Search
744 results for “wmlive”
-
Today 👀💻 ESET Research discovered a trojanized Android app that had been available on the Google Play store with over 50,000 installs. #ESETresearch named this #Android malware AhRat, as it is based on the open-source #AhMyth Android RAT. Great work by @lukasstefanko
https://www.welivesecurity.com/2023/05/23/android-app-breaking-bad-legitimate-screen-recording-file-exfiltration/ -
Today 👀💻 ESET Research discovered a trojanized Android app that had been available on the Google Play store with over 50,000 installs. #ESETresearch named this #Android malware AhRat, as it is based on the open-source #AhMyth Android RAT. Great work by @lukasstefanko
https://www.welivesecurity.com/2023/05/23/android-app-breaking-bad-legitimate-screen-recording-file-exfiltration/ -
Been diving into conversational AIs, ChatGPT, OpenAI, and such - and while they're incredibly powerful, they also come with real risks for society. Let's discuss. 🤖
https://blog.joshuakgoldberg.com/seven-reasons-why-conversational-ai-is-dangerous/?source=fosstodon
#AGI #AI #Bard #ChatGPT #Dalle #LLMs #Midjourney #NotionAI #OpenAI #weliveinasociety
-
CW: Earnestly #fedi positive despite seriously twit-filled tone
@jonielena 🥰🌈🥳#enjoyARest 🛌💤#beforeTheRest⌚🎰💥
#JohnIsRisen 🦣 #youPoorBastard🥱
#HitSnooze😴and #wakeUp!Counterly: The #deathcults are full of #BadFaith #matingCalls all the time. You hear it too, right?
🎼🎵🎶"#fuckyou! #fuckyou!" 💥‼️🦆!Tough choice? Hmm? Indeed.
#ChooseMuch? -
CW: Earnestly #fedi positive despite seriously twit-filled tone
@jonielena 🥰🌈🥳#enjoyARest 🛌💤#beforeTheRest⌚🎰💥
#JohnIsRisen 🦣 #youPoorBastard🥱
#HitSnooze😴and #wakeUp!Counterly: The #deathcults are full of #BadFaith #matingCalls all the time. You hear it too, right?
🎼🎵🎶"#fuckyou! #fuckyou!" 💥‼️🦆!Tough choice? Hmm? Indeed.
#ChooseMuch? -
CW: Earnestly #fedi positive despite seriously twit-filled tone
@jonielena 🥰🌈🥳#enjoyARest 🛌💤#beforeTheRest⌚🎰💥
#JohnIsRisen 🦣 #youPoorBastard🥱
#HitSnooze😴and #wakeUp!Counterly: The #deathcults are full of #BadFaith #matingCalls all the time. You hear it too, right?
🎼🎵🎶"#fuckyou! #fuckyou!" 💥‼️🦆!Tough choice? Hmm? Indeed.
#ChooseMuch? -
CW: Earnestly #fedi positive despite seriously twit-filled tone
@jonielena 🥰🌈🥳#enjoyARest 🛌💤#beforeTheRest⌚🎰💥
#JohnIsRisen 🦣 #youPoorBastard🥱
#HitSnooze😴and #wakeUp!Counterly: The #deathcults are full of #BadFaith #matingCalls all the time. You hear it too, right?
🎼🎵🎶"#fuckyou! #fuckyou!" 💥‼️🦆!Tough choice? Hmm? Indeed.
#ChooseMuch? -
🦖Day 74 of the @velocidex #velociraptor #ArtifactsOfAutumn series
Artifact: Windows[.]Persistence[.]PowershellProfile
Author: @mgreen27
Link: https://docs.velociraptor.app/artifact_references/pages/windows.persistence.powershellprofile/
----
PowerShell supports several profiles depending on the user or host program. Adversaries may create or modify these profiles to include arbitrary commands, functions, modules, and/or PowerShell drives to gain persistence.
----
When a backdoored PowerShell session is opened, the modified script will be executed unless the '-NoProfile' flag is used upon launch.
An adversary may also be able to escalate privileges if a script in a PS profile is loaded and executed by an account with higher privileges, for example, a domain administrator.
----
In the past, Turla has used PowerShell profiles to maintain persistence on an infected machine.
https://attack.mitre.org/groups/G0010
https://www.welivesecurity.com/2019/05/29/turla-powershell-usage/----
This artifact will search and parse PowerShell profile scripts.
