Griffin's Badass Computers Inc.
🤵️ 💬Griffin's Badass Computers Inc. Helper 🤵️💬
Fast & Reliable Repairs and Cross Platform solutions! Live tech support chat!
|
We fix Windows, Macintosh and Linux systems with expert care and quick turnaround times. We specialize in cross platform solutions and internet security making the internet a safe place for our customers. We use IRC & Signal for Live chat and tech support & Teamviewer for Remote Control.
Book a Repair Virus Scan
🛑️🪲️Viruses & Malware🪲️🛑️
We eliminate threats and secure your system for safe computing.
🛜️🔐️Network Security🔐️🛜️
We will check for and eliminate security issues on your network.
🕸️🎨️Web Design🕸️🎨️
We will build you a site and do search engine optimization.
🔥️🖥️Custom Builds🖥️🔥️
We build custom desktops with the parts and operating system or systems of your choice!
💭️⁉️Consultation Services💭️⁉️
We stay abreast on what is available & will help you decide the best fit for your business.
🫘️👨💻️Programming Services👨💻️🫘️
We are adept and are able to make the best choice along with you.
💀️🎶️Dead Head Services📼️💀️
Connect with the community of the Grateful Dead online.
🎮️🕹️Dos Nostalgia🕹️🎮️
Check out our dosbox page & play the old classics.
🕹️🥧️Raspberry Pi Projects🕹️🥧️
Raspberry Pi Project links for fun and productivity.
 |
🚨CVE News!CVE & Vulnerability RSS Feed, [11/21/25 3:30 PM] 🚨CVE News! 📅📢 Source: security-advisories@github.com 🚨CVE-2025-65947 💣 CVSS Score: 8.7 (HIGH) 📡 Remotely Exploitable: True thread-amount is a tool that gets the amount of threads in the current process. Prior to version 0.2.2, there are resource leaks when querying thread counts on Windows and Apple platforms. In Windows platforms, the thread_amount function calls CreateToolhelp32Snapshot but fails to close the returned HANDLE using CloseHandle. Repeated calls to this function will cause the handle count of the process to grow indefinitely, eventually leading to system instability or process termination when the handle limit is reached. In Apple platforms, the thread_amount function calls task_threads (via Mach kernel APIs) which allocates memory for the thread list. The function fails to deallocate this memory using vm_deallocate. Repeated calls will result in a steady memory leak, eventually causing the process to be killed by the OOM (Out of Memory) killer. This issue has been patched in version 0.2.2. Published Date: 2025-11-21 23:15:45.373000+00:00 Link!
|
|
Link!
|
CVE & Vulnerability RSS Feed, [11/24/25] 🚨CVE News! 📅Link!
CVE & Vulnerability RSS Feed, [025-11-24 15:15:46.987000+00:00] 🚨CVE News! 📅🚨 CVE-2025-13541 📢 Source: securutiy@wordfence.com 💣 CVSS Score: 0.0 (NA) 📡 Remotely Exploitable: False Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage. Link! |
Griffin's Badass Computers Inc. has been helping the community with fast, affordable,
and trustworthy repair services for over 30 years. We specialize in Linux, Macintosh & Microsoft systems focussing on cross platform solutions. We specialize in cross platform solutions and internet security making the internet a safe place for our customers. We use IRC for Live chat and tech support & Teamviewer for remote Control
DuckDuckAI!
🤦♂️️From Techtales.com for your amusement!👨💻️
From Techtales.com for your amusement!👨💻️🤣️
Hot Male! 🤣️
Posted 01/01/2000 by Lynn KurtzMark as inappropriate
contact.
I work for a small ISP in Toronto. I got a call from one of
our customers. He was quite irate, wanting to know what we
had done to HotMail. Everytime he tried to get to the site,
he'd get "horrible things his children shouldn't see". On a
whim, I brought up a browser and typed in "www.hotmail.com".
Everything seemed to be working fine. Knowing that my user
didn't speak very clear English, I suspected, he couldn't
spell either, because it turned out that the site he was
typing in was "hot male".com, which is a gay male pornography
site.
🤦♂️️From Techtales.com for your amusement!👨💻️ From Techtales.com for your amusement!👨💻️🤣️
Downloadable Hardware?
