, Millie Richter, Montague Films, Lawrey Goodrick, and John Giovannettone for supporting us this week.
Timestamps:
Space: Time
Matter. What is reality? And if it’s so fundamental, why do we all experience it so differently? Join us for a marathon through the discoveries and paradoxes that suggest modern physics is pointing to a deeply uncomfortable truth: that our picture of the universe is far from complete, and what we think about reality may be completely wrong.
Love New Scientist? For a specially discounted New Scientist digital subscription, go to https://www.newscientist.com/youtube
Subscribe ➤ https://bit.ly/NSYTSUBS
00:00 Reality Is Already Broken
00:57 Scientists Build a Window into the Fourth Dimension
23:16 The Physicist Who Says Reality Is Not What It Seems
1:28:45 The Black Hole Paradox That Keeps Physicists Awake at Night
1:50:40 Sean Carroll: The Many Worlds of Quantum Mechanics
2:46:40 What are the foundations of reality?
Get more from New Scientist:
Official website: https://bit.ly/NSYTHP
Facebook: https://bit.ly/NSYTFB
Twitter: https://bit.ly/NSYTTW
Instagram: https://bit.ly/NSYTINSTA
LinkedIn: https://bit.ly/NSYTLIN
About New Scientist:
New Scientist was founded in 1956 for “all those interested in scientific discovery and its social consequences”. Today our website, videos, newsletters, app, podcast and print magazine cover the world’s most important, exciting and entertaining science news as well as asking the big-picture questions about life, the universe, and what it means to be human.
New Scientist
https://www.newscientist.com/
#reality #physics #paradox #space #time #science #universe