.NET regular expressions that break Perl Compatible Regular Expressions (PCRE) standard

Examples of patterns that work in PCRE but break in .NET

The Perl Compatible Regular Expressions (PCRE) library is a set of functions that implement regular expression pattern matching using the same syntax and semantics as Perl 5. PCRE has its own native API, as well as a set of wrapper functions that correspond to the POSIX regular expression API.
The current version of PCRE2 is version 10.47 and released Oct 21, 2025.

Good news a clever programmer created a dotnet wrapper for the PCRE2 library used in Perl supporting 10.47! https://github.com/ltrzesniewski/pcre-net/, 1st version v0.1.0 requires .NET 4.5 Framework.

Pattern Type	PCRE	.NET	Why It Breaks
Possessive quantifiers	✅	❌	Not implemented
Variable‑length lookbehind	✅	❌	.NET requires fixed length
Subroutine calls / recursion	✅	❌	Feature not supported
Python‑style named groups	✅	❌	.NET uses different syntax
Ungreedy mode ((?U))	✅	❌	No equivalent in .NET
Recursive named groups	✅	❌	Not implemented
Modern Unicode properties	✅	❌	.NET uses older Unicode
\R newline escape	✅	⚠️	Only supported in newer .NET
Lookbehind with alternation	✅	❌	Variable length

1. Possessive quantifiers (++, *+, ?+, {m,n}+)

PCRE supports:

^\w++$

Meaning: match a word string with no backtracking allowed.

✅ PCRE: Works ❌ .NET: Throws “quantifier following nothing” or treats ++ as literal + depending on context.

Why it breaks: .NET simply does not implement possessive quantifiers.

2. Variable‑length lookbehind

PCRE allows:

(?<=\w+)\d+

Meaning: match digits preceded by one or more word characters.

✅ PCRE: Works ❌ .NET: “Lookbehind assertion is not fixed length”

Why it breaks: .NET requires lookbehind to have a fixed, compile‑time length.

3. Subroutine calls / recursion

PCRE supports recursive patterns:

^(\w+|(\((?1)\)))+$

Used for matching nested parentheses.

✅ PCRE: Works ❌ .NET: “Unrecognized grouping construct”

Why it breaks: .NET does not support (?1), (?&name), or recursive patterns at all.

4. Python‑style named groups ((?P<name>...))

PCRE supports:

(?P<word>\w+)-(?P=word)

✅ PCRE: Works ❌ .NET: “Unrecognized grouping construct”

Why it breaks: .NET only supports (?<name>...) and (?'name'...).

5. Ungreedy mode modifier ((?U))

PCRE supports:

(?U)^.+$

Meaning: make all quantifiers lazy by default.

✅ PCRE: Works ❌ .NET: “Unrecognized inline modifier”

Why it breaks: .NET has no equivalent to PCRE’s global ungreedy mode.

6. Recursive named groups ((?&name))

PCRE:

(?<paren>\((?:[^()]++|(?&paren))*\))

✅ PCRE: Works ❌ .NET: Fails immediately

Why it breaks: .NET has no syntax for recursive named groups.

7. Newline escape \R in older .NET versions

PCRE:

^\R$

✅ PCRE: Works ❌ .NET (pre‑.NET 7): “Unrecognized escape sequence”

Why it breaks: .NET added \R only recently.

8. Lookbehind with alternation of different lengths

(?<=abc|z)\d+

✅ PCRE: Works ❌ .NET: “Lookbehind assertion is not fixed length”

Why it breaks: Alternation creates variable‑length lookbehind.

9. Unicode property escapes beyond Unicode 4.0.1

PCRE supports modern Unicode categories:

\p{Script=Greek}

✅ PCRE: Works ❌ .NET: “Unknown property”

Why it breaks: .NET’s regex engine is tied to older Unicode property tables.

How to run CrystalDiskInfo on Windows Start-up - Boot Silently

CrystalDiskInfo is effective, reliable, and widely used for monitoring drives health including SSDs.
However, with new memory-chip based solid state drive (SSD)  failures do not happen in an analog fashion like the old spindle hard-drives. SSDs have a finite number of write cycles before the memory cells degrade, although modern SSDs use techniques like wear leveling to prolong their lifespan.