Posted 01/01/2000 by LokiMark as inappropriate
Overheard from an desk behind me:
"No sir, you can't download a modem"
I had to hit mute in a hurry, but he managed to keep himself composed, amazingly enough.
Stick to diet advice, please...
Posted 01/01/2000 by Bereaved in Beaverton
IRC4Fun
GlassWorm is back. For the THIRD time. 😱 First wave in October. Second wave in November. And now? 24 new malicious extensions just dropped on December 1st.
This self-spreading worm targets VS Code extensions.
Here's what makes this terrifying.
The malware is literally invisible. Not obfuscated. Not hidden in minified files. Actually invisible to the human eye. The attackers use Unicode characters that don't render in code editors. You could review the code and see nothing wrong.
What does GlassWorm steal?
→ Your GitHub credentials
→ Your npm tokens
→ Your OpenVSX account
→ Your Git credentials
→ Data from 49 cryptocurrency wallet extensions
But it gets worse.
Once infected, your machine becomes part of their criminal network. They install a SOCKS proxy to route malicious traffic through your computer. They install hidden VNC for complete remote access. And the stolen credentials? They use them to infect MORE extensions.
That's why it's called a worm. It spreads itself.
The third wave impersonates popular developer tools:
→ Flutter extensions
→ React Native extensions
→ Vue extensions
→ Tailwind extensions
→ Vim extensions
→ Yaml extensions
→ Svelte extensions
→ Prettier clones
The attackers publish the extension, wait for approval, then push an update with the malware. They inflate download counts to appear legitimate. The fake extension shows up right next to the real one in search results.
One click. That's all it takes.
VS Code extensions auto-update. When a compromised extension pushes a malicious update, everyone who installed it gets infected automatically. No user interaction. No warning. Silent infection.
Why can't they stop it?
GlassWorm uses the Solana blockchain for command and control. You can't take down a blockchain. Google Calendar serves as backup. The infrastructure is basically unkillable.
What should you do?
→ Audit your installed VS Code extensions right now
→ Check for suspicious extensions you don't remember installing
→ Remove extensions you don't actively use
→ Don't auto-update extensions blindly
→ Verify publisher reputation before installing anything new
Each installed extension extends your attack surface. Supply chain attacks are exploding. Your code editor is now an attack vector.
Want to understand how attackers think?
I cover exploitation techniques and the hacker mindset in my ethical hacking course.
→ https://www.udemy.com/.../ethical-hacking-complete.../...
(The link supports me directly as your instructor!)
Your development environment is only as secure as your extensions. Check yours. Now. 🎯
#EthicalHacking #GlassWorm #VSCode #SupplyChainAttack #CyberSecurity #InfoSec #DeveloperSecurity #Malware
Research & writing: Jolanda de Koff | HackingPassion.com
Sharing is fine. Copying without credit is not."
PyStoreRAT. A new RAT discovered by Morphisec. And the attack is brilliant. 😏 Hackers are targeting developers, security researchers, and IT professionals. With fake tools. On GitHub.
They're not creating obvious malware repos. They're building tools that look exactly like what we search for. OSINT utilities. GPT wrappers. DeFi bots. Security scanners. Professional README files. Clean code. Working demos.
Some of these repos even reached GitHub's trending lists.
And that's when the trap closes.
The attackers use old, inactive GitHub accounts. Accounts that sat dormant for years suddenly wake up and start publishing. Why? Because GitHub's algorithm trusts older accounts more than new ones. A repo from an account created in 2019 looks more legitimate than one from last week.
After a repo gains traction and stars, they push a "maintenance" commit. Just a few lines of Python or JavaScript. Nothing suspicious at first glance. But those lines download a remote HTA file and execute it through mshta.exe. No traditional .exe file touches your disk during initial infection.
Once running, PyStoreRAT profiles your entire system. It checks for security products like CrowdStrike Falcon and CyberReason. If detected, it changes its execution method to avoid triggering alerts. It creates a scheduled task disguised as "NVIDIA App SelfUpdate" that runs every 10 minutes.
What are they after? Cryptocurrency wallets. PyStoreRAT specifically scans for Ledger Live, Trezor, Exodus, Atomic, Guarda, and BitBox02. It also deploys Rhadamanthys, a known info stealer that grabs browser passwords, cookies, and saved credentials.
