Python Archives

Winsage

April 2, 2025

Download freeCAD (free) for Windows, macOS and Linux

FreeCAD is a free computer-aided design (CAD) software that offers a comprehensive suite of features comparable to expensive alternatives. It has a parametric modeling engine that allows users to make seamless adjustments to design parameters, ensuring changes are automatically reflected throughout the design. The software includes multiple workbenches for different design phases, such as the Sketcher for 2D geometry and the Part and Design workbenches for solid modeling. FreeCAD also features Computer Numerical Control (CNC) capabilities for converting 3D models into G-code and provides Finite Element Analysis (FEA) tools for stress testing designs. Advanced users can utilize Python scripting for automation and customize their experience with industry-specific plugins. FreeCAD supports various file formats, including STEP, IGES, STL, SVG, DXF, OBJ, IFC, and DAE.

Winsage

April 1, 2025

Windows 10’s “update” turns off seconds on the taskbar’s Calendar flyout

The upcoming Windows 10 update on April 8, 2025, will remove the display of seconds in the Calendar flyout. This change is part of the Windows 10 KB5053643 optional update, which is being rolled out but will not install automatically. The Calendar flyout will still appear when users click on the time and date in the taskbar, but it will no longer show seconds. Microsoft has previously cited performance concerns as the reason for excluding seconds from the graphical user interface. Support for Windows 10 is set to end on October 14, 2025.

Winsage

March 29, 2025

How to use the Warp AI-enabled terminal for Windows or Linux

Warp is an intelligent terminal application that enhances the terminal experience by utilizing a natural language model to interpret commands. It features a familiar interface similar to Linux or PowerShell, supports multiple tabs, and includes an output window for displaying responses and code snippets. Users can enter commands in natural language or traditional code, and it is free to use with an optional paid plan. Warp allows users to execute OS-level commands, such as listing directory contents and saving the output to a file. It also simplifies complex tasks like renaming images based on creation dates through natural language processing. Additionally, Warp can assist in coding by creating Python scripts, verifying library installations, and generating executable files using PyInstaller. The entire process can be completed quickly, demonstrating Warp's capability to streamline development for users of all skill levels.

AppWizard

March 21, 2025

New ways to collaborate and get creative with Gemini

Gemini is a tool for content creation that allows users to generate high-quality first drafts and refine their work quickly through an intuitive feedback mechanism. It offers editing tools to adjust tone, length, and formatting easily. Gemini is useful for crafting speeches, revising essays, and enhancing blog posts and reports. Additionally, it aids in programming and software development by excelling in code generation, debugging, and providing explanations. With the introduction of Canvas, users can create web apps, Python scripts, games, and simulations efficiently. Canvas allows for the generation and preview of HTML/React code, enabling users to visualize their designs and make instant updates. This platform simplifies the coding process, promoting collaboration and innovation by allowing users to create, edit, and share their code and designs in one place.

Winsage

March 19, 2025

Microsoft Windows File Explorer Vulnerability Let Attackers Perform Network Spoofing

A vulnerability identified as CVE-2025-24071 has been discovered in Windows File Explorer, allowing attackers to extract NTLM hashed passwords with minimal user interaction. This high-severity flaw, termed “NTLM Hash Leak via RAR/ZIP Extraction,” exploits Windows Explorer’s automatic file processing when a specially crafted .library-ms file is extracted from a compressed archive. The file contains a malicious SMB path that triggers an NTLM authentication handshake, leaking the victim’s NTLMv2 hash. Microsoft addressed this issue in its March 2025 updates. A proof-of-concept exploit was published by researcher 0x6rss, and evidence suggests the vulnerability may have been exploited in the wild prior to its disclosure. Users are advised to apply security updates and implement protections against NTLM relay attacks.

TrendTechie

March 16, 2025

Сбор данных из DHT (как работают агрегаторы)

The author created a mini-version of IKnowWhatYouDownload, a project that can be accomplished in a few hours. They explained that torrent files enter the database through popular torrent sites and monitoring the DHT network, with data collected every few hours and updated with a one-day delay. DHT (Distributed Hash Table) is used for decentralized peer discovery in torrent networks, allowing participants to share information about peers without a central tracker. The author outlined the steps to create a personal aggregator, which include gathering torrent hashes, querying DHT for peer information, and saving the results in a database. They developed a Python script that accepts a torrent hash, queries DHT, and saves the results in a JSON file. The script successfully displayed active peers for the game "The Witcher 3," showing some discrepancies with IKnowWhatYouDownload due to update delays and the transient nature of peers. The final script has been uploaded to GitHub.