Download  https://sourceforge.net/projects/crystaldiskinfo/files/9.7.2/CrystalDiskInfo9_7_2.exe/download

⚠️ What CDI does not do

• It cannot predict exact SSD failure dates. No SMART tool can — SSDs fail unpredictably once cells wear out.

• It may not show proprietary vendor‑specific metrics Some SSD makers expose extra data only through their own tools (e.g., Samsung Magician, WD Dashboard). Tom’s Hardware notes that manufacturers often provide deeper diagnostics.

• It doesn’t test performance or speed That’s CrystalDiskMark, a separate tool.

Most SSDs expose standardized SMART attributes that let you estimate remaining life. These include:

Key SSD SMART Attributes

• Total Bytes Written (TBW) How much data has been written to the drive so far.

• Percentage Used / Wear Leveling Count A controller‑calculated estimate of how much of the drive’s write endurance has been consumed.

• Media Wearout Indicator (MWI) Enterprise SSDs often report this as a value from 100 (new) to 0 (end of life).

• Reallocated Sector Count Shows if the drive has started remapping worn‑out blocks.

Below is a table of the attributes you mentioned and whether CrystalDiskInfo reports them.

SSD Attribute	Reported by CrystalDiskInfo?	Notes
Total Bytes Written (TBW)	✅ Yes	Usually shown as “Total Host Writes” or “NAND Writes” depending on drive.
Percentage Used / Wear Leveling Count	✅ Yes	NVMe drives show “Percentage Used”; SATA drives show “Wear Leveling Count”.
Media Wearout Indicator (MWI)	✅ Often	Common on enterprise SSDs; may not appear on consumer drives.
Reallocated Sector Count	✅ Yes	Standard SMART attribute for both HDDs and SSDs.

Running CrystalDiskInfo requires admin rights to read SMART data, so when you schedule it through Task Scheduler, Windows triggers UAC unless the task is configured to bypass it. 

CrystalDiskInfo Startup Setting

To enable CrystalDiskInfo to run on start-up choose Function -> Startup and Keep in System Tray (to keep minimized on boot). 

CrystalDiskInfo actually creates a task, you can edit it.

1. Open Task Scheduler

• Press Win + R

• Type: taskschd.msc

• Press Enter

2. Create a new Task (not a Basic Task)

• In the right panel, click Create Task… (Do not choose “Create Basic Task” — it hides the options you need.)

3. Configure the General tab

• Name: CrystalDiskInfo

• Description: optional

• Security options:

  • Run whether user is logged on or not

  • Run with highest privileges

• “Configure for”: Windows 7/10/11 in the name, may end with Server....

This is the part that allows the task to elevate without a UAC prompt.

4. Configure the Triggers tab

• Click New…

• Choose when you want it to run (daily, at logon, etc.)

• Click OK

Each trigger you add will run the task silently.

5. Configure the Actions tab

• Click New…

• Action: Start a program

• Program/script: Browse to your CrystalDiskInfo folder and select:

"C:\Program Files (x86)\CrystalDiskInfo\DiskInfo64.exe"

• Add arguments: \Startup but \Silent works better

This suppresses the UI completely.

• Click OK

6. Configure the Conditions tab (optional)

Adjust as needed. Most people leave these alone.

7. Configure the Settings tab

Recommended:

• Allow task to be run on demand (then you can test it by choosing Run in Actions Panel Right)

• Run task as soon as possible after a scheduled start is missed

8. Save the task

• Click OK

• Windows will prompt for your account password

  • This is required so the task can run elevated without UAC.

Enumerating the average size of Office and PDF documents - C++ code and tool

Here's some 'vibe coding' to produce a fast C++ code to calculate average size of Office documents .docx, xls, ppt and pdfs for your organization. It scans a drive letter, here's a command line example.

c:\>calcavgsizedocs.exe c:\

This code features: 

• Long path support (\\?\)
• Skip reparse points / junctions to avoid infinite loops
• Unicode-safe console output
• Multi-threaded scanning + progress + current folder
• Total docs scanned with thousands separators
• Ctrl-C gracefully exits
• VS2010-compatible, no C4996 warnings

5$ USD for a compiled pro version with help exe, email at 

Pro Version

Usage: CalcAvgSizeDocs <drive_letter>
Example: CalcAvgSizeDocs C:

Options:
  -h, --help    Show this help message
  -v, --version Show version info
  -s, --silent  Silence current progress output


This program is provided "AS-IS", without warranty of
merchantability or fitness for a particular purpose.