The malware even spreads through USB drives. Connect a drive, and it replaces your documents with malicious shortcut files. Click what looks like your file, and you're running the malware first.
Here are some of the malicious repository names identified:
→ spyder-osint (multiple variants)
→ HacxGPT
→ KawaiiGPT
→ openfi-bot
→ VulnWatchDog
→ crypto-tax-calculator
Most have been removed by GitHub. Some are still live.
I build OSINT tools on GitHub myself. Shodan Eye, Dorks Eye, Ghost Eye. This attack exploits the trust that open source developers have built over the years.
How to protect yourself:
→ Check account history before cloning (years dormant, then sudden activity = red flag)
→ Read the actual code, not just the README
→ Watch for recent commits that add network calls or file downloads
→ Test unknown tools in a VM, always
Quick check for infection:
Open Task Scheduler and look for "NVIDIA App SelfUpdate" that doesn't point to actual NVIDIA software. Check C:\ProgramData\ for suspicious folders. If you find something, isolate that machine immediately.
Good news for Linux users: PyStoreRAT's attack chain is Windows-specific. But that doesn't mean malicious GitHub repos can't contain Linux payloads. Always stay alert.
The open source security community runs on trust. Don't stop downloading tools. Just verify before you run.
Want to understand malware analysis, social engineering, and how attackers think? I cover these topics in my ethical hacking course:
→ https://www.udemy.com/.../ethical-hacking-complete.../...
(The link supports me directly as your instructor!)
Hacking is not a hobby but a way of life. 🎯
#EthicalHacking #GitHub #PyStoreRAT #SupplyChainAttack #CyberSecurity #OSINT #Malware #InfoSec #OpenSource
Research & writing: Jolanda de Koff | HackingPassion.com
Sharing is fine. Copying without credit is not.
🤵️💬️:D I will gladly pay you on Tuesday for some computer work Today! ;-)🤦♂️️
(https://cvefeed.io/vuln/detail/CVE-2025-65947) 📢 Source: security-advisories@github.com 💣 CVSS Score: 8.7 (HIGH) 📡 Remotely Exploitable: True thread-amount is a tool that gets the amount of threads in the current process. Prior to version 0.2.2, there are resource leaks when querying thread counts on Windows and Apple platforms. In Windows platforms, the thread_amount function calls CreateToolhelp32Snapshot but fails to close the returned HANDLE using CloseHandle. Repeated calls to this function will cause the handle count of the process to grow indefinitely, eventually leading to system instability or process termination when the handle limit is reached. In Apple platforms, the thread_amount function calls task_threads (via Mach kernel APIs) which allocates memory for the thread list. The function fails to deallocate this memory using vm_deallocate. Repeated calls will result in a steady memory leak, eventually causing the process to be killed by the OOM (Out of Memory) killer. This issue has been patched in version 0.2.2. 📅 Published Date: 2025-11-21 23:15:45.373000+00:00
(https://cvefeed.io/vuln/detail/CVE-2025-65947) 📢 Source: security-advisories@github.com 💣 CVSS Score: 8.7 (HIGH) 📡 Remotely Exploitable: True thread-amount is a tool that gets the amount of threads in the current process. Prior to version 0.2.2, there are resource leaks when querying thread counts on Windows and Apple platforms. In Windows platforms, the thread_amount function calls CreateToolhelp32Snapshot but fails to close the returned HANDLE using CloseHandle. Repeated calls to this function will cause the handle count of the process to grow indefinitely, eventually leading to system instability or process termination when the handle limit is reached. In Apple platforms, the thread_amount function calls task_threads (via Mach kernel APIs) which allocates memory for the thread list. The function fails to deallocate this memory using vm_deallocate. Repeated calls will result in a steady memory leak, eventually causing the process to be killed by the OOM (Out of Memory) killer. This issue has been patched in version 0.2.2. 📅 Published Date: 2025-11-21 23:15:45.373000+00:00
🚨Tales from the tech!
Email Us!
From Techtales.com for your amusement!👨💻️🤣️
Posted 01/01/2000 by Jamie AndersonMark as inappropriate
🤵️💬️ OK to set the scene; I am buying some CD-ROMS, not in a Computer shop, but rather in a bookshops which also sells PC software. It is a Saturday so the shop is very busy and the girl at the cash desk only works there on Saturdays.
