PEAKS Newsletter No. 8

Hi there!

Just a little tip. This period try to secure your immune system. I recently went out to pick Rosa canina fruits a couple of times, and I had a wonderful time making tea and delicious nectar from them. Did you know that these fruits are packed with vitamin C? They contain between 274 and 1,157 mg of vitamin C per 100 grams of fruit pulp! Enjoy!

🛡️ Security & Privacy

  • CVE-2024-51774 - A critical RCE vulnerability in qBittorrent allows attackers to exploit SSL certificate validation flaws. Read more here.
  • Microsoft warns that the Chinese botnet Quad7 is conducting evasive password spray attacks on its customers. Read more here.
  • A zero-click vulnerability in Synology’s Photos app allows remote code execution, risking millions of users. Read more here.
  • Ransomware payments reached a record $450 million in the first half of 2024, escalating threats. Read more here.
  • Various SELinux bypass techniques from the point of view of Android kernel here.
  • The article examines Linux’s new mseal syscall, which strengthens memory protection by preventing unauthorized access and mitigating exploitation risks in applications and system processes.
  • Microsoft is addressing a bug in Windows 11’s Task Manager that incorrectly displays zero running apps and processes. More here.
  • Nvidia GeForce GPUs have critical vulnerabilities; users must update drivers immediately to secure systems. Read more here.
  • OpenAI confirms cybercriminals use ChatGPT to create malware and conduct various cyber operations. More here.
  • Check out the result from European Cybersecurity Challenge here.
  • Chinese researchers linked to the PLA created ChatBIT, an AI military tool based on Meta's Llama model, raising misuse concerns. Read more here.

🛸 Tech News

AI

  • More than a quarter of the Google’s new code is created by AI. More here.
  • OpenAI is developing its first custom AI chip with Broadcom and TSMC, targeting 2026. Read more here.
  • Linus Torvalds criticizes AI hype, calling it “90% marketing, 10% reality.” Read more here.
  • GitHub has shifted to AI models from Google and Anthropic for its Copilot coding assistant. Read more here.
  • Meta has launched NotebookLlama, an open-source alternative to Google’s AI podcast generator. Read more here.
  • Penguin Random House updates copyright pages to prohibit AI training on its books. Read more here.
  • Anthropic has launched a dedicated Claude AI app for Mac, enhancing user accessibility. Read more here.
  • OpenAI has launched SearchGPT, a prototype search engine integrating ChatGPT’s capabilities, now on a waitlist. Read more here.
  • Google has open-sourced SynthID, an AI watermarking tool for embedding and detecting watermarks in AI-generated media. More here.
  • xAI, Elon Musk’s AI startup, has launched its first API, offering access to the “grok-beta” model at specific token prices. Read more here.
  • Anthropic has launched upgraded Claude AI models, featuring enhanced coding, a new Haiku model, and direct computer interaction. More here.
  • Adobe's Firefly Video Model in Premiere Pro revolutionizes editing with AI tools for seamless transitions and clip extensions. More here.
  • TikTok is shifting to AI for content moderation, laying off hundreds of human moderators in Malaysia and the UK. More here.
  • AI detection tools may falsely accuse students of cheating, leading to unjust zero grades on assignments. More here.

Programming

  • Flock - supports the Flutter community by providing resources, documentation, project updates, and fostering collaboration among developers to enhance cross-platform app development.
  • POSIX 2024 introduces significant updates, particularly in the XCU section, enhancing shell command language and standard utilities. More here.
  • C++ and Rust comparison side by side, with Herb Sutter and Steve Klabnik here.
  • Zed introduces SSH capabilities for remote development, enabling access to projects on any SSH-enabled machine. More here.
  • Security in C++ with Louis Dionne here.
  • How to fork: Best practices and guide here.

🛠️ Tools

Security

  • Wazuh - an open-source security platform offering unified XDR and SIEM protection for endpoints and cloud workloads.
  • VulnHuntr - an open-source tool for identifying vulnerabilities in software dependencies using LLM and static code analysis.
  • BlackheathPoint - a cybersecurity service for your startup.
  • Eartho - an open-source, privacy-focused sign-in alternative that protects user data from tracking.
  • NetGuard - a no-root firewall app for Android, allowing users to block internet access per application.
  • A bug bounty guide here.
  • Firefox Password Decryptor - a tool to decrypt Firefox passwords that provides system info, open ports, devices, and browsing history.

Dev

  • Qodo - AI-driven code generation and testing tools, enhancing developer productivity and code quality.
  • Brendan Gregg presents AI Flame Graphs - a new analyzer tool to help reduce AI costs.
  • GitButler - a Source Code Management system that simplifies branch management and enhances workflow efficiency.
  • HTMLrev - free HTML templates.
  • Gosub - a web browser engine.
  • Data Formulator - iteratively transform data and generate detailed visualizations using AI.
  • Scalene - a Python profiler for CPU, GPU, and memory with AI-driven optimization suggestions.
  • Vimium - a browser extension enabling keyboard navigation and control, inspired by the Vim editor.
  • YA Copilot - an open-source VSCode extension using the Anthropic API for AI assistance.
  • Rwf - a comprehensive framework for building web applications in Rust.

Personal Use

  • askone.ai - a browser extension that utilizes large language models to provide quick support, summaries, translations, and discussions while browsing.
  • ZenMic - an AI tool for easy podcast creation, featuring a free trial for users.
  • Carrd - simple, free, responsive one-page websites with customisable templates and features.
  • VoiceTaking - an AI writing assistant for recording, summarizing, and elaborating thoughts easily.
  • SavvyShot - an app that enhances productivity by capturing and organizing screenshots efficiently.
  • OpenAlternative - a community-driven list of open source alternatives to proprietary software.
  • Amphion - an open-source toolkit for audio, music, and speech generation, supporting research.
  • You-Get - a compact command-line tool designed for downloading media content (videos, audios, images) from the internet when no other convenient method is available.
  • OC Maker - design your own unique characters online.
  • Epublifier - a tool to extract HTML pages from a website and compile them into an ePub book.
  • Notemap - a writing aid for your notes, articles, books, and beyond.
  • NotebookLlama -an Open Source version of NotebookLM.
  • Busy Status Bar - a customizable productivity device with an LED screen, Pomodoro timer, and apps.

🧠 Misc

  • Srinivasa Ramanujan's mathematical insights continue to inspire modern research, revealing deep connections across various fields. Read more here.
  • Black plastic spatulas may contain harmful flame retardants, raising health and safety concerns for consumers. More details here.
  • Recent research shows visual clutter disrupts brain processing, affecting focus and cognitive function significantly. More here.
  • An amateur mathematician discovered the largest known prime number, 2^136,279,841 - 1, with over 41 million digits. More here.

đź“© Please feel free to share this article with colleagues and friends who will find it valuable.

Thanks for reading!

Have a great day!
Bogdan