By default, both user and system-wide profiles will be searched. The user can also use regex to target and exclude specific content.
----
Here (image), we can see that the PowerShell profile for the user 'wlambert' specifies that 'Start-Process' should call 'C:\User\Downloads\wlambert\malz.exe'. Again, this would be called every time a PowerShell session is initiated. 👀
----
In this instance, 'malz.exe' is simply a copy of good 'ol calc.exe 😀
----
This profile modification was simulated by running the following commands from a PS session:
- 'Add-Content $profile -Value ""'
- 'Add-Content $profile -value "Start-Process C:\Users\wlambert\Downloads\malz.exe"'The profile content can be checked with 'Get-Content $profile'.
----
That's it for now! Stay tuned to learn about more artifacts! 🦖
Also, check out the links below for more information about Powershell Profiles!
Atomic Red Team Test:
https://atomicredteam.io/persistence/T1546.013/#atomic-test-1---append-malicious-start-process-cmdletMITRE ATT&CK Reference:
https://attack.mitre.org/techniques/T1546/013#DFIR
#Forensics
#Infosec
#Persistence
#Windows
#T1546
#T1546.013
#ThreatHunting -
Estafas por WhatsApp – 5 errores de seguridad que facilitan el robo de cuentas
En América Latina, WhatsApp está presente en más del 90 % de los usuarios de internet, con niveles especialmente altos en países como México (94 %) y Argentina (93 %). En este contexto, ESET, advierte en los últimos años, detectar fraudes pasó de mensajes obvios del tipo “gane un premio” a tácticas complejas de ingeniería social, clonación de cuentas y robo de datos dirigidos tanto a usuarios comunes como a instituciones públicas. ESET revela los 5 errores claves que se podrían estar cometiendo ahora mismo en la aplicación y, sobre todo, cómo blindar una cuenta de WhatsApp en pocos minutos para no ser víctima (Fuente ESET Latam).
“El factor humano sigue siendo el eslabón más débil de esta cadena de un ataque. El gran problema es que la mayoría de las intrusiones no se producen por complejos fallos tecnológicos de la aplicación, sino por simples errores de seguridad cometidos por los propios usuarios.”, comenta David Gonzalez, Investigador de Seguridad Informática de ESET Latinoamérica.
Aunque WhatsApp cuenta con cifrado de extremo a extremo, los estafadores, según ESET, modificaron su objetivo: en lugar de intentar «romper» el código de la aplicación, ahora se centran en llamar la atención del usuario, para que sea él mismo quien comparta información o realice acciones que llevan al robo de su cuenta.
ESET repasa los 5 errores más comunes a corregir para evitar convertirse en una próxima víctima:
1. No activar la confirmación en dos pasos: Este es sin duda el error más común y el que más daño causa, y no solo en WhatsApp, si no que muchas de las estafas actuales solo tienen éxito porque la víctima no cuenta con una capa extra de protección.
“Muchos usuarios creen que el código de 6 dígitos enviado por SMS es el único candado de su cuenta. El problema es que los delincuentes utilizan técnicas de ingeniería social para convencerte de que introduzcas este código (haciéndose pasar por el servicio técnico, un hotel o un sitio de ventas). Si entregas el código SMS y no tienes activada la autenticación en dos pasos, el estafador se hace con el control total de tu aplicación en cuestión de segundos. Una vez dentro de tu cuenta, el atacante activa su PIN, dándole tiempo para pedir dinero a tus contactos, simulando una emergencia financiera – una de las estafas más replicadas hoy en día.”, analiza David Gonzalez.
Cómo blindar la cuenta ahora:
- Ir a Ajustes en WhatsApp.
- Pulsar en Cuenta > Confirmación en dos pasos .
- Hacer clic en Activar y crear una contraseña numérica de 6 dígitos.
- Consejo de oro: Añade un correo electrónico de recuperación en caso de olvidar el PIN.
2. Hacer clic en enlaces a «ofertas imperdibles», promociones o acciones instantáneas: Creer mensajes que ofrecen una ventaja económica inmediata o un premio inesperado. La estafa suele llegar por WhatsApp con un enlace acortado y un texto pegadizo.