Tech Optimizer

March 11, 2025

What’s in Store for pg_probackup 3

Pg_probackup is a backup solution for PostgreSQL that debuted in 2016 and has evolved significantly, with the latest version being 2.5.15 available on GitHub and version 2.8.6 included in the Postgres Pro product suite. It supports 14 platforms and offers three types of incremental backups, features like merging backups, quick replica restoration, and integration with S3 and CFS. Users can access community support via a dedicated Telegram chat. The versions of Pg_probackup include: - 2.5.15 Community: Open-source, available on GitHub with critical bug fixes. - 2.8.6 STD: Closed-source, optimized for large datasets, included with Postgres Pro Standard. - 2.8.6 ENT: Closed-source, similar to STD but adds CFS and S3 support. - 3 and above: Closed-source overhaul aimed at improved speed and efficiency. Pg_probackup 3 was developed to address client requests and internal ideas, leading to a modular architecture with three components: a DB core extension, LibProbackup3 (a core library for database connection), and the backup application itself. Libprobackup3 is written in C++, providing a C interface for integration with various programming languages and managing archival file streams and backup logic. Pg_probackup 3 introduces a custom communication protocol for optimized data handling and supports multiple backup modes: FULL, DELTA, PTRACK, and PAGE. The recovery feature includes FUSE capability for direct data restoration from backups without full unpacking, enhancing recovery options for selective restoration of databases and WAL files. Performance testing showed that while version 2.8.6 excelled in single-threaded scenarios, pg_probackup 3.0.0 outperformed it in multi-threaded environments, especially in PRO mode for PTRACK incrementals. The roadmap for pg_probackup 3 includes releasing the current version, preparing an open-source variant, optimizing multi-threading, and implementing additional features in pg_probackup 3.1.

Winsage

March 10, 2025

Threat Actors Exploited PHP-CGI RCE Vulnerability To Attack Windows Machines

Cisco Talos has reported a series of cyberattacks exploiting a critical vulnerability in PHP (CVE-2024-4577) to target Windows systems, primarily affecting organizations in Japan since January 2025. The vulnerability allows attackers to execute arbitrary PHP code on servers running Apache with PHP-CGI. They use a Python script, “PHP-CGICVE-2024-4577RCE.py,” to send crafted POST requests and confirm exploitation through a specific MD5 hash. After gaining access, attackers deploy a PowerShell injector script to establish a connection with their command and control (C2) server and utilize Cobalt Strike plugins for post-exploitation activities, including modifying registry keys for persistence and clearing event logs to evade detection. They conduct lateral movement using reconnaissance tools and exploit Group Policy Objects to execute malicious scripts, ultimately extracting credentials with Mimikatz. The attackers have access to a pre-configured installer script on their C2 server, suggesting potential for future attacks.

Winsage

March 9, 2025

Threat Actors Leverage YouTubers to Attack Windows Systems Via SilentCryptoMiner

Security researchers have identified a malware campaign targeting YouTubers to spread SilentCryptoMiner malware disguised as tools to bypass restrictions. Over 2,000 victims in Russia have been reported, with the actual number likely higher. The malware exploits Windows Packet Divert drivers, with over 2.4 million detections in the past six months. Threat actors issue copyright strikes to compel YouTubers to promote infected files, manipulating their reputations. One YouTuber with 60,000 subscribers linked to a malicious archive that was downloaded over 40,000 times. The infection starts with an archive containing a modified script that executes a malicious executable via PowerShell. If security software removes the file, users are prompted to disable their antivirus. The malware's infection chain is multi-staged, using a Python-crafted loader to retrieve payloads from specific domains. It employs anti-VM techniques, modifies defender exclusions, and stealthily mines cryptocurrencies while pausing during certain program activities. Security experts warn against using restriction bypass tools due to their association with malware distribution.

Winsage

March 6, 2025

Cybercriminals Exploit YouTubers to Spread SilentCryptoMiner on Windows Systems

A malware campaign has emerged, exploiting the popularity of Windows Packet Divert drivers. The SilentCryptoMiner malware, disguised as legitimate tools, has affected over 2,000 victims in Russia. Cybercriminals manipulate YouTubers to share malicious links, with one YouTuber having 60,000 subscribers attracting over 400,000 views on infected videos. Compromised files were hosted on gitrok[.]com, with over 40,000 downloads. Attackers issue copyright strikes to content creators, threatening channel shutdowns to propagate malware. The infection begins with a modified script that executes an executable via PowerShell, using a Python-crafted loader to fetch the payload. SilentCryptoMiner, based on XMRig, mines various cryptocurrencies stealthily, employing techniques to evade detection and dynamically adjust its behavior. This campaign highlights the evolving tactics of cybercriminals, leveraging demand for bypass tools to distribute malware. Users are advised to be cautious when downloading tools from untrusted sources.