C++ Code basic version

// CalcAvgSizeDocs.cpp : Defines the entry point for the console application.
//

#include "stdafx.h" required for VisualStudio 2010 win32 console app, with header files or remove
#include <windows.h>
#include <string>
#include <iostream>
#include <vector>
#include <io.h>
#include <fcntl.h>

// ------------------------------------------------------------
// Global Data Structures
// ------------------------------------------------------------

struct Stats
{
    volatile unsigned __int64 count;
    volatile unsigned __int64 totalBytes;

    Stats() : count(0), totalBytes(0) {}
};

Stats docxStats, xlsxStats, pptxStats, pdfStats;

// Work queue
std::vector<std::wstring> dirQueue;
CRITICAL_SECTION queueLock;

// Progress & control
volatile LONG totalDirsQueued = 0;
volatile LONG totalDirsProcessed = 0;
volatile bool scanningFinished = false;
volatile bool cancelRequested = false;

// Current folder display
std::wstring currentFolder;
CRITICAL_SECTION currentFolderLock;

// Total documents scanned
volatile unsigned __int64 totalDocsScanned = 0;

// ------------------------------------------------------------
// Utility
// ------------------------------------------------------------

bool EndsWith(const std::wstring& s, const std::wstring& ext)
{
    if (s.length() < ext.length()) return false;
    return _wcsicmp(s.c_str() + (s.length() - ext.length()), ext.c_str()) == 0;
}

void Accumulate(Stats &stat, unsigned __int64 size)
{
    InterlockedIncrement((LONG*)&stat.count);
    InterlockedExchangeAdd64((LONGLONG*)&stat.totalBytes, size);
    InterlockedExchangeAdd64((LONGLONG*)&totalDocsScanned, 1);
}

void ProcessFile(const std::wstring& path)
{
    WIN32_FILE_ATTRIBUTE_DATA fad;
    if (!GetFileAttributesExW(path.c_str(), GetFileExInfoStandard, &fad))
        return;

    unsigned __int64 size =
        (((unsigned __int64)fad.nFileSizeHigh) << 32) | fad.nFileSizeLow;

    if (EndsWith(path, L".docx"))
        Accumulate(docxStats, size);
    else if (EndsWith(path, L".xlsx"))
        Accumulate(xlsxStats, size);
    else if (EndsWith(path, L".pptx"))
        Accumulate(pptxStats, size);
    else if (EndsWith(path, L".pdf"))
        Accumulate(pdfStats, size);
}

// Format time in HH:MM:SS.mmm
std::wstring FormatDuration(DWORD ms)
{
    DWORD seconds = ms / 1000;
    DWORD minutes = seconds / 60;
    DWORD hours   = minutes / 60;

    seconds %= 60;
    minutes %= 60;

    wchar_t buf[64];
    swprintf(buf, 64, L"%02u:%02u:%02u.%03u",
             hours, minutes, seconds, ms % 1000);

    return buf;
}

// Format numbers with thousands separators
std::wstring FormatWithThousandsSeparator(unsigned __int64 value)
{
    wchar_t buf[64];
    _ui64tow_s(value, buf, 64, 10);
    std::wstring s(buf);

    int insertPosition = (int)s.length() - 3;
    while (insertPosition > 0)
    {
        s.insert(insertPosition, L",");
        insertPosition -= 3;
    }
    return s;
}

// ------------------------------------------------------------
// CTRL-C Handler
// ------------------------------------------------------------

BOOL WINAPI CtrlHandler(DWORD ctrlType)
{
    if (ctrlType == CTRL_C_EVENT ||
        ctrlType == CTRL_BREAK_EVENT ||
        ctrlType == CTRL_CLOSE_EVENT)
    {
        cancelRequested = true;
        scanningFinished = true;
        std::wcout << L"\n\nCTRL-C detected... stopping scan...\n";
        return TRUE;
    }
    return FALSE;
}

// ------------------------------------------------------------
// Worker Thread
// ------------------------------------------------------------

DWORD WINAPI WorkerProc(LPVOID)
{
    for (;;)
    {
        if (cancelRequested)
            break;

        std::wstring folder;

