#net — Public Fediverse posts

⚡️ .NET API under 1 million requests per minute

🏷️ #devdigest #dotnet #net #aspnet #asp

https://devdigest.today/goto/6630

⚡️ .NET API under 1 million requests per minute

🏷️ #devdigest #dotnet #net #aspnet #asp

https://devdigest.today/goto/6630

⚡️ .NET API under 1 million requests per minute

🏷️ #devdigest #dotnet #net #aspnet #asp

https://devdigest.today/goto/6630

⚡️ .NET API under 1 million requests per minute

🏷️ #devdigest #dotnet #net #aspnet #asp

https://devdigest.today/goto/6630

⚡️ .NET API under 1 million requests per minute

🏷️ #devdigest #dotnet #net #aspnet #asp

https://devdigest.today/goto/6630

I just discovered incredible websites with long articles, essays you might say.

Does anybody knows other cool websites with long thoughtful articles such as these ?

https://bloodknife.com/

https://www.noemamag.com

#essay #journalism #web1 #blog #longarticle #cyberpunk #web #net #tech #phd #science #technology #internet #web #recommandation #text #reading #book #nonfiction #readingonline #question #request

I just discovered incredible websites with long articles, essays you might say.

Does anybody knows other cool websites with long thoughtful articles such as these ?

https://bloodknife.com/

https://www.noemamag.com

#essay #journalism #web1 #blog #longarticle #cyberpunk #web #net #tech #phd #science #technology #internet #web #recommandation #text #reading #book #nonfiction #readingonline #question #request

I just discovered incredible websites with long articles, essays you might say.

Does anybody knows other cool websites with long thoughtful articles such as these ?

https://bloodknife.com/

https://www.noemamag.com

#essay #journalism #web1 #blog #longarticle #cyberpunk #web #net #tech #phd #science #technology #internet #web #recommandation #text #reading #book #nonfiction #readingonline #question #request

I just discovered incredible websites with long articles, essays you might say.

Does anybody knows other cool websites with long thoughtful articles such as these ?

https://bloodknife.com/

https://www.noemamag.com

#essay #journalism #web1 #blog #longarticle #cyberpunk #web #net #tech #phd #science #technology #internet #web #recommandation #text #reading #book #nonfiction #readingonline #question #request

I just discovered incredible websites with long articles, essays you might say.

Does anybody knows other cool websites with long thoughtful articles such as these ?

https://bloodknife.com/

https://www.noemamag.com

#essay #journalism #web1 #blog #longarticle #cyberpunk #web #net #tech #phd #science #technology #internet #web #recommandation #text #reading #book #nonfiction #readingonline #question #request

From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect and Microsoft .NET utilities

Microsoft Defender Experts identified an active cryptojacking campaign leveraging AI-assisted delivery mechanisms alongside traditional SEO poisoning. Attackers create fake download sites impersonating trusted utilities like CrystalDiskInfo, HWMonitor, and FurMark, targeting users with high-performance GPUs. Victims download ZIP archives containing legitimate executables bundled with malicious DLLs that establish persistence via ScreenConnect remote access tools. The operation employs sophisticated techniques including DLL sideloading, process hollowing into Microsoft-signed .NET binaries, and comprehensive defense evasion. Beyond cryptocurrency mining, the campaign establishes persistent remote access that could enable data theft, lateral movement, or ransomware deployment. The threat actors deliberately target PC enthusiasts and hardware-focused users most likely to own discrete GPUs suitable for profitable mining operations.

Pulse ID: 6a1634fbefeffa7f0c6a52f5
Pulse Link: https://otx.alienvault.com/pulse/6a1634fbefeffa7f0c6a52f5
Pulse Author: AlienVault
Created: 2026-05-27 00:04:11

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CryptoJacking #CyberSecurity #DataTheft #InfoSec #Microsoft #MicrosoftDefender #NET #OTX #OpenThreatExchange #RAT #RansomWare #Rust #SEOPoisoning #SMS #ScreenConnect #SideLoading #ZIP #bot #cryptocurrency #AlienVault

From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect and Microsoft .NET utilities

Microsoft Defender Experts identified an active cryptojacking campaign leveraging AI-assisted delivery mechanisms alongside traditional SEO poisoning. Attackers create fake download sites impersonating trusted utilities like CrystalDiskInfo, HWMonitor, and FurMark, targeting users with high-performance GPUs. Victims download ZIP archives containing legitimate executables bundled with malicious DLLs that establish persistence via ScreenConnect remote access tools. The operation employs sophisticated techniques including DLL sideloading, process hollowing into Microsoft-signed .NET binaries, and comprehensive defense evasion. Beyond cryptocurrency mining, the campaign establishes persistent remote access that could enable data theft, lateral movement, or ransomware deployment. The threat actors deliberately target PC enthusiasts and hardware-focused users most likely to own discrete GPUs suitable for profitable mining operations.