Estafa suplanta a empresa reconocida para ofrecer supuestos regalos especiales. Fuente: WeLiveSecurity.com
Al hacer clic en estos enlaces, se accede a una página que imita a la perfección el sitio web oficial de la empresa. Allí, se introducen datos personales, contraseñas bancarias e incluso datos de tarjeta. En otros casos, el simple clic puede descargar malware que vigila lo que se teclea en el móvil, incluidas las contraseñas de las aplicaciones financieras.
Algunos puntos para detectar una estafa de phishing:
- Promesas exageradas: El dinero fácil y los premios gratis sin sorteo son las mayores señales de alarma. Promociones absurdas que están muy por debajo del valor real del producto.
- Errores ortográficos : Los estafadores suelen cometer errores en portugués o utilizar un lenguaje demasiado informal.
- URL extrañas: comprobar la dirección del sitio web. Si es algo como www.promocao-banco-xyz.net en lugar del sitio oficial .com.br , cierra la página inmediatamente.
- Peticiones de compartir: Si el sitio dice que sólo se gana el premio si se comparte el enlace con 10 contactos, se trata de una estafa piramidal digital.
Consejo de seguridad ESET: Nunca acceder a canales bancarios a través de enlaces enviados por mensaje. Abrir siempre la aplicación oficial del banco o teclear directamente la dirección en el navegador.
3. Dejar la foto de perfil a la vista de cualquiera: Este error facilita uno de los tipos de fraude más comunes. La suplantación de identidad o la estafa del número nuevo. A diferencia de la clonación, en este caso el delincuente no piratea la cuenta, sino que simplemente crea una nueva utilizando los datos públicos. Utilizando la foto y nombre, el estafador se pone en contacto con familiares diciendo que se ha cambiado de número porque el antiguo se ha roto o ha tenido algún problema. Aunque WhatsApp no permite actualmente capturar la foto de perfil mediante una impresión, el delincuente puede utilizar otro dispositivo o la versión de escritorio de la app para hacer una captura de pantalla y obtener la imagen. A partir de la conversación, crean sensación de urgencia y solicitan una transferencia inmediata para pagar una factura o a un proveedor.
Cómo configurar la privacidad:
- Ir a Ajustes en WhatsApp.
- Hacer clic en Privacidad.
- Seleccionar Foto de perfil.
- Cambiarlas de «Todos» a «Mis contactos».
Consejo de seguridad ESET: Siempre que un contacto conocido pida dinero para un número nuevo, hacer una videollamada o una llamada de audio para confirmar su identidad. Nunca realizar transferencias basándose únicamente en mensajes de texto y fotos de perfil.
4. No hacer copias de seguridad blindadas de las conversaciones en la nube: Muchas personas se centran en proteger la aplicación, pero olvidan la información que se almacena fuera de ella. WhatsApp realiza copias de seguridad automáticas en Google Drive (Android) o iCloud (iPhone). El error es que estas copias de seguridad no están protegidas por el mismo cifrado que la app.
“Si un delincuente consigue hackear tu correo electrónico o tu cuenta de Apple/Google, puede descargar el archivo de tu copia de seguridad en otro dispositivo. Tendrán acceso a todo tu historial: fotos de documentos, conversaciones íntimas, datos de trabajo y contraseñas que hayas anotado. es un robo de datos «por la puerta de atrás».”, advierte el investigador de ESET.
Cómo blindarlo:
- Ir a Ajustes > Conversaciones > Copia de seguridad de conversaciones.
- Activar “Copia de seguridad protegida por contraseña con cifrado de extremo a extremo”.
- Crear una contraseña única. Ahora ni Google ni Apple podrán leer los datos si son hackeados.
5. Mantener la vista previa de notificaciones en la pantalla bloqueada: Este es el error del «acceso físico».
Un delincuente (o alguien malintencionado) puede intentar registrar tu WhatsApp en otro móvil. El código de verificación llega por SMS al dispositivo y si la vista previa está activa, el atacante puede leer el código de 6 dígitos sin necesidad de la huella dactilar o contraseña. En segundos, pueden robar la cuenta con sólo mirar la pantalla del móvil sentado en la mesa del restaurante o la oficina.
Cómo proteger las notificaciones:
- Ve a los ajustes de tu móvil (Android o iOS) y luego a Notificaciones.
- Busca WhatsApp (y también la app Mensajes/SMS ).
