.NET Conference 2025 Playlist of Top Videos
Friday, November 28, 2025
Thursday, November 27, 2025
TD Phishing email with subject Official Compliance Communication - Immediate Renewal of W-8BEN Form Required
For the record, this is TD phishing email attempt that is recently going around, with subject "Official Compliance Communication - Immediate Renewal of W-8BEN Form Required"
What to do? Report them, go to bottom of page.
From : TD Direct Investing <notify@epplhb.com> Subject : Official Compliance Communication - Immediate Renewal of W-8BEN Form Required  |
ALSO, SHAME ON TD
TD took Epstein's money after Deutsche Bank severed ties with the disgraced financier, source says | Financial Post
PHISHING LINKs;
1. Hover over image
https://jpikwsr.com/?token=xxxxxxxx
1. Hover over image
https://jpikwsr.com/?token=xxxxxxxx
How to tell this is a Phishing email?
- Check email address in full, if it's not from originating company then it's phishing.
- Hover over all links in email, if it's not from the company's website then forget it.
- The best way is to
How to examine Email Message Source ?
Now lets look at message source- Outlook.com->Actions->View Message Source.
- Gmail.com->More (down arrow to top right)->Show original.
Report Phishing Email (not as Spam)
- Outlook.com->Junk (at Top)->Phishing Scam
- Gmail.com->More (down-arrow to top right)->Report Phishing
Report Phishing
If you have recievied this email take further
Report phishing at Microsoft and government agencies
Tuesday, November 25, 2025
npm registry including Postman package infected with Shai-Hulud supply-chain attack
The name npm (Node Package Manager) stems from when npm first was created as a package manager for Node.js.
Node.js is an open-source, cross-platform JavaScript runtime environment that allows developers to run JavaScript code outside of a browser. It is built on Chrome's V8 JavaScript engine, which makes it highly performant. Node.js is widely used for building servers, web applications, command-line tools, and scripts.
npm is the world's largest opens source software registry. The registry contains over 800,000 code packages for Node.js.
Novice developers just include open-source packages without doing any sort of security review, hence these kinds of attacks spread exponentially.
The Shai-Hulud malware is a self-replicating worm that targets the npm ecosystem, compromising hundreds of packages and exposing sensitive developer credentials.
At time of writing 27,000 malicious packages were infected, including Postman.
Postman package is a JavaScript library for a simple message bus, at time of writing has about ~750 downloads a week.
Source : Shai-Hulud malware infects 500 npm packages, leaks secrets on GitHub (bleepingcomputer.com)
From Dune, the sandworm aka Shai-Hulud
Monday, November 24, 2025
Social media usage across American generations, and top spot is not tik tok
It's that time of the year again, and end-of-year stats are beginning to be rolling in. Perhaps this is one of the most important.
Current social media usage with American adults' chart by Pew Research Center for 2025.
The Pew Research Center is widely cited in academia, journalism, and policymaking because of its commitment to neutrality and methodological rigor. Unlike advocacy organizations, Pew’s role is to inform rather than persuade, making it a trusted source for understanding public opinion and societal trends.
Source Article: Americans’ Social Media Use 2025 | Pew Research Center
| # | Generation Name | Birth Years | Defining Notes |
|---|---|---|---|
| 1 | Lost Generation | 1883 – 1900 | WWI era, Jazz Age writers |
| 2 | Greatest Generation | 1901 – 1927 | Great Depression resilience, WWII service |
| 3 | Silent Generation | 1928 – 1945 | Post-war boom, early Civil Rights movement |
| 4 | Baby Boomers | 1946 – 1964 | Suburban expansion, Moon landing, Woodstock |
| 5 | Generation X | 1965 – 1980 | Personal computers, MTV culture, “latch‑key” kids |
| 6 | Millennials (Gen Y) | 1981 – 1996 | Internet adolescence, 9/11, social media rise |
| 7 | Generation Z | 1997 – 2012 | Smartphones, streaming, climate activism |
| 8 | Generation Alpha | 2013 – 2025 | Born into AI, tablets, global connectivity |
| 9 | Generation Beta | 2026 – 2039 (projected) | Deep AI integration, climate adaptation |
Sunday, November 23, 2025
You have been automatically OPTED IN to allow Gmail to access all your private messages & attachments to train AI models
For the record,
“IMPORTANT message for everyone using Gmail. You have been automatically OPTED IN to allow Gmail to access all your private messages & attachments to train AI models,” Engineer Dave Jones shared on X on Nov 19, 2025.
However, Google refutes this stating "Enabling the feature in Workspace says that “you agree to let Google Workspace use your Workspace content and activity to personalize your experience across Workspace,” according to the settings page, but according to Google, that does not mean handing over the content of your emails to use for AI training."
Google denies ‘misleading’ reports of Gmail using your emails to train AI | The Verge
“You have to manually turn off Smart Features in the Setting menu in TWO locations.”
Engineer Dave Jones shared on X on Nov 19, 2025.