Pulse ID: 6a1634fbefeffa7f0c6a52f5
Pulse Link: https://otx.alienvault.com/pulse/6a1634fbefeffa7f0c6a52f5
Pulse Author: AlienVault
Created: 2026-05-27 00:04:11

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CryptoJacking #CyberSecurity #DataTheft #InfoSec #Microsoft #MicrosoftDefender #NET #OTX #OpenThreatExchange #RAT #RansomWare #Rust #SEOPoisoning #SMS #ScreenConnect #SideLoading #ZIP #bot #cryptocurrency #AlienVault

From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect and Microsoft .NET utilities

Microsoft Defender Experts identified an active cryptojacking campaign leveraging AI-assisted delivery mechanisms alongside traditional SEO poisoning. Attackers create fake download sites impersonating trusted utilities like CrystalDiskInfo, HWMonitor, and FurMark, targeting users with high-performance GPUs. Victims download ZIP archives containing legitimate executables bundled with malicious DLLs that establish persistence via ScreenConnect remote access tools. The operation employs sophisticated techniques including DLL sideloading, process hollowing into Microsoft-signed .NET binaries, and comprehensive defense evasion. Beyond cryptocurrency mining, the campaign establishes persistent remote access that could enable data theft, lateral movement, or ransomware deployment. The threat actors deliberately target PC enthusiasts and hardware-focused users most likely to own discrete GPUs suitable for profitable mining operations.

Pulse ID: 6a1634fbefeffa7f0c6a52f5
Pulse Link: https://otx.alienvault.com/pulse/6a1634fbefeffa7f0c6a52f5
Pulse Author: AlienVault
Created: 2026-05-27 00:04:11

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CryptoJacking #CyberSecurity #DataTheft #InfoSec #Microsoft #MicrosoftDefender #NET #OTX #OpenThreatExchange #RAT #RansomWare #Rust #SEOPoisoning #SMS #ScreenConnect #SideLoading #ZIP #bot #cryptocurrency #AlienVault

From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect and Microsoft .NET utilities

Microsoft Defender Experts identified an active cryptojacking campaign leveraging AI-assisted delivery mechanisms alongside traditional SEO poisoning. Attackers create fake download sites impersonating trusted utilities like CrystalDiskInfo, HWMonitor, and FurMark, targeting users with high-performance GPUs. Victims download ZIP archives containing legitimate executables bundled with malicious DLLs that establish persistence via ScreenConnect remote access tools. The operation employs sophisticated techniques including DLL sideloading, process hollowing into Microsoft-signed .NET binaries, and comprehensive defense evasion. Beyond cryptocurrency mining, the campaign establishes persistent remote access that could enable data theft, lateral movement, or ransomware deployment. The threat actors deliberately target PC enthusiasts and hardware-focused users most likely to own discrete GPUs suitable for profitable mining operations.

Pulse ID: 6a1634fbefeffa7f0c6a52f5
Pulse Link: https://otx.alienvault.com/pulse/6a1634fbefeffa7f0c6a52f5
Pulse Author: AlienVault
Created: 2026-05-27 00:04:11

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CryptoJacking #CyberSecurity #DataTheft #InfoSec #Microsoft #MicrosoftDefender #NET #OTX #OpenThreatExchange #RAT #RansomWare #Rust #SEOPoisoning #SMS #ScreenConnect #SideLoading #ZIP #bot #cryptocurrency #AlienVault

From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect and Microsoft .NET utilities

Microsoft Defender Experts identified an active cryptojacking campaign leveraging AI-assisted delivery mechanisms alongside traditional SEO poisoning. Attackers create fake download sites impersonating trusted utilities like CrystalDiskInfo, HWMonitor, and FurMark, targeting users with high-performance GPUs. Victims download ZIP archives containing legitimate executables bundled with malicious DLLs that establish persistence via ScreenConnect remote access tools. The operation employs sophisticated techniques including DLL sideloading, process hollowing into Microsoft-signed .NET binaries, and comprehensive defense evasion. Beyond cryptocurrency mining, the campaign establishes persistent remote access that could enable data theft, lateral movement, or ransomware deployment. The threat actors deliberately target PC enthusiasts and hardware-focused users most likely to own discrete GPUs suitable for profitable mining operations.