- Cámbiala a «No mostrar notificaciones» o «Mostrar sólo al desbloquear».
- De esta forma, el contenido del mensaje sólo aparecerá a tus ojos.
“La mayoría de las estafas de WhatsApp no se basan en tecnologías sofisticadas, sino en simples errores que cometemos con las prisas del día a día. Los delincuentes se aprovechan de nuestra curiosidad, urgencia emocional y, sobre todo, de la configuración de privacidad que dejamos «abierta» por defecto.”, concluye Gonzalez de ESET.
Datos extras:
1. ¿Qué hago si ya he pasado el código de 6 dígitos a un estafador?
Intenta reinstalar WhatsApp inmediatamente. Al solicitar un nuevo código, es posible que puedas desconectar al estafador. Si ya has activado la confirmación en dos pasos, tendrás que esperar 7 días para recuperar el acceso, pero debes notificarlo inmediatamente a tus contactos y bancos.
2. ¿Cómo puedo saber si alguien está leyendo mi WhatsApp Web ahora?
Ve a Ajustes > Dispositivos conectados. Si hay algún navegador o ciudad que no reconozcas, pulsa sobre él y selecciona «Cerrar sesión». Esto cierra la sesión inmediatamente.
3. ¿Servirá de algo cambiar mi número de móvil si me clonan?
No es necesario que cambies tu número de móvil, pero puedes desactivar la cuenta comprometida enviando un correo electrónico a [email protected] con la frase «Perdido/Robado: Por favor, desactiva mi cuenta» y tu número en formato internacional.
#arielmcorg #eset #infosertec #PORTADA #whatsapp -
"ESET researchers uncovered the first known case of Android malware abusing generative AI for context-aware user interface manipulation. While machine learning has been used to similar ends already – just recently, researchers at Dr.WEB found Android.Phantom, which uses TensorFlow machine learning models to analyze advertisement screenshots and automatically click on detected elements for large scale ad fraud – this is the first time we have seen generative AI deployed in this manner. Because the attackers rely on prompting an AI model (in this instance, Google’s Gemini) to guide malicious UI manipulation, we have named this family PromptSpy. This is the second AI powered malware we have discovered – following PromptLock in August 2025, the first known case of AI-driven ransomware.
While generative AI is deployed only in a relatively minor part of PromptSpy's code – that responsible for achieving persistence – it still has a significant impact on the malware's adaptability. Specifically, Gemini is used to analyze the current screen and provide PromptSpy with step-by-step instructions on how to ensure the malicious app remains pinned in the recent apps list, thus preventing it from being easily swiped away or killed by the system. The AI model and prompt are predefined in the code and cannot be changed. Since Android malware often relies on UI navigation, leveraging generative AI enables the threat actors to adapt to more or less any device, layout, or OS version, which can greatly expand the pool of potential victims.
The main purpose of PromptSpy is to deploy a built-in VNC module, giving operators remote access to the victim’s device. This Android malware also abuses the Accessibility Service to block uninstallation with invisible overlays, captures lockscreen data, records video. It communicates with its C&C server via the VNC protocol, using AES encryption."
https://www.welivesecurity.com/en/eset-research/promptspy-ushers-in-era-android-threats-using-genai/
#CyberSecurity #PromptSpy #AI #GenerativeAI #Android #Malware
-
"ESET researchers uncovered the first known case of Android malware abusing generative AI for context-aware user interface manipulation. While machine learning has been used to similar ends already – just recently, researchers at Dr.WEB found Android.Phantom, which uses TensorFlow machine learning models to analyze advertisement screenshots and automatically click on detected elements for large scale ad fraud – this is the first time we have seen generative AI deployed in this manner. Because the attackers rely on prompting an AI model (in this instance, Google’s Gemini) to guide malicious UI manipulation, we have named this family PromptSpy. This is the second AI powered malware we have discovered – following PromptLock in August 2025, the first known case of AI-driven ransomware.
While generative AI is deployed only in a relatively minor part of PromptSpy's code – that responsible for achieving persistence – it still has a significant impact on the malware's adaptability. Specifically, Gemini is used to analyze the current screen and provide PromptSpy with step-by-step instructions on how to ensure the malicious app remains pinned in the recent apps list, thus preventing it from being easily swiped away or killed by the system. The AI model and prompt are predefined in the code and cannot be changed. Since Android malware often relies on UI navigation, leveraging generative AI enables the threat actors to adapt to more or less any device, layout, or OS version, which can greatly expand the pool of potential victims.