Manage Workspace smart feature settings opens this page
Friday, November 21, 2025
Last final working version of GIMP compatible with Windows 7
Can confirm v2.10.38 works on Windows 7 still, even though the download page says Win10 support only, see last image below.
Download Gimp v2.10.38 here - Index of /gimp/v2.10/windows/
Version 2.10.36 lists Windows 7+ as supported.
Version 2.10.38 lists Windows 10+ as supported only.
Thursday, November 20, 2025
7Zip Symbolic Link–Based RCE Vulnerability (CVE-2025-11001) with proof-of-concept (PoC) code
7-Zip is third party EU FOSS approved software used to encrypt/decrypt many file formats, including zip, .tar, .gz, .rar and proprietary .7z format.
The vulnerability in question is CVE-2025-11001 (CVSS score: 7.0, October 7th, 2025), which allows remote attackers to execute arbitrary code using symbolic links.
Symlinks in Windows 10! - Excellent article and demonstrates how a symbolic link can run an executable.
Also fixed was CVE-2025-11002 (CVSS score: 7.0), that allows for remote code execution by taking advantage of improper handling of symbolic links within ZIP archives, resulting in directory traversal. Both shortcomings were introduced in version 21.02.
How to Fix
Fixed in 7-Zip version 25.01 (25.00 has been removed from download page)
Upgrade your 7-zip now - Download (7-zip.org) - Confirmed working on Windows 7.
POC Code
pacbypass/CVE-2025-11001: Exploit for CVE-2025-11001 or CVE-2025-11002 (github.com)
Wednesday, November 19, 2025
Looking for RichCopy with an active download link - Update Nov 2025
This post will explore consolidate or merging multiple files in multiple locations into 1 (one) directory and consolidating repeat files into 1 file using Richcopy, a free easy-to-use utility from Microsoft.
Basically the Richcopy GUI tool has some advanced functionality found in Robocopy. Robocopy is short for robust copy, and is a built-in Windows utility that provides robust file copy, such as copying files without permissions. Read my post for more info.
First you need to get a copy of RichCopy as described in this article in TechNet Magazine Utility Spotlight RichCopy, by J. Hoffman
RichCopy 4.0.217.0 is in this fileHoffmanUtilitySpotlight2009_04.exe (5,896 KB) named after J. Hoffman the author. Download and run setup.exe.
Update 2025: Download RichCopy 4.0.217 - FileCroco.com - HoffmanUtilitySpotlight2009_04.exe has Microsoft Signature intact.
RichCopy 4.0.217.0 is in this file
Update 2025: Download RichCopy 4.0.217 - FileCroco.com - HoffmanUtilitySpotlight2009_04.exe has Microsoft Signature intact.
Why Richcopy vs Robocopy?
1. Ease of Use: RichCopy's GUI makes it easier for users who are not comfortable with command-line interfaces, while Robocopy requires familiarity with command-line syntax, which can have a steeper learning curve.
2. Performance: RichCopy's multithreading can lead to faster transfers in certain scenarios, but Robocopy's robust error handling and logging make it more reliable for critical file operations.
3. Functionality: Robocopy offers more advanced features for automation and scripting, making it suitable for IT professionals and system administrators who need to perform complex file operations regularly.
 |
| Image 1: RichCopy GUI |
A brief background on Robocopy
Robocopy is built into Windows 7, Windows 8+, Windows 10+, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2016+
In this case, we're discussing the simplest of tasks: copying files. Except copying files is not always that simple.
- What if you're copying thousands of files across a slow connection?
- What happens if your network hiccups and interrupts the copy?
- What if you want to make sure that you preserve particular file attributes, such as a Last Modified date, but not other attributes, like security descriptors?
- What if you want to filter the files you're copying from source to destination based on filename or extension?
- Copy files without permissions and file information
- Copy files longer than 260 characters
- Actively supported
Consolidate Repeated Files
RichCopy version 4.0 supports specifying multiple source directories. Default behavior is to create directories with same name as source, and make a copy. When this option is selected, RichCopy copy all sources files and directories into specified destination directory without creating directories with same name as source.
Also, if you have File A in Directory 1 and File A in Directory 2, File A with the latest date will be copied into Destination directory. This behaviour can be altered using Copy always (do not compare source and destination) options, see image 2.
Never have repeat file again, especially when syncing to the cloud.
Consolidate Files Using RichCopy
Step 1 Choose multiple source directories and destination (consolidated) directory.
NOTE : When this completes, Copy complete only mentions the last path of Source Path.
Step 2 Choose Option button and select "Consolidate multiple sources"
 |
| Image 2: RichCopy Options interface |
Step 3 Wait until "Copy Complete" appears in Description as in Image 1. Copy complete only mentions the last path of Source Path. This behaviour can be altered using Copy always (do not compare source and destination) options.
Step 4 Done.
