Just released: #swad 0.11 -- the session-less swad is done!

Swad is the "Simple Web Authentication Daemon", it adds cookie/form #authentication to your reverse #proxy, designed to work with #nginx' "auth_request". Several modules for checking credentials are included, one of which requires solving a crypto challenge like #Anubis does, to allow "bot-safe" guest logins. Swad is written in pure #C, compiles to a small (200-300kiB) binary, has minimal dependencies (zlib, OpenSSL/LibreSSL and optionally libpam) and *should* work on many #POSIX-alike systems (#FreeBSD tested a lot, #Linux and #illumos also tested)

This release is the first one not to require a server-side session (which consumes a significant amount of RAM on really busy sites), instead signed Json Web Tokens are now implemented. For now, they are signed using HMAC-SHA256 with a random key generated at startup. A future direction could be support for asymmetric keys (RSA, ED25519), which could open up new possibilities like having your reverse proxy pass the signed token to a backend application, which could then verify it, but still not forge it.

Read more, grab the latest .tar.xz, build and install it ... here:

https://github.com/Zirias/swad

China-Nexus Threat Actor Actively Exploiting Ivanti Endpoint Manager Mobile (CVE-2025-4428) Vulnerability

A critical vulnerability in Ivanti Endpoint Manager Mobile (EPMM) is being actively exploited by a China-nexus threat actor, UNC5221. The exploitation targets internet-facing EPMM deployments across various sectors including healthcare, telecommunications, and government. The attackers utilize unauthenticated remote code execution to gain initial access, followed by the deployment of KrustyLoader malware for persistence. They leverage hardcoded MySQL credentials to exfiltrate sensitive data from the EPMM database. The threat actor also uses the Fast Reverse Proxy (FRP) tool for network reconnaissance and lateral movement. The compromised systems span multiple countries in Europe, North America, and Asia-Pacific, indicating a global espionage campaign likely aligned with Chinese state interests.

Pulse ID: 682e5bbc1075b03f94642762
Pulse Link: https://otx.alienvault.com/pulse/682e5bbc1075b03f94642762
Pulse Author: AlienVault
Created: 2025-05-21 23:03:24

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

More cool #proxy development enabling the use of #limpet #shells as #archives for #climate, #environmental and human behavioral change on #archaeology timescales

www.sciencedirect.com/science/article/pii/S0031018225003086

VPN & Linux - also NordVPN now offers 100% UI support on Linux

VPN? Internet connection flows via proxy server (can be chosen specifically *which country* too) offering also more privacy in comparison to a regular connection.

Many use VPN for example to circumvent geo-blocking in entertainment services; resulting for more content.

NordVPN has been tested several times to prove their NO-LOG policy.

https://nordvpn.com/blog/linux-gui-release/

Police dismantles #botnet selling hacked routers as residential proxies

https://www.bleepingcomputer.com/news/security/police-dismantles-botnet-selling-hacked-routers-as-residential-proxies/