        EnterCriticalSection(&queueLock);
        if (!dirQueue.empty())
        {
            folder = dirQueue.back();
            dirQueue.pop_back();
        }
        else
        {
            LeaveCriticalSection(&queueLock);
            break;
        }
        LeaveCriticalSection(&queueLock);

        InterlockedIncrement(&totalDirsProcessed);

        EnterCriticalSection(&currentFolderLock);
        currentFolder = folder;
        LeaveCriticalSection(&currentFolderLock);

        if (cancelRequested)
            break;

        // Prepend \\?\ for long path support
        std::wstring longPath = L"\\\\?\\" + folder;
        std::wstring searchPath = longPath + L"\\*";

        WIN32_FIND_DATAW fd;
        HANDLE hFind = FindFirstFileW(searchPath.c_str(), &fd);
        if (hFind == INVALID_HANDLE_VALUE)
            continue;

        do
        {
            if (cancelRequested)
                break;

            const wchar_t* name = fd.cFileName;
            if (wcscmp(name, L".") == 0 || wcscmp(name, L"..") == 0)
                continue;

            std::wstring fullPath = folder + L"\\" + name;

            // Skip junctions / reparse points to avoid loops
            if ((fd.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) &&
                !(fd.dwFileAttributes & FILE_ATTRIBUTE_REPARSE_POINT))
            {
                EnterCriticalSection(&queueLock);
                dirQueue.push_back(fullPath);
                LeaveCriticalSection(&queueLock);
                InterlockedIncrement(&totalDirsQueued);
            }
            else if (!(fd.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY))
            {
                ProcessFile(fullPath);
            }

        } while (FindNextFileW(hFind, &fd));

        FindClose(hFind);
    }

    return 0;
}

// ------------------------------------------------------------
// Progress Thread
// ------------------------------------------------------------

DWORD WINAPI ProgressProc(LPVOID)
{
    while (!scanningFinished && !cancelRequested)
    {
        LONG done = totalDirsProcessed;
        LONG total = totalDirsQueued;
        double pct = (total > 0) ? (done * 100.0 / total) : 0.0;

        EnterCriticalSection(&currentFolderLock);
        std::wcout << L"\rProcessed: " << done
                   << L"/" << total
                   << L" (" << (int)pct << L"%) "
                   << L"Current: " << currentFolder
                   << std::flush;
        LeaveCriticalSection(&currentFolderLock);

        Sleep(500);
    }
    return 0;
}

// ------------------------------------------------------------
// Print Stats
// ------------------------------------------------------------

void PrintStats(const wchar_t* label, const Stats& s)
{
    if (s.count == 0)
    {
        std::wcout << label << L": No files found\n";
        return;
    }

    double avg = (double)s.totalBytes / (double)s.count;
    double kb = avg / 1024.0;

    std::wcout << label << L": " << kb
               << L" KB average (" << s.count << L" files)\n";
}

// ------------------------------------------------------------
// MAIN
// ------------------------------------------------------------

int wmain(int argc, wchar_t* argv[])
{
    // Enable UTF-8 output
    SetConsoleOutputCP(CP_UTF8);
    _setmode(_fileno(stdout), _O_U8TEXT);

    SetConsoleCtrlHandler(CtrlHandler, TRUE);

    DWORD startTime = GetTickCount();

    // Determine drive
    std::wstring root;
    if (argc >= 2)
    {
        std::wstring arg = argv[1];

        if (arg.length() == 1)
            arg += L":\\";
        else if (arg.length() == 2 && arg[1] == L':')
            arg += L"\\";
        else if (arg[arg.length() - 1] != L'\\')
            arg += L"\\";

        root = arg;
    }
    else
    {
        root = L"C:\\";
    }

    std::wcout << L"Scanning drive: " << root << L"\n";

    InitializeCriticalSection(&queueLock);
    InitializeCriticalSection(&currentFolderLock);

    dirQueue.push_back(root);
    InterlockedIncrement(&totalDirsQueued);

    HANDLE hProgress = CreateThread(NULL, 0, ProgressProc, NULL, 0, NULL);

    SYSTEM_INFO si;
    GetSystemInfo(&si);
    int numThreads = si.dwNumberOfProcessors;

    std::vector<HANDLE> threads;
    for (int i = 0; i < numThreads; ++i)
    {
        HANDLE h = CreateThread(NULL, 0, WorkerProc, NULL, 0, NULL);
        threads.push_back(h);
    }