Pulse ID: 6a1634fbefeffa7f0c6a52f5
Pulse Link: https://otx.alienvault.com/pulse/6a1634fbefeffa7f0c6a52f5
Pulse Author: AlienVault
Created: 2026-05-27 00:04:11

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CryptoJacking #CyberSecurity #DataTheft #InfoSec #Microsoft #MicrosoftDefender #NET #OTX #OpenThreatExchange #RAT #RansomWare #Rust #SEOPoisoning #SMS #ScreenConnect #SideLoading #ZIP #bot #cryptocurrency #AlienVault

Phishing Campaign Deploys JavaScript-Driven PureLogs Variant to Steal Sensitive Data

A sophisticated phishing campaign distributes a PureLogs variant through deceptive purchase order emails containing malicious JavaScript files. The attack chain employs obfuscated JavaScript that drops PowerShell scripts, which then use process hollowing techniques to inject .NET modules into legitimate Windows processes. The malware communicates with command-and-control infrastructure to download additional plugins. PureLogs collects extensive sensitive information including credentials from web browsers, cryptocurrency wallets, email clients, Discord, and various applications. It also captures screenshots, system information, and clipboard data. The collected data is compressed, encrypted with AES, and exfiltrated to remote servers. The campaign demonstrates advanced evasion techniques through fileless execution, multiple encryption layers, and abuse of trusted processes like MsBuild.exe, making detection challenging for traditional security solutions.

Pulse ID: 6a15ba258c1acc516e08c0fd
Pulse Link: https://otx.alienvault.com/pulse/6a15ba258c1acc516e08c0fd
Pulse Author: AlienVault
Created: 2026-05-26 15:20:05

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Browser #Clipboard #CyberSecurity #Discord #Email #Encryption #InfoSec #Java #JavaScript #MSBuild #Malware #NET #OTX #OpenThreatExchange #Phishing #PowerShell #RAT #Rust #Windows #bot #cryptocurrency #AlienVault

Phishing Campaign Deploys JavaScript-Driven PureLogs Variant to Steal Sensitive Data

A sophisticated phishing campaign distributes a PureLogs variant through deceptive purchase order emails containing malicious JavaScript files. The attack chain employs obfuscated JavaScript that drops PowerShell scripts, which then use process hollowing techniques to inject .NET modules into legitimate Windows processes. The malware communicates with command-and-control infrastructure to download additional plugins. PureLogs collects extensive sensitive information including credentials from web browsers, cryptocurrency wallets, email clients, Discord, and various applications. It also captures screenshots, system information, and clipboard data. The collected data is compressed, encrypted with AES, and exfiltrated to remote servers. The campaign demonstrates advanced evasion techniques through fileless execution, multiple encryption layers, and abuse of trusted processes like MsBuild.exe, making detection challenging for traditional security solutions.

Pulse ID: 6a15ba258c1acc516e08c0fd
Pulse Link: https://otx.alienvault.com/pulse/6a15ba258c1acc516e08c0fd
Pulse Author: AlienVault
Created: 2026-05-26 15:20:05

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Browser #Clipboard #CyberSecurity #Discord #Email #Encryption #InfoSec #Java #JavaScript #MSBuild #Malware #NET #OTX #OpenThreatExchange #Phishing #PowerShell #RAT #Rust #Windows #bot #cryptocurrency #AlienVault

Phishing Campaign Deploys JavaScript-Driven PureLogs Variant to Steal Sensitive Data

A sophisticated phishing campaign distributes a PureLogs variant through deceptive purchase order emails containing malicious JavaScript files. The attack chain employs obfuscated JavaScript that drops PowerShell scripts, which then use process hollowing techniques to inject .NET modules into legitimate Windows processes. The malware communicates with command-and-control infrastructure to download additional plugins. PureLogs collects extensive sensitive information including credentials from web browsers, cryptocurrency wallets, email clients, Discord, and various applications. It also captures screenshots, system information, and clipboard data. The collected data is compressed, encrypted with AES, and exfiltrated to remote servers. The campaign demonstrates advanced evasion techniques through fileless execution, multiple encryption layers, and abuse of trusted processes like MsBuild.exe, making detection challenging for traditional security solutions.

Pulse ID: 6a15ba258c1acc516e08c0fd
Pulse Link: https://otx.alienvault.com/pulse/6a15ba258c1acc516e08c0fd
Pulse Author: AlienVault
Created: 2026-05-26 15:20:05

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Browser #Clipboard #CyberSecurity #Discord #Email #Encryption #InfoSec #Java #JavaScript #MSBuild #Malware #NET #OTX #OpenThreatExchange #Phishing #PowerShell #RAT #Rust #Windows #bot #cryptocurrency #AlienVault

Phishing Campaign Deploys JavaScript-Driven PureLogs Variant to Steal Sensitive Data

A sophisticated phishing campaign distributes a PureLogs variant through deceptive purchase order emails containing malicious JavaScript files. The attack chain employs obfuscated JavaScript that drops PowerShell scripts, which then use process hollowing techniques to inject .NET modules into legitimate Windows processes. The malware communicates with command-and-control infrastructure to download additional plugins. PureLogs collects extensive sensitive information including credentials from web browsers, cryptocurrency wallets, email clients, Discord, and various applications. It also captures screenshots, system information, and clipboard data. The collected data is compressed, encrypted with AES, and exfiltrated to remote servers. The campaign demonstrates advanced evasion techniques through fileless execution, multiple encryption layers, and abuse of trusted processes like MsBuild.exe, making detection challenging for traditional security solutions.

