Similar to the previous campaign TAG reported on, North Korean threat actors used social media sites like X (formerly Twitter) to build rapport with their targets. In one case, they carried on a months-long conversation, attempting to collaborate with a security researcher on topics of mutual interest. After initial contact via X, they moved to an encrypted messaging app such as Signal, WhatsApp or Wire. Once a relationship was developed with a targeted researcher, the threat actors sent a malicious file that contained at least one 0-day in a popular software package.

[...]

In addition to targeting researchers with 0-day exploits, the threat actors also developed a standalone Windows tool that has the stated goal of 'download debugging symbols from Microsoft, Google, Mozilla and Citrix symbol servers for reverse engineers.' The source code for this tool was first published on GitHub on September 30, 2022, with several updates being released since. On the surface, this tool appear

Some folks in my area grow this plant. It seems really dangerous.

Brugmansia produces anticholinergic toxins that can cause permanent neurological damage. It's closely related to the Datura genus, also known as jimsonweed, devil's snare, or loco weed.

It's kinda pretty, but it baffles me that it's so popular as a front-yard ornamental plant. If your child or dog eats a flower from this plant, they will probably have a bad trip that they may never recover from.

So why grow it? Are you sure nobody you care about will ever stick it in their mouth?

No trolling. This actually baffles me.

First up, here are some things you can expect:

• a new type of token (at least done as a cohesive theme)
• a card that can activate to copy enchantments
• Adventures on a new permanent type
• an artifact that has two different artifact subtypes normally associated with artifact tokens
• a creature type from Alpha gets a draft archetype
• fairy tale Sagas
• multiple legendary Foods
• a new card with a lobotomy effect
• a creature with two triggers, one for artifacts entering the battlefield and one for enchantments
• a new mechanic that batches together three items that have been in the game since Alpha but never batched before

Next, here are some rules text that will be showing up on cards:

• “If a permanent entering the battlefield causes a triggered ability of a permanent you control to trigger, that ability triggers an additional time.”
• “Look at the top twenty cards of your library.”
• “it produces three times as much of that mana instead.”
• “Sacrifice all Reflections you co

Just now, loading the page https://lemmy.world, I saw a different user's main page. The page loaded in light mode (I use dark) with the username of /u/froodloop in the top right. Then a moment later, it refreshed into my expected main page with my username in top right. This went past too quickly to get a screenshot, but it was reminiscent of some of the bugs that were happening in the old websocket code.

Here's one from almost a year ago that is still live today.

If you have [[Muldrotha]] out, you should be able to cast a creature from your graveyard once per turn. But if you have a creature with Evoke in your graveyard — such as [[Mulldrifter]] — Arena allows you to repeatedly cast it for its Evoke cost. This shouldn't be allowed, since Evoke doesn't change the timing of when you're allowed to cast a spell.

I'm starting to notice spam accounts here — accounts that do nothing but post and crosspost links to low-quality or promotional websites.

My inclination is to simply downvote and report each spam post, but this maybe generates a lot of mod queue activity for community moderators. And when an account is used for nothing but spam, presumably that would be better handled by admins banning the account than by each community moderator needing to respond individually to each spam post.

And maybe by the time mods or admins get around to looking at the reports, they've already noticed the spam and responded to it directly.

So — if you're a community moderator or an instance admin, what are your preferences for receiving reports of spam accounts? Is it worth it to you to get reports of spam posts, or messages pointing out a spammer account, or would you prefer that we just downvote, block, and move on?

Why YSK: Getting along in a new social environment is easier if you understand the role you've been invited into.

It has been said that "if you're not paying for the service, you're not the customer, you're the product."

It has also been said that "the customer is always right".

Right here and now, you're neither the customer nor the product.

You're a person interacting with a website, alongside a lot of other people.

You're using a service that you aren't being charged for; but that service isn't part of a scheme to profit off of your creativity or interests, either. Rather, you're participating in a social activity, hosted by a group of awesome people.

You've probably interacted with other nonprofit Internet services in the past. Wikipedia is a standard example: it's one of the most popular websites in the world, but it's not operated for profit: the servers are paid-for by a US nonprofit corporation that takes donations, and almost all of the actual work

Just now on Arena I was playing against a [[Sauron, the Dark Lord]] Historic Brawl deck. I realized that I had lethal, but played the last 1-mana creature in my hand before attacking.

I then realized that I'd just played [[Delighted Halfling]].

Before beating Sauron.

Ghee, or Indian-style clarified butter, is butter that's been simmered and the milk solids (proteins and sugars) skimmed off. This leaves a clear yellow oil that doesn't smoke when it's heated and doesn't go rancid quickly, but has a distinct toasty butter flavor.

Popcorn fans often want a buttery flavor, but plain butter is a bad choice for popping popcorn in a pot, because the proteins and sugars smoke and burn around the same temperature where it's hot enough to pop the kernels.

Vegetable oil is either flavorless or faintly bitter, and some high-temperature vegetable oils tend to start polymerizing (i.e. becoming plastic) when heated in small amounts. This is also not good for popcorn.

Good-quality popcorn popped in ghee reliably produces lots of "butterfly" popcorn with few unpopped "duds" and no scorched kernels or batches ruined by smoke.

Try it! I'm sure not going back to canola oil.

Many "news" sites on the Web are really just private link-aggregators with extra ads. They don't do original reporting; they just link to and summarize an article that someone else wrote, while surrounding it with extra ads.

For example, most news articles that appear on Boing Boing and similar sites are really just links to an article published elsewhere, which was written by an actual reporter for an actual news service. The reporter's article may be one or two links away from the aggregator's page, as news services sometimes also link to other news services.

What the link aggregator adds is ... ads. Lots of them, usually poor-quality ones. And nobody needs another dose of Outbrain or Taboola.

Example: Boing Boing post — Original article at the BBC.

A reader who's

/c/[email protected]