The main purpose of PromptSpy is to deploy a built-in VNC module, giving operators remote access to the victim’s device. This Android malware also abuses the Accessibility Service to block uninstallation with invisible overlays, captures lockscreen data, records video. It communicates with its C&C server via the VNC protocol, using AES encryption."
https://www.welivesecurity.com/en/eset-research/promptspy-ushers-in-era-android-threats-using-genai/
#CyberSecurity #PromptSpy #AI #GenerativeAI #Android #Malware
-
"ESET researchers uncovered the first known case of Android malware abusing generative AI for context-aware user interface manipulation. While machine learning has been used to similar ends already – just recently, researchers at Dr.WEB found Android.Phantom, which uses TensorFlow machine learning models to analyze advertisement screenshots and automatically click on detected elements for large scale ad fraud – this is the first time we have seen generative AI deployed in this manner. Because the attackers rely on prompting an AI model (in this instance, Google’s Gemini) to guide malicious UI manipulation, we have named this family PromptSpy. This is the second AI powered malware we have discovered – following PromptLock in August 2025, the first known case of AI-driven ransomware.
While generative AI is deployed only in a relatively minor part of PromptSpy's code – that responsible for achieving persistence – it still has a significant impact on the malware's adaptability. Specifically, Gemini is used to analyze the current screen and provide PromptSpy with step-by-step instructions on how to ensure the malicious app remains pinned in the recent apps list, thus preventing it from being easily swiped away or killed by the system. The AI model and prompt are predefined in the code and cannot be changed. Since Android malware often relies on UI navigation, leveraging generative AI enables the threat actors to adapt to more or less any device, layout, or OS version, which can greatly expand the pool of potential victims.
The main purpose of PromptSpy is to deploy a built-in VNC module, giving operators remote access to the victim’s device. This Android malware also abuses the Accessibility Service to block uninstallation with invisible overlays, captures lockscreen data, records video. It communicates with its C&C server via the VNC protocol, using AES encryption."
https://www.welivesecurity.com/en/eset-research/promptspy-ushers-in-era-android-threats-using-genai/
#CyberSecurity #PromptSpy #AI #GenerativeAI #Android #Malware
-
"ESET researchers uncovered the first known case of Android malware abusing generative AI for context-aware user interface manipulation. While machine learning has been used to similar ends already – just recently, researchers at Dr.WEB found Android.Phantom, which uses TensorFlow machine learning models to analyze advertisement screenshots and automatically click on detected elements for large scale ad fraud – this is the first time we have seen generative AI deployed in this manner. Because the attackers rely on prompting an AI model (in this instance, Google’s Gemini) to guide malicious UI manipulation, we have named this family PromptSpy. This is the second AI powered malware we have discovered – following PromptLock in August 2025, the first known case of AI-driven ransomware.
While generative AI is deployed only in a relatively minor part of PromptSpy's code – that responsible for achieving persistence – it still has a significant impact on the malware's adaptability. Specifically, Gemini is used to analyze the current screen and provide PromptSpy with step-by-step instructions on how to ensure the malicious app remains pinned in the recent apps list, thus preventing it from being easily swiped away or killed by the system. The AI model and prompt are predefined in the code and cannot be changed. Since Android malware often relies on UI navigation, leveraging generative AI enables the threat actors to adapt to more or less any device, layout, or OS version, which can greatly expand the pool of potential victims.
The main purpose of PromptSpy is to deploy a built-in VNC module, giving operators remote access to the victim’s device. This Android malware also abuses the Accessibility Service to block uninstallation with invisible overlays, captures lockscreen data, records video. It communicates with its C&C server via the VNC protocol, using AES encryption."
https://www.welivesecurity.com/en/eset-research/promptspy-ushers-in-era-android-threats-using-genai/
#CyberSecurity #PromptSpy #AI #GenerativeAI #Android #Malware
-
With so many vital systems protecting the US public being tampered with-- whether hastily and thoughtlessly or methodically uncaring-- we're challenged to understand the scope of potential harms we're now facing.
And the upshot isn't confined to the United States.
Being better informed leads to better decisions and even decisions where none might have been made at all, a decision to participate.