Pulse ID: 6a15ba258c1acc516e08c0fd
Pulse Link: https://otx.alienvault.com/pulse/6a15ba258c1acc516e08c0fd
Pulse Author: AlienVault
Created: 2026-05-26 15:20:05

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Browser #Clipboard #CyberSecurity #Discord #Email #Encryption #InfoSec #Java #JavaScript #MSBuild #Malware #NET #OTX #OpenThreatExchange #Phishing #PowerShell #RAT #Rust #Windows #bot #cryptocurrency #AlienVault

Phishing Campaign Deploys JavaScript-Driven PureLogs Variant to Steal Sensitive Data

A sophisticated phishing campaign distributes a PureLogs variant through deceptive purchase order emails containing malicious JavaScript files. The attack chain employs obfuscated JavaScript that drops PowerShell scripts, which then use process hollowing techniques to inject .NET modules into legitimate Windows processes. The malware communicates with command-and-control infrastructure to download additional plugins. PureLogs collects extensive sensitive information including credentials from web browsers, cryptocurrency wallets, email clients, Discord, and various applications. It also captures screenshots, system information, and clipboard data. The collected data is compressed, encrypted with AES, and exfiltrated to remote servers. The campaign demonstrates advanced evasion techniques through fileless execution, multiple encryption layers, and abuse of trusted processes like MsBuild.exe, making detection challenging for traditional security solutions.

Pulse ID: 6a15ba258c1acc516e08c0fd
Pulse Link: https://otx.alienvault.com/pulse/6a15ba258c1acc516e08c0fd
Pulse Author: AlienVault
Created: 2026-05-26 15:20:05

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Browser #Clipboard #CyberSecurity #Discord #Email #Encryption #InfoSec #Java #JavaScript #MSBuild #Malware #NET #OTX #OpenThreatExchange #Phishing #PowerShell #RAT #Rust #Windows #bot #cryptocurrency #AlienVault

Smart Contracts for C&C: How ClearFake Hid in Plain Sight on BSC Testnet

Threat actors exploited the EtherHiding technique to store ClearFake payload routing instructions within smart contracts on the BNB Smart Chain testnet, creating an immutable command-and-control infrastructure that cannot be taken down. The attack began with injected JavaScript on a compromised Swiss website that queried blockchain contracts to deliver malicious payloads. Victims passing anti-analysis checks were fingerprinted by operating system and routed to platform-specific ClickFix social engineering overlays. The campaign simultaneously deployed SectopRAT, a .NET-based remote access trojan capable of browser session hijacking, and ACRStealer, a C++ infostealer targeting credentials and cryptocurrency wallets. An on-chain execution tracker confirmed each compromise in real time. Four smart contracts shared a single deployer wallet, with the oldest deployed nearly a year before analysis, indicating a long-running, actively maintained operation.

Pulse ID: 6a15ba2632bd7e246e9c1250
Pulse Link: https://otx.alienvault.com/pulse/6a15ba2632bd7e246e9c1250
Pulse Author: AlienVault
Created: 2026-05-26 15:20:06

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BlockChain #Browser #CandC #ClearFake #CyberSecurity #EtherHiding #InfoSec #InfoStealer #Java #JavaScript #NET #OTX #OpenThreatExchange #RAT #RemoteAccessTrojan #SocialEngineering #Trojan #bot #cryptocurrency #AlienVault

Smart Contracts for C&C: How ClearFake Hid in Plain Sight on BSC Testnet

Threat actors exploited the EtherHiding technique to store ClearFake payload routing instructions within smart contracts on the BNB Smart Chain testnet, creating an immutable command-and-control infrastructure that cannot be taken down. The attack began with injected JavaScript on a compromised Swiss website that queried blockchain contracts to deliver malicious payloads. Victims passing anti-analysis checks were fingerprinted by operating system and routed to platform-specific ClickFix social engineering overlays. The campaign simultaneously deployed SectopRAT, a .NET-based remote access trojan capable of browser session hijacking, and ACRStealer, a C++ infostealer targeting credentials and cryptocurrency wallets. An on-chain execution tracker confirmed each compromise in real time. Four smart contracts shared a single deployer wallet, with the