I hand over the CDs and she turns the jewel case over revealing a magnetic security tag on the back. This tag is there to stop patrons leaving the shop with the CDs, but not going through the formality of paying for them. Unfortunately, due to the dictates of fashion her fingernails are very long and she cannot use them to remove the tag.🤵️💬️
🤵️💬️“Why not put them through the demagnetiser?🤵️💬️” I ask.🤵️💬️
🤵️💬️ “🤵️💬️ We’re not allowed to do that, sir” she replies, still scratching ineffectively at the tag.
As I said, it was a Saturday, and I was not the only one standing waiting to pay. Eventually, with the line behind me showing all the symptoms of turning into a mob, she hails a passing supervisor.
🤵️💬️“What’s the problem?” asks the super.
🤵️💬️ “I can🤵️💬️’t get the tag off and 🤵️💬️’ I'm not allowed to put them in the demagnetiser,🤵️💬️” says the girl.
🤵️💬️“Oh, that is easy,🤵️💬️” says the supervisor, removing the CD from the jewel case and popping the case into the demagnetiser.
🤵️💬️ “Why can🤵️💬️ ’t the CD go through the demagnetiser? 🤵️💬️ ” I ask.
🤵️💬️ “It would erase all the data, sir. I'm sure that you wouldn't like to get home and find that you have bought a blank CD,🤵️💬️ ” explains the supervisor, using her `I am talking to an idiot but he is a customer’ voice.
“🤵️💬️ But the data is not recorded magnetically, it is read and written by a laser, using light,” I point out.
“🤵️💬️ I think you’ll find that you are wrong, sir,” says the supervisor.
“No, I’m right, I’ve been working as a computer engineer since 1963,” I say, as I pay for the goods and leave.
From Techtales.com for your amusement!👨💻️🤣️
Hot Male! 🤣️
Posted 01/01/2000 by Lynn KurtzMark as inappropriate
contact.
I work for a small ISP in Toronto. I got a call from one of
our customers. He was quite irate, wanting to know what we
had done to HotMail. Everytime he tried to get to the site,
he'd get "horrible things his children shouldn't see". On a
whim, I brought up a browser and typed in "www.hotmail.com".
Everything seemed to be working fine. Knowing that my user
didn't speak very clear English, I suspected, he couldn't
spell either, because it turned out that the site he was
typing in was "hot male".com, which is a gay male pornography
site.
🤦♂️️From Techtales.com for your amusement!👨💻️ From Techtales.com for your amusement!👨💻️🤣️
Downloadable Hardware?
Posted 01/01/2000 by LokiMark as inappropriate
Overheard from an desk behind me:
"No sir, you can't download a modem"
I had to hit mute in a hurry, but he managed to keep himself composed, amazingly enough.
Stick to diet advice, please...
Posted 01/01/2000 by Bereaved in Beaverton
IRC4Fun
Latest tech news
Tech News!
Californians can now stop data brokers from selling their personal information through a new state program. Full Story:
New federal laws going into the new year!!! Cybersecurity 2026 and AI!!! Home network security!!! California's new laws !!!Will Starlink Finally Face Real Competition in 2026 or Are Its Rivals Still Catching Up? Amazon Leo and AST SpaceMobile are coming for Starlink next year. Here's what four experts think about those companies' chances to challenge SpaceX's powerhouse satellite service. It’s been five years since Starlink began serving its first customers, and since then, it’s transformed from a niche connectivity solution into a global satellite internet powerhouse. In 2025, the service not only doubled its user base to over 8 million but also rolled out satellite connectivity to everyday smartphones in cellular dead zones. SpaceX’s satellite internet is good enough that traditional geostationary satellite operators are losing subscribers. HughesNet even joined forces with the Elon Musk-led company. Still, Starlink might finally face some fresh competition next year. Amazon’s long-in-the-making Leo service looks poised to finally launch in 2026. Meanwhile, Texas startup AST SpaceMobile has been working with AT&T and Verizon to offer its own cellular satellite connectivity.
