Proton's Linux CLI Arrives, Still Behind Mullvad (and why)
While Proton celebrates releasing basic WireGuard connectivity, Mullvad users have been paying with Monero and running QUIC obfuscation since 2024.
Latest
Tor Browser 15 Strips AI, Patches Critical Exploits
The Tor Project just released version 15.0 with a clear message: you cannot have maximum privacy while sending all your data to AI servers.
TShark: Command-Line Packet Analysis for Network Security
TShark puts Wireshark's packet analysis power directly in your terminal, enabling automated security monitoring and forensic investigation.
The I2P Ecosystem Explodes: Multiple New Router Implementations Signal a Privacy Revolution
The Invisible Internet Project (I2P) just announced something remarkable: multiple new, fully-functioning I2P router prototypes have emerged, marking a pivotal moment for privacy-focused networking.
Truncated HMAC Security and Performance Trade-offs
RFC 2104 says you need at least 80 bits, but NIST's new SP 800-224 dropped the floor to 32 bits with a risk analysis requirement that nobody wants to explain.
Qubes OS Dodges Three Xen Security Flaws
The Xen Project dropped three security advisories on September 9, 2025, and Qubes OS published same-day confirmation that none of them threaten the platform's security architecture.
Copilot Actions Expands Every Threat Vector Microsoft Already Fucked Up
Microsoft wants AI agents clicking through your files like humans—on infrastructure with 1,360 CVEs in 2024 alone.
LMDE 7 Ships Debian 13, Kernel 6.12 LTS, Real-Time Support
LMDE 7 "Gigi" released October 14, 2025 built on Debian 13 Trixie with Linux kernel 6.12 LTS, Cinnamon 6.4.12, and the first mainline real-time kernel support.
California Forces Police to Disclose AI-Written Reports
California just mandated that police must disclose when artificial intelligence writes their reports, and vendors are banned from selling the data they collect. (and why it doesn't matter)
Tails 7.1 Drops Browser Home Phoning, Updates Tor Stack
The privacy OS now opens Tor Browser to a local page instead of phoning home, while patching critical vulnerabilities and fixing confusing error messages.
Domain Fronting: How Censors Killed Privacy on the Cloud
By putting one domain in the TLS handshake and another in the HTTP header, domain fronting made Signal unstoppable in Egypt, Oman, and UAE—until corporations caved to authoritarian pressure.
CryptPad: Zero-Knowledge Architecture
While Google Docs reads everything you type, CryptPad's XSalsa20-Poly1305 encryption and Nakamoto-style consensus protocol ensure the server never decrypts your documents.
Monero
Based: Monero Fights 40% Network Spy Nodes with Subnet Filter
The new release implements /24 subnet filtering to disadvantage spy nodes that have been attempting transaction-to-IP correlation since October 2020.
member
Stop Renting Your ISP's Surveillance Device (it's bad)
Your ISP-provided router might be saving you setup time, but it's costing you control, privacy, and protection against nation-state attackers who've already proven they can breach these devices.
tor browser
Tor Browser 14.5.8 Fixes Firefox Bugs and Snowflake Bridges
Tor Browser 14.5.8 shipped with critical security fixes backported from Firefox 144, plus updates to core anonymity infrastructure. The Tor Project released the update on its download page and distribution directory.
odysee
Odysee Built Their Own Blockchain But Can't Install XMRChat
Odysee spent 2023-2024 migrating blockchains and building AI trading bots yet somehow couldn't spare a weekend to integrate Monero payment support that darknet markets implemented in a week back in 2019.
Monero
Why MyMonero Killing Their Wallet Is Good for Monero Privacy
MyMonero's shutdown of there wallet forces thousands of users off a surveillance architecture where keys lived on central servers, an upgrade whether they wanted it or not.
distro
openSUSE Leap 16 Adopts NSA's SELinux
openSUSE Leap 16 defaults to NSA-developed SELinux, eliminates X11 for Wayland-only operation, ships web management on all interfaces, and uses a remote installer with documented mDNS attack risks.
News
XWorm Malware Evolves into Ransomware Threat
State intelligence agencies maintain RATs functionally identical to XWorm, proving that control depends on who holds the keyboard.
News
Hackers Exploit Zimbra Zero-Day via iCalendar Files
Attackers exploited a zero-day vulnerability in Zimbra Collaboration Suite by hiding malicious code within seemingly harmless calendar invitation (.ICS) files to bypass security defenses and gain access to corporate networks.
Nextcloud
Nextcloud Talk Deployment: TURN/STUN Configuration and Self-Hosted Video Calling
Nextcloud Talk deployment enables enterprise-grade self-hosted video calling through sophisticated WebRTC implementation, TURN/STUN server configuration, and privacy-preserving communication.
![[Video] KDE Linux Ends Three-Decade Distributor Dependence](/content/images/size/w600/2025/09/kde-linux.png)
kde
[Video] KDE Linux Ends Three-Decade Distributor Dependence
KDE Linux marks the desktop environment team's first official operating system release, breaking away from three decades of dependence on third-party Linux distributors.
Monero
Monero-Oxide Bug Bounty: Privacy Code Gets Real Money Behind It
While the IRS burned $625,000 trying to crack Monero's privacy in 2020, the community is now investing serious money to make sure nobody ever can.
kali
Kali 2025.3 Eliminates USB Dongles for Pi Wireless Attacks
Kali Linux 2025.3 delivers native wireless injection capabilities to Raspberry Pi devices and adds 10 new offensive security tools. The standout feature removes the need for external USB adapters when conducting wireless assessments on ARM hardware.