mastodon.world is one of the many independent Mastodon servers you can use to participate in the fediverse.
Generic Mastodon server for anyone to use.

Server stats:

9.5K
active users

#email

73 posts66 participants2 posts today
Continued thread

2/2
» Cursor sobre la vista previa de la barra de herramientas en el mensaje » Boton derecho » Customize toolbar. Y sirve para personalizar no solo eso, sino prácticamente todo en las distintas barras. De momento, un poco escondido todavía, y solo en inglés, pero realmente genial. ¡Gracias a los desarrolladores!

Lo he descubierto aquí (al final de la conversación):
gitlab.gnome.org/GNOME/evoluti

I just opened a PR to add emoji reactions to Cypht, an open-source email client.
The feature is from Gmail’s email reactions. It allows users to react to emails with emojis, similar to what we have in messaging apps. I followed Gmail's specification to implement this, so it works in a standard way across compatible clients.

You can check out the full PR here: github.com/cypht-org/cypht/pul

J'utilisais déjà @Tutanota et #FairEmail depuis au moins 5 ans, mais j'avais encore ma 1ère adresse #email chez #Google #Gmail

Depuis 2 semaines, j'ai enfin migré vers @infomaniak_network avec dépréciation progressive durant l'année.

Pouvais plus être sur des #GAFAM à la botte fascistes ! Mon constat tout est parfait sauf pour Contacts. Les champ dispos sont moins fourni par rapport à Google.

Earth Kasha Updates TTPs in Latest Campaign Targeting Taiwan and Japan

Earth Kasha, an APT group believed to be part of APT10, has launched a new campaign in March 2025 targeting government agencies and public institutions in Taiwan and Japan. The campaign uses spear-phishing to deliver an updated version of the ANEL backdoor, potentially for espionage purposes. Key updates include a new command to support BOF execution in memory and the use of SharpHide for persistence. The second-stage backdoor, NOOPDOOR, now supports DNS over HTTPS for C&C communications. The attack chain involves compromised email accounts, malicious Excel files, and various evasion techniques. This campaign demonstrates Earth Kasha's continued evolution and poses significant geopolitical implications.

Pulse ID: 6813da43537c3d86e6ba3ca2
Pulse Link: otx.alienvault.com/pulse/6813d
Pulse Author: AlienVault
Created: 2025-05-01 20:32:02

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.
#APT10#BackDoor#CandC

Fake Social Security Statement emails trick users into installing remote tool

A phishing campaign is targeting users with fake emails purportedly from the US Social Security Administration. These emails aim to trick recipients into installing ScreenConnect, a legitimate remote access tool that can be misused by cybercriminals. The campaign, attributed to a group called Molatori, sends emails with links to download the ScreenConnect client under misleading names. Once installed, attackers can remotely access the victim's computer, potentially leading to data theft and financial fraud. The campaign is difficult to detect due to the use of compromised WordPress sites for sending emails, image-based content to evade filters, and the legitimacy of the ScreenConnect application itself.

Pulse ID: 68133275aea46cd7781eec41
Pulse Link: otx.alienvault.com/pulse/68133
Pulse Author: AlienVault
Created: 2025-05-01 08:36:05

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

XLoader Info-stealer Distributed Using MS Equation Editor Vulnerability (CVE-2017-11882)

An analysis reveals the distribution of XLoader info-stealer through phishing emails exploiting the MS Equation Editor vulnerability (CVE-2017-11882). The attack begins with a DOCX file containing an RTF document that creates a VBE file in a temporary folder. This VBE file, built using HorusProtector, contains the final malware and creates registry keys for execution. The malware process injects into RegAsm.exe and executes the XLoader info-stealer. The distribution method has evolved from single VBE files to Office documents with embedded vulnerabilities, indicating persistent risks in unpatched environments. Users are advised to update their Office products and exercise caution when opening email attachments from unknown sources.

Pulse ID: 68138a203701500b7458e62d
Pulse Link: otx.alienvault.com/pulse/68138
Pulse Author: AlienVault
Created: 2025-05-01 14:50:08

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

Date: 10,000 BCE
Problem: crops failed
Diagnosis: crop gods angry with you
Plan: propitiate gods, hope for best

Date: 1999
Problem: emails missing
Diagnosis: DNS
Plan: fix DNS

Date: 2025
Problem: emails missing
Diagnosis: email reputation gods angry with you
Plan: propitiate gods, hope for best