    WaitForMultipleObjects((DWORD)threads.size(), &threads[0], TRUE, INFINITE);
    scanningFinished = true;
    WaitForSingleObject(hProgress, INFINITE);

    DeleteCriticalSection(&queueLock);
    DeleteCriticalSection(&currentFolderLock);

    DWORD endTime = GetTickCount();
    DWORD elapsed = endTime - startTime;

    std::wcout << L"\n\nResults (partial if cancelled):\n";
    PrintStats(L"DOCX", docxStats);
    PrintStats(L"XLSX", xlsxStats);
    PrintStats(L"PPTX", pptxStats);
    PrintStats(L"PDF ", pdfStats);

    std::wcout << L"\nTotal documents scanned: "
               << FormatWithThousandsSeparator(totalDocsScanned)
               << L"\n";

    std::wcout << L"\nTotal execution time: "
               << FormatDuration(elapsed) << L"\n";

    if (cancelRequested)
        std::wcout << L"\nScan cancelled by user.\n";

    return 0;
}

D:\ Drive Results

C:\Users\Markus\Documents\Visual Studio 2010\Projects\CalcAvgSizeDocs\Release>calcavgsizedocs -s d
Scanning drive: d:\

Drive size: 1.09 TB

.DOCX: 125.60 KB average (230 files)
.XLSX: 321.00 KB average (47 files)
.PPTX: 11.63 MB average (11 files)
.PDF : 2.82 MB average (1625 files)

Total documents scanned: 1,913

Total execution time: 00:01:14.537

C:\ Drive Results (pro code output)

C:\Users\Markus\Documents\Visual Studio 2010\Projects\CalcAvgSizeDocs\Release>calcavgsizedocs -s c
Scanning drive: c:\

Drive size: 931.41 GB

Total Folders Processed: 221515


Complete Results:

.DOCX: 364.55 KB average (1782 files)
.XLSX: 109.95 KB average (565 files)
.PPTX: 2.05 MB average (205 files)
.PDF : 1.54 MB average (8179 files)

Total documents scanned: 10,731

Total execution time: 01:00:03.951

Vibe coded new solution 100x faster

C:\Users\Markus\Documents\Visual Studio 2010\Projects\avgsizedocs\Debug>avgsizedocs d:\
Scanning: d:\

Folders: 70013 | Files: 606999
----------------------------------------
Total Folders: 70,751
Total Files  : 607,842
Elapsed Time : 0h 1m 40s
----------------------------------------

.DOCX: Count=137, Total=47.00 MB, Avg=351.33 KB
.XLSX: Count=92, Total=53.95 MB, Avg=600.50 KB
.PPTX: Count=24, Total=23.31 MB, Avg=994.40 KB
.PDF : Count=1476, Total=2.85 GB, Avg=1.97 MB

Please post your results in comments.

Open Browser Task Manager in Edge / Chrome to reveal browsers are memory hogs

In Chrome, the “process manager” is just called the Task Manager. 
In Microsoft Edge, the “process manager” is called the Browser Task Manager.

1. Keyboard shortcut: Press Shift + Esc while Edge is open. This instantly launches the Browser Task Manager window.
   
   
2. Menu option: Click the three dots (…) in the top‑right corner → choose More tools → select Browser task manager.

The Browser Task Manager shows all active tabs, extensions, and sub‑processes (like GPU or network service). Each entry displays:

• Memory usage (RAM consumed by the process)

• CPU usage (processing load)

• Network activity (data transfer rate)

• Process type (tab, extension, utility, etc.)
  
  
  
  

Edge / Chrome memory consumption is over 1 Gig.

React Server Components malware CVE-2025-55182 severity 100% with POC code

 

The critical React Server Components has been hacked.

It received a severity score of 10/10 and has been assigned the identifiers CVE-2025-55182 for React and CVE-2025-66478 (CVE rejected in the National Vulnerability Database) for Next.js.

React Server Components (RSC) let you render components ahead of time on the server or at build-time, reducing client bundle size and improving performance. They can fetch data directly, support async/await in rendering, and combine seamlessly with Client Components for interactivity. 

React Server Components (RSCs) are still in early adoption and don’t yet have reliable global usage percentages across server projects. They are mainly being adopted through frameworks like Next.js. By contrast, React itself is widely used worldwide: as of December 2025, React powers about 6.2% of all websites (representing a 7.7% market share among JavaScript libraries), with estimates suggesting over 11 million websites globally use React. 

Source: Critical React, Next.js flaw lets hackers execute code on servers (bleepingcomputer.com)

Here's the POC Code

GitHub - ejpir/CVE-2025-55182-research: CVE-2025-55182 POC

Cyber Monday Sale on the best tool to automate a fix for Path Tool Long Error

 

Path Too Long Auto Fixer Tool is the 1st tool that discovers, reports and auto corrects filenames and paths that are too long to fit under the Windows MAXPATH 260-character limit. Enterprise tested and driven. 

Main Features 

þ Identifies and auto fixes long paths in bulk

þ Discovers all long paths

þ Reports them in an Excel generated file to communicate to your users

þ Choose how to shrink paths, remove space, underscores, punctuations or hyphens/dashes.

þ Remove explicit words/characters from the paths.

þ Search and replace words from a corporate glossary in the path, PRD becomes Production þ Explicite copy of create date, last accessed date and modified date maintained  þ Explicite copy of hidden and read-only file attributes þ Explicite ACLs copy and output, similar to icacls.exe

¹ 2 stage, failsafe redundant copy - fully logged transaction file

Enterprise Edtn

> Supports UNIX mounts of path 4096 characters long

ÿ High-speed Command line for script ability and automation

þ Portable Edition available

Ö BUILT-IN COLLISION AVOIDANCE - if two files shrink to same name, this will guarantee uniqueness.

Ö CONSOLIDATE - allows you consolidate long paths to same directories, upon shortening process.

dotNET Conference 2025 Top Videos Playlist

.NET Conference 2025 Playlist of Top Videos

Learn amazing new things you can do with .NET 10, C# 14 and Visual Studio 2026

TD Phishing email with subject Official Compliance Communication - Immediate Renewal of W-8BEN Form Required

For the record, this is TD phishing email attempt that is recently going around, with subject "Official Compliance Communication - Immediate Renewal of W-8BEN Form Required" 

What to do?  Report them, go to bottom of page. 

From : TD Direct Investing <notify@epplhb.com> Subject : Official Compliance Communication - Immediate Renewal of W-8BEN Form Required

ALSO, SHAME ON TD

TD took Epstein's money after Deutsche Bank severed ties with the disgraced financier, source says | Financial Post

PHISHING LINKs;

1. Hover over image

https://jpikwsr.com/?token=xxxxxxxx 

How to tell this is a Phishing email?

1. Check email address in full, if it's not from originating company then it's phishing.
2. Hover over all links in email, if it's not from the company's website then forget it.
3. The best way is to examine email message source.

How to examine Email Message Source?

Now let's look at message source

1. Outlook.com->Actions->View Message Source. 
2. Gmail.com->More (down arrow to top right)->Show original.

Check for suspicious links, anything that does not originate from original domain, like apple.com.

Report Phishing Email (not as Spam)

1. Outlook.com->Junk (at Top)->Phishing Scam
2. Gmail.com->More (down-arrow to top right)->Report Phishing 

Report Phishing

If you have received this email, take further 

1. https://www.google.com/safebrowsing/report_phish/

Report phishing at Microsoft and government agencies

1. http://www.microsoft.com/security/online-privacy/phishing-faq.aspx

npm registry including Postman package infected with Shai-Hulud supply-chain attack

 

The name npm (Node Package Manager) stems from when npm first was created as a package manager for Node.js.

Node.js is an open-source, cross-platform JavaScript runtime environment that allows developers to run JavaScript code outside of a browser. It is built on Chrome's V8 JavaScript engine, which makes it highly performant. Node.js is widely used for building servers, web applications, command-line tools, and scripts.

npm is the world's largest opens source software registry. The registry contains over 800,000 code packages for Node.js.

Novice developers just include open-source packages without doing any sort of security review, hence these kinds of attacks spread exponentially.

The Shai-Hulud malware is a self-replicating worm that targets the npm ecosystem, compromising hundreds of packages and exposing sensitive developer credentials.

At time of writing  27,000 malicious packages were infected, including Postman.

Postman package is a JavaScript library for a simple message bus, at time of writing has about ~750 downloads a week. 