Join US #meteorologists and #ClimateResearchers to hear details of how we're kept safe by the weather and climate science community--- and how we can stay that way:
"From Wednesday, May 28th to Sunday, June 1st, join meteorologists and climate scientists from across the US as we share our work, and show you what makes it so vital. We will clarify the impact of the cuts on this research, and answer your questions about weather and climate research in the US. Information on how to watch is coming soon. If you are a scientist who wants to participate, please visit this speakers page to learn more."
-
Good day everyone!
ESET published a report covering a China-aligned APT group named PlushDaemon and their campaign against a VPN provider in South Korea. The attack started with the victim downloading a malicious IPanyVPNsetup.exe installer that, when ran, creates both legitimate and malicious files. Persistence is gained through the use of the Windows Run Registry key and references the directory that the malware lives: %PUBLIC%\Documents\WPSDocuments\WPSManager\svcghost.exe. Later in the attack, .dll's and .exe's are created in the same directory, further leading to suspicious activity.
Opportunities to hunt:
Suspicious File Creates:
Looking in the %PUBLIC% directory for files being created could be your first step. This directory is commonly abused by actors because it is an easy place to hide their payloads since this isn't a location normally used by end-users to store documents and files.Pseudo Query:
event_type="file_create" AND file_directory="*PUBLIC*" AND (file_extension=".dll" OR file_extension=".exe").Article source:
PlushDaemon compromises supply chain of Korean VPN service
https://www.welivesecurity.com/en/eset-research/plushdaemon-compromises-supply-chain-korean-vpn-service/I know it's not a lot but it can help you uncover suspicious activity earlier in the attack chain and hopefully you find it before the malware achieves its goal! Enjoy and Happy Hunting!
Intel 471 Cyborg Security, Now Part of Intel 471 #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday #huntoftheday
-
CW: Fanfic musings -tag surfing "feminization"
What does a motherfucker gotta do to find hot fics about feminized men or sweet boy twinks without that going hand-in-hand with subjugation and dehumanization or whatever the fuck else society deems as feminine traits? TIME TRAVEL???
#we-live-in-a-society #being-a-girl-isn't-bad #that's-just-joanne-no-middle-name-author-of-a-middling-fantasy-series-brainworms #these-aren't-fandom-problems #pasifika-should've-exported-its-culture-jfc -
We Live in Time review: a great cast makes this romance zing
We Live in Time isn't exactly a romcom. It's a sweeping romance of a love story about a couple who make the most out of their lives together. […]https://oldaintdead.com/we-live-in-time-review-a-great-cast-makes-this-romance-zing/
-
World Cup Tallies Another Human Rights Abuse
https://web.brid.gy/r/https://defector.com/world-cup-tallies-another-human-rights-abuse
-
World Cup Tallies Another Human Rights Abuse
https://web.brid.gy/r/https://defector.com/world-cup-tallies-another-human-rights-abuse
-
World Cup Tallies Another Human Rights Abuse
https://web.brid.gy/r/https://defector.com/world-cup-tallies-another-human-rights-abuse
-
My 20 top rated movies and TV shows of 2024
Time for a 2024 wrap up. If you've been here before, you know this website is dedicated to finding work by women directors and women leading actors to feature. The "best of" lists you see elsewhere don't match this criteria, so my lists are always different. Here are the top 20 movies and TV shows I watched and rated in 2024. […]https://oldaintdead.com/my-20-top-rated-movies-and-tv-shows-of-2024/
-
We Live in Time review: a great cast makes this romance zing
We Live in Time isn't exactly a romcom. It's a sweeping romance of a love story about a couple who make the most out of their lives together.
[…]
https://oldaintdead.com/we-live-in-time-review-a-great-cast-makes-this-romance-zing/
-
“All right! I hear you cry, we understand it’s a fucking keyboard already, what’s the point of this? The point is that our reality as we perceive it is not situated in our heads, neither is it situated in the outside world, it’s created at the point where the two meet. Woven from a web of perception that every organism on this planet partakes in, be it a blade of grass, an alley cat or a merchant banker we live at the point where the sea of matter laps at the shore of consciousness.”
-
⏰ ⏰ ⏰ Tonight is the deadline for #EuroLLVM submissions https://hotcrp.llvm.org/eurollvm2023/