PEAKS Newsletter No. 8
Hi there!
Just a little tip. This period try to secure your immune system. I recently went out to pick Rosa canina fruits a couple of times, and I had a wonderful time making tea and delicious nectar from them. Did you know that these fruits are packed with vitamin C? They contain between 274 and 1,157 mg of vitamin C per 100 grams of fruit pulp! Enjoy!
🛡️ Security & Privacy
- CVE-2024-51774 - A critical RCE vulnerability in qBittorrent allows attackers to exploit SSL certificate validation flaws. Read more here.
- Microsoft warns that the Chinese botnet Quad7 is conducting evasive password spray attacks on its customers. Read more here.
- A zero-click vulnerability in Synology’s Photos app allows remote code execution, risking millions of users. Read more here.
- Ransomware payments reached a record $450 million in the first half of 2024, escalating threats. Read more here.
- Various SELinux bypass techniques from the point of view of Android kernel here.
- The article examines Linux’s new
mseal
syscall, which strengthens memory protection by preventing unauthorized access and mitigating exploitation risks in applications and system processes. - Microsoft is addressing a bug in Windows 11’s Task Manager that incorrectly displays zero running apps and processes. More here.
- Nvidia GeForce GPUs have critical vulnerabilities; users must update drivers immediately to secure systems. Read more here.
- OpenAI confirms cybercriminals use ChatGPT to create malware and conduct various cyber operations. More here.
- Check out the result from European Cybersecurity Challenge here.
- Chinese researchers linked to the PLA created ChatBIT, an AI military tool based on Meta's Llama model, raising misuse concerns. Read more here.
🛸 Tech News
AI
- More than a quarter of the Google’s new code is created by AI. More here.
- OpenAI is developing its first custom AI chip with Broadcom and TSMC, targeting 2026. Read more here.
- Linus Torvalds criticizes AI hype, calling it “90% marketing, 10% reality.” Read more here.
- GitHub has shifted to AI models from Google and Anthropic for its Copilot coding assistant. Read more here.
- Meta has launched NotebookLlama, an open-source alternative to Google’s AI podcast generator. Read more here.
- Penguin Random House updates copyright pages to prohibit AI training on its books. Read more here.
- Anthropic has launched a dedicated Claude AI app for Mac, enhancing user accessibility. Read more here.
- OpenAI has launched SearchGPT, a prototype search engine integrating ChatGPT’s capabilities, now on a waitlist. Read more here.
- Google has open-sourced SynthID, an AI watermarking tool for embedding and detecting watermarks in AI-generated media. More here.
- xAI, Elon Musk’s AI startup, has launched its first API, offering access to the “grok-beta” model at specific token prices. Read more here.
- Anthropic has launched upgraded Claude AI models, featuring enhanced coding, a new Haiku model, and direct computer interaction. More here.
- Adobe's Firefly Video Model in Premiere Pro revolutionizes editing with AI tools for seamless transitions and clip extensions. More here.
- TikTok is shifting to AI for content moderation, laying off hundreds of human moderators in Malaysia and the UK. More here.
- AI detection tools may falsely accuse students of cheating, leading to unjust zero grades on assignments. More here.
Programming
- Flock - supports the Flutter community by providing resources, documentation, project updates, and fostering collaboration among developers to enhance cross-platform app development.
- POSIX 2024 introduces significant updates, particularly in the XCU section, enhancing shell command language and standard utilities. More here.
- C++ and Rust comparison side by side, with Herb Sutter and Steve Klabnik here.
- Zed introduces SSH capabilities for remote development, enabling access to projects on any SSH-enabled machine. More here.
- Security in C++ with Louis Dionne here.
- How to fork: Best practices and guide here.
🛠️ Tools
Security
- Wazuh - an open-source security platform offering unified XDR and SIEM protection for endpoints and cloud workloads.
- VulnHuntr - an open-source tool for identifying vulnerabilities in software dependencies using LLM and static code analysis.
- BlackheathPoint - a cybersecurity service for your startup.
- Eartho - an open-source, privacy-focused sign-in alternative that protects user data from tracking.
- NetGuard - a no-root firewall app for Android, allowing users to block internet access per application.
- A bug bounty guide here.
- Firefox Password Decryptor - a tool to decrypt Firefox passwords that provides system info, open ports, devices, and browsing history.
Dev
- Qodo - AI-driven code generation and testing tools, enhancing developer productivity and code quality.
- Brendan Gregg presents AI Flame Graphs - a new analyzer tool to help reduce AI costs.
- GitButler - a Source Code Management system that simplifies branch management and enhances workflow efficiency.
- HTMLrev - free HTML templates.
- Gosub - a web browser engine.
- Data Formulator - iteratively transform data and generate detailed visualizations using AI.
- Scalene - a Python profiler for CPU, GPU, and memory with AI-driven optimization suggestions.
- Vimium - a browser extension enabling keyboard navigation and control, inspired by the Vim editor.
- YA Copilot - an open-source VSCode extension using the Anthropic API for AI assistance.
- Rwf - a comprehensive framework for building web applications in Rust.
Personal Use
- askone.ai - a browser extension that utilizes large language models to provide quick support, summaries, translations, and discussions while browsing.
- ZenMic - an AI tool for easy podcast creation, featuring a free trial for users.
- Carrd - simple, free, responsive one-page websites with customisable templates and features.
- VoiceTaking - an AI writing assistant for recording, summarizing, and elaborating thoughts easily.
- SavvyShot - an app that enhances productivity by capturing and organizing screenshots efficiently.
- OpenAlternative - a community-driven list of open source alternatives to proprietary software.
- Amphion - an open-source toolkit for audio, music, and speech generation, supporting research.
- You-Get - a compact command-line tool designed for downloading media content (videos, audios, images) from the internet when no other convenient method is available.
- OC Maker - design your own unique characters online.
- Epublifier - a tool to extract HTML pages from a website and compile them into an ePub book.
- Notemap - a writing aid for your notes, articles, books, and beyond.
- NotebookLlama -an Open Source version of NotebookLM.
- Busy Status Bar - a customizable productivity device with an LED screen, Pomodoro timer, and apps.
🧠Misc
- Srinivasa Ramanujan's mathematical insights continue to inspire modern research, revealing deep connections across various fields. Read more here.
- Black plastic spatulas may contain harmful flame retardants, raising health and safety concerns for consumers. More details here.
- Recent research shows visual clutter disrupts brain processing, affecting focus and cognitive function significantly. More here.
- An amateur mathematician discovered the largest known prime number, 2^136,279,841 - 1, with over 41 million digits. More here.
đź“© Please feel free to share this article with colleagues and friends who will find it valuable.
Thanks for reading!
Have a great day!
Bogdan