Source : Shai-Hulud malware infects 500 npm packages, leaks secrets on GitHub (bleepingcomputer.com)

From Dune, the sandworm aka Shai-Hulud

POC Code : Shai-Hulud 2 Malware Campaign Targets GitHub and Cloud Credentials Using Bun Runtime | Blog | Endor Labs

Social media usage across American generations, and top spot is not tik tok

It's that time of the year again, and end-of-year stats are beginning to be rolling in. Perhaps this is one of the most important. 

Current social media usage with American adults' chart by Pew Research Center for 2025. 

The Pew Research Center is widely cited in academia, journalism, and policymaking because of its commitment to neutrality and methodological rigor. Unlike advocacy organizations, Pew’s role is to inform rather than persuade, making it a trusted source for understanding public opinion and societal trends.

Source Article: Americans’ Social Media Use 2025 | Pew Research Center

#	Generation Name	Birth Years	Defining Notes
1	Lost Generation	1883 – 1900	WWI era, Jazz Age writers
2	Greatest Generation	1901 – 1927	Great Depression resilience, WWII service
3	Silent Generation	1928 – 1945	Post-war boom, early Civil Rights movement
4	Baby Boomers	1946 – 1964	Suburban expansion, Moon landing, Woodstock
5	Generation X	1965 – 1980	Personal computers, MTV culture, “latch‑key” kids
6	Millennials (Gen Y)	1981 – 1996	Internet adolescence, 9/11, social media rise
7	Generation Z	1997 – 2012	Smartphones, streaming, climate activism
8	Generation Alpha	2013 – 2025	Born into AI, tablets, global connectivity
9	Generation Beta	2026 – 2039 (projected)	Deep AI integration, climate adaptation

You have been automatically OPTED IN to allow Gmail to access all your private messages & attachments to train AI models

For the record, 

“IMPORTANT message for everyone using Gmail. You have been automatically OPTED IN to allow Gmail to access all your private messages & attachments to train AI models,” Engineer Dave Jones shared on X   on Nov 19, 2025. 

However, Google refutes this stating "Enabling the feature in Workspace says that “you agree to let Google Workspace use your Workspace content and activity to personalize your experience across Workspace,” according to the settings page, but according to Google, that does not mean handing over the content of your emails to use for AI training."

Google denies ‘misleading’ reports of Gmail using your emails to train AI | The Verge

“You have to manually turn off Smart Features in the Setting menu in TWO locations.”
Engineer Dave Jones shared on X   on Nov 19, 2025. 

Manage Workspace smart feature settings opens this page

and Learn more about these smart features opens this help page 

Learn about smart features & controls for Google Workspace & other Google products - Computer - Gmail Help

Last final working version of GIMP compatible with Windows 7

Can confirm v2.10.38 works on Windows 7 still, even though the download page says Win10 support only, see last image below.

Download Gimp v2.10.38 here - Index of /gimp/v2.10/windows/ 

Version 2.10.36 lists Windows 7+ as supported.

Version 2.10.38 lists Windows 10+ as supported only.

7Zip Symbolic Link–Based RCE Vulnerability (CVE-2025-11001) with proof-of-concept (PoC) code

7-Zip is third party EU FOSS approved software used to encrypt/decrypt many file formats, including zip, .tar, .gz, .rar  and proprietary .7z format.

The vulnerability in question is CVE-2025-11001 (CVSS score: 7.0, October 7th, 2025), which allows remote attackers to execute arbitrary code using symbolic links. 

Symlinks in Windows 10!  - Excellent article and demonstrates how a symbolic link can run an executable. 

Also fixed was CVE-2025-11002 (CVSS score: 7.0), that allows for remote code execution by taking advantage of improper handling of symbolic links within ZIP archives, resulting in directory traversal. Both shortcomings were introduced in version 21.02.

How to Fix

Fixed in 7-Zip version 25.01 (25.00 has been removed from download page) 

Upgrade your 7-zip now - Download (7-zip.org) - Confirmed working on Windows 7.

POC Code
pacbypass/CVE-2025-11001: Exploit for CVE-2025-11001 or CVE-2025-11002 (github.com)

Looking for RichCopy with an active download link - Update Nov 2025

This post will explore consolidate or merging multiple files in multiple locations into 1 (one) directory and consolidating repeat files into 1 file using Richcopy, a free easy-to-use utility from Microsoft.


Basically the Richcopy GUI tool has some advanced functionality found in Robocopy.  Robocopy is short for robust copy, and is a built-in Windows utility that provides robust file copy, such as copying files without permissions.  Read my post for more info.

First you need to get a copy of RichCopy  as described in this article in TechNet Magazine Utility Spotlight RichCopy, by J. Hoffman



RichCopy 4.0.217.0 is in this file HoffmanUtilitySpotlight2009_04.exe (5,896 KB)  named after J. Hoffman the author. Download and run setup.exe.

Update 2025: Download RichCopy 4.0.217 - FileCroco.com - HoffmanUtilitySpotlight2009_04.exe has Microsoft Signature intact.

Why Richcopy vs Robocopy? 

1. Ease of Use: RichCopy's GUI makes it easier for users who are not comfortable with command-line interfaces, while Robocopy requires familiarity with command-line syntax, which can have a steeper learning curve.

2. Performance: RichCopy's multithreading can lead to faster transfers in certain scenarios, but Robocopy's robust error handling and logging make it more reliable for critical file operations. 

3.  Functionality: Robocopy offers more advanced features for automation and scripting, making it suitable for IT professionals and system administrators who need to perform complex file operations regularly.

Image 1: RichCopy GUI

A brief background on Robocopy

Robocopy enables the more serious file replication tasks that can really simplify your job. The biggest benefit I think you'll find is the ability to create full mirror duplicates of two file structures (including all sub-directories and files, if you choose) without copying any unnecessary files. Only the files that are new or have been updated in the source location will be copied. Robocopy also allows you to preserve all of the associated file information, including date and time stamps, security access control lists (ACLs) and more.

Robocopy is built into Windows 7, Windows 8+, Windows 10+, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2016+ 

In this case, we're discussing the simplest of tasks: copying files. Except copying files is not always that simple. 

• What if you're copying thousands of files across a slow connection? 
• What happens if your network hiccups and interrupts the copy? 
• What if you want to make sure that you preserve particular file attributes, such as a Last Modified date, but not other attributes, like security descriptors? 
• What if you want to filter the files you're copying from source to destination based on filename or extension?
• Copy files without permissions and file information
• Copy files longer than 260 characters 
• Actively supported

Consolidate Repeated Files

RichCopy version 4.0 supports specifying multiple source directories. Default behavior is to create directories with same name as source, and make a copy. When this option is selected, RichCopy copy all sources files and directories into specified destination directory without creating directories with same name as source. 

Also, if you have File A in Directory 1 and File A in Directory 2, File A with the latest date will be copied into Destination directory. This behaviour can be altered using Copy always (do not compare source and destination) options, see image 2.

Never have repeat file again, especially when syncing to the cloud.

Consolidate Files Using RichCopy

Step 1 Choose multiple source directories and destination (consolidated) directory. 

NOTE : When this completes, Copy complete only mentions the last path of Source Path. 

Image 1: RichCopy GUI

Step 2 Choose Option button and select "Consolidate multiple sources"

Image 2: RichCopy Options interface

Step 3 Wait until "Copy Complete" appears in Description as in Image 1. Copy complete only mentions the last path of Source Path. This behaviour can be altered using Copy always (do not compare source and destination) options.

Step 4 Done.

Consolidate Multiple Source Results

Here's proof of the the process when using "Consolidate multiple sources" option; 

Our two source directories are c:\temp and c:\backup, and contain the same files NameLengths.txt and PathLengths.txt. 

Image 3 : Temp source Directory 

Take note of NameLength.txt time-stamp in Backup directory (Image 4) is newer than temp directory (Image 3 above).

Image 4 : Backup source directory

The resultant consolidate directory contains only 1 copy of the all the repeated files. Duplicate files are resolved using the most recent time-stamp. This behaviour can be altered using Copy always (do not compare source and destination) options.

NameLength.txt's time-stamp in Backup directory (Image 4) is newer than temp directory (Image 3 above) and therefore end-up in the output consolidate_test directory. 

Image 5 : Consolidate directory and files

There you go, a great way to consolidate your mess of duplicate files.  

Fix Path Tool Long Error and Conslidation

Richcopy will bomb on paths too long errors. It's a problem for many tools. 

I build a specialized tool to solve the path too long issue completely. Path Tool Long Auto Fixer tool is the 1st tool on the market to find all directories and filenames that are too long and auto correct them!

Download free demo at https://pathtoolongautofixer.blogspot.com