🛑 WAYMO CARS FREEZE DURING SAN FRANCISCO BLACKOUT 🚗 💡 A massive power outage knocked out traffic signals across San Francisco — and dozens of driverless Waymo vehicles didn’t know how to react. The cars were left STALLED in intersections, some stuck mid-turn, others stopped dead in the middle of the road. With lights out citywide, traffic quickly backed up in every direction, turning streets into gridlock.
The Windows Update KB5072033, released on December 9, 2025, is a mandatory cumulative update for Windows 11 that addresses security vulnerabilities, bugs, and introduces new features, including improved dark mode support and enhancements for gaming. You can install it by going to Settings > Windows Update and clicking on 'Check for Updates.
Samuel Tunick is an Atlanta-based activist who was recently arrested and charged with destruction of evidence for allegedly wiping data from his Google Pixel phone during a search by Customs and Border Protection. His arrest has been described by supporters as politically motivated and part of a broader trend of repression against activists.
🚓 Polish police detained three Ukrainian nationals in central Warsaw after finding specialized hacking equipment inside their vehicle, according to authorities. 💻 The men were charged with possessing devices and software adapted for committing crimes, including damaging computer data critical to national defence. Additional charges include fraud and computer fraud. 🕵️ Officers said the car contained SIM cards, hard drives, antennas, and a spy device detector, items that could interfere with IT systems. The suspects claimed to be IT specialists traveling across Europe. ⚖️ A Polish court ordered three months of pre-trial detention. Authorities said they are considering various scenarios amid heightened alert over suspected sabotage and cyber threats in the country.
🚨Send Email!
GlassWorm is back. For the THIRD time. 😱 First wave in October. Second wave in November. And now? 24 new malicious extensions just dropped on December 1st.
This self-spreading worm targets VS Code extensions.
Here's what makes this terrifying.
The malware is literally invisible. Not obfuscated. Not hidden in minified files. Actually invisible to the human eye. The attackers use Unicode characters that don't render in code editors. You could review the code and see nothing wrong.
What does GlassWorm steal?
→ Your GitHub credentials
→ Your npm tokens
→ Your OpenVSX account
→ Your Git credentials
→ Data from 49 cryptocurrency wallet extensions
But it gets worse.
Once infected, your machine becomes part of their criminal network. They install a SOCKS proxy to route malicious traffic through your computer. They install hidden VNC for complete remote access. And the stolen credentials? They use them to infect MORE extensions.
That's why it's called a worm. It spreads itself.
The third wave impersonates popular developer tools:
→ Flutter extensions
→ React Native extensions
→ Vue extensions
→ Tailwind extensions
→ Vim extensions
→ Yaml extensions
→ Svelte extensions
→ Prettier clones
The attackers publish the extension, wait for approval, then push an update with the malware. They inflate download counts to appear legitimate. The fake extension shows up right next to the real one in search results.
One click. That's all it takes.
VS Code extensions auto-update. When a compromised extension pushes a malicious update, everyone who installed it gets infected automatically. No user interaction. No warning. Silent infection.
Why can't they stop it?
GlassWorm uses the Solana blockchain for command and control. You can't take down a blockchain. Google Calendar serves as backup. The infrastructure is basically unkillable.
What should you do?
→ Audit your installed VS Code extensions right now
→ Check for suspicious extensions you don't remember installing
→ Remove extensions you don't actively use
→ Don't auto-update extensions blindly
→ Verify publisher reputation before installing anything new
Each installed extension extends your attack surface. Supply chain attacks are exploding. Your code editor is now an attack vector.
Want to understand how attackers think?
I cover exploitation techniques and the hacker mindset in my ethical hacking course.
→ https://www.udemy.com/.../ethical-hacking-complete.../...
(The link supports me directly as your instructor!)
Your development environment is only as secure as your extensions. Check yours. Now. 🎯
#EthicalHacking #GlassWorm #VSCode #SupplyChainAttack #CyberSecurity #InfoSec #DeveloperSecurity #Malware
Research & writing: Jolanda de Koff | HackingPassion.com
Sharing is fine. Copying without credit is not."
DuckDuckAI!
:D I will gladly pay you on Tuesday for some computer work Today! ;-)
The Windows Update KB5072033, released on December 9, 2025, is a mandatory cumulative update for Windows 11 that addresses security vulnerabilities, bugs, and introduces new features
:D I will gladly pay you on Tuesday for some computer work Today! ;-)