Consolidate Multiple Source Results
Here's proof of the the process when using "Consolidate multiple sources" option;
Our two source directories are c:\temp and c:\backup, and contain the same files NameLengths.txt and PathLengths.txt.
 |
| Image 3 : Temp source Directory |
Take note of NameLength.txt time-stamp in Backup directory (Image 4) is newer than temp directory (Image 3 above).
 |
| Image 4 : Backup source directory |
The resultant consolidate directory contains only 1 copy of the all the repeated files. Duplicate files are resolved using the most recent time-stamp. This behaviour can be altered using Copy always (do not compare source and destination) options.
NameLength.txt's time-stamp in Backup directory (Image 4) is newer than temp directory (Image 3 above) and therefore end-up in the output consolidate_test directory.
 |
| Image 5 : Consolidate directory and files |
There you go, a great way to consolidate your mess of duplicate files.
Richcopy will bomb on paths too long errors. It's a problem for many tools.
I build a specialized tool to solve the path too long issue completely. Path Tool Long Auto Fixer tool is the 1st tool on the market to find all directories and filenames that are too long and auto correct them!
Download free demo at https://pathtoolongautofixer.blogspot.com
Tuesday, November 18, 2025
Windows 10 - Upgrading to latest version of Curl for Developers
Windows 10 comes with it's own curl but seems to be behind on the curl updates. So I wanted manually update curl to latest version which is curl 8.17.0 at time of writing. Get latest curl for Windows
Firstly, delete curl.exe at C:\windows\system32 and C:\Windows\SysWOW64, these were stuck at version 7.52.0. You'll need take ownership of the file, with your username.
Then find what default curl.exe is being used in the command line cmd.exe.
Execute where curl.exe
So, we see chocalatey is now the source of curl.exe command, it's 1st on the resultant list.
Upgrading chocalety, using following command
choco upgrade chocolatey choco upgrade curl
Upgrade completed with proper shims.
If you don't have chocalety, then you can manually copy files from curl 8.17.0 zip folder /bin copy these files:
curl-ca-bundle.crt
curl.exe
libcurl-x64.def
libcurl-x64.dll
trurl.exe
to next directory in the list.
And now curl is upgraded in cmd.exe when you launch it.
C:\Users\Markus>curl -V curl 8.17.0 (x86_64-w64-mingw32) libcurl/8.17.0 LibreSSL/4.2.1 zlib/1.3.1.zlib-ng brotli/1.2.0 zstd/1.5.7 WinIDN libpsl/0.21.5 libssh2/1.11.1 nghttp2/1.68.0 ngtcp2/1.17.0 nghttp3/1.12.0 Release-Date: 2025-11-05 Protocols: dict file ftp ftps gopher gophers http https imap imaps ipfs ipns ldap ldaps mqtt pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp ws wss Features: alt-svc AsynchDNS brotli CAcert HSTS HTTP2 HTTP3 HTTPS-proxy IDN IPv6 Kerberos Largefile libz NTLM PSL SPNEGO SSL SSLS-EXPORT SSPI threadsafe UnixSockets zstd
And don't forget to rock.
Sunday, November 16, 2025
How to read/view a damage/corrupt PDF file
Solution:
Get XpdfReader PDF software which can open limited malformed PDF files!
Also XPDFReader does not implement the Adobe JavaScript engine required for interactive features like calculations, validations, or dynamic field updates, make it safer option.
For more information about internal structure of PDFs
Test 1:
In the following sample file, the file starts with malformed PDF file signature
%P!F- which is incorrect and should be %PDF-, as seen in FRHED editor.
XpdfReader is the only app I came across that could open this file with this first malformed change.
Test 2:
Then I remove leading angle bracket < where there should be two for <<Lineralired, and it opened!
Source
The original unadulterated file header is
%PDF-1.5%<bh:e2><bh:e3><bh:cf><bh:d3>10 0 obj\<</Linearized 1/L 105981/O 12/E 101484/N 1/T 105677/H [ 502 173]>>endobj
For more information about internal structure of PDFs
Example of absolute minimal PDF file contents "Hello World", copy and pasted into FHRED.
%PDF-1.1 1 0 obj << /Type /Catalog /Pages 2 0 R >> endobj 2 0 obj << /Type /Pages /Kids [3 0 R] /Count 1 >> endobj 3 0 obj << /Type /Page /Parent 2 0 R /MediaBox [0 0 200 200] /Contents 4 0 R /Resources << /Font << /F1 5 0 R >> >> >> endobj 4 0 obj << /Length 44 >> stream BT /F1 12 Tf 72 100 Td (Hello World) Tj ET endstream endobj 5 0 obj << /Type /Font /Subtype /Type1 /BaseFont /Helvetica >> endobj xref 0 6 0000000000 65535 f 0000000009 00000 n 0000000056 00000 n 0000000107 00000 n 0000000212 00000 n 0000000310 00000 n trailer << /Size 6 /Root 1 0 R >> startxref 380 %%EOF
Here's Hello World.pdf opened in XpdfReader 4.06
Subscribe to:
Comments (Atom)