03 Jul 2026

feedHacker News

The Life and Times of Maxis, Part 1: SimEverything

Comments

03 Jul 2026 3:56pm GMT

Markets are competitive if and only if P = NP

Comments

03 Jul 2026 3:41pm GMT

Factories Are Just Rooms

Comments

03 Jul 2026 3:13pm GMT

feedSlashdot

New PamStealer macOS Malware Uses Clever Tradecraft To Remain Stealthy

An anonymous reader quotes a report from Ars Technica: Researchers have found a never-before-seen piece of macOS malware that combines a series of clever tradecraft to infect Macs with stealthy, custom-developed credential-stealing code. The malware is delivered in two stages. The first is distributed in a disk image that masquerades as Maccy, a clipboard manager for Macs. It's compiled as AppleScript that is notable for the way it delivers the second stage. The malware is named PamStealer because the Rust-written infostealer uses the Pluggable Authentication Modules interface built into macOS to validate the target's login password before sending it to an attacker-controlled server. [...] PamStealer shows a native password prompt designed to resemble a system authorization request. Text that appears with the prompt says: "Maccy wants to make changes. Enter your password to allow this." As noted earlier, once a target complies, the malware validates it locally through the PAM API. "This check is done entirely through PAM: there is no call out to dscl, security, osascript or any spawned process to verify the password, as many commodity macOS stealers do," [said Jamf, a security firm for macOS users]. "The result is a quieter routine that keeps only a verified password, and one fewer process chain for defenders to detect on." If the validation fails, PamStealer displays the prompts again until it receives the correct one. Once the target enters the correct password, PamStealer displays a message stating that the file is damaged and can't be installed. This is designed to be a decoy to prevent the target from suspecting anything is amiss. The malware uses tactics to maximize the information it can steal. One tactic is to request the target grant full disk access to the fake Maccy app. It also contains code designed to access ethereum accounts. The various techniques -- particularly the Script Editor lure, a self-contained JXA dropper, a Rust-based second stage, and local validation of credentials through PAM are all noteworthy.

Read more of this story at Slashdot.

03 Jul 2026 3:00pm GMT

feedArs Technica

Rocket Report: Indian startup nears first launch; SpaceX's millenary milestone

NASA awarded Rocket Lab deals for three dedicated launches using the company's Electron rocket.

03 Jul 2026 1:55pm GMT

feedLinuxiac

Linux Tops 2026 CVE Charts, Greg KH Says That’s a Good Thing

Linux Tops 2026 CVE Charts, Greg KH Says That’s a Good Thing

Greg Kroah-Hartman says Linux leads CVE counts for the first half of 2026, arguing the numbers reflect responsible reporting, not poor security.

03 Jul 2026 1:39pm GMT

Apple Container 1.0 Released as a Native Docker Alternative for macOS

Apple Container 1.0 Released as a Native Docker Alternative for macOS

Apple's Swift-powered container tool for macOS hits 1.0 with persistent Linux machines, host integration, and broader workflow improvements.

03 Jul 2026 12:16pm GMT

feedArs Technica

Inside the Luddite festival harnessing Gen Z’s rage against Big Tech

New York City's Summer of Ludd festival is teaching people how to live offline.

03 Jul 2026 12:00pm GMT

Despite the darkness, I still see signs of hope in America

It's difficult to pinpoint the moment in my life where America started to lose the plot.

03 Jul 2026 11:30am GMT

feedLinuxiac

ClamAV 1.5.3 Open-Source Antivirus Fixes Multiple Security Vulnerabilities

ClamAV 1.5.3 Open-Source Antivirus Fixes Multiple Security Vulnerabilities

ClamAV 1.5.3 open-source antivirus engine released with fixes for multiple security vulnerabilities affecting file parsing, archive scanning, and executable unpacking.

03 Jul 2026 10:32am GMT

feedSlashdot

US Life Expectancy On Track To Reach Record High

The US age-adjusted death rate fell to a record low in 2025, likely pushing life expectancy to a record high as overdose deaths declined and mortality improved across all age groups. CNN reports: There were about 689 deaths for every 100,000 people in the US in 2025, according to a new report from the US Centers for Disease Control and Prevention -- the lowest rate recorded in more than a century of tracking. The age-adjusted rate has fallen 22% since 2021, landing about 4% lower than it was just before the pandemic in 2019. [...] The top causes of death in the US in 2025 followed longstanding patterns: Heart disease led with nearly 695,000 deaths, followed by cancer with nearly 623,000 deaths. Unintentional injuries, which includes drug overdoses, were the third leading cause of death. Overdose deaths are still high -- about 70,000 people died from an overdose in 2025, preliminary CDC data shows -- but experts say that sharp declines probably played a large role in bringing the age-adjusted death rate down in the US.

Read more of this story at Slashdot.

03 Jul 2026 10:00am GMT

Amazon Has Enough Satellites To Launch Its Starlink Competitor

Amazon says its Leo satellite network now has enough spacecraft in orbit to begin limited commercial internet service, with 396 satellites providing "continuous service across initial latitudes." Early performance will likely be uneven, however, and well behind Starlink. "It'll be years before Amazon can boast similar performance numbers as it continues to launch a planned 3,232 Leo satellites," reports The Verge. From the report: SpaceX went live with its "Better than nothing beta" back in 2020 when it had almost 900 satellites operating in low-Earth orbit. It initially served a narrow band of users in the upper US and Canada, who complained about frequent service interruptions and high sensitivity to obstructions, with speeds between 50Mbps and 150Mbps, and latency from 20ms to 40ms. By 2022, the service and coverage areas had already dramatically improved. [...] SpaceX currently has over 10,000 Starlink satellites in operation, providing robust internet connectivity on land, sea, and air in over 160 countries. Performance varies by the dish, service level paid for, time of day, and location of the user, but we're now talking 200Mbps median download speeds, 10Mbps to 40Mbps uploads, and latency hovering around 25ms.

Read more of this story at Slashdot.

03 Jul 2026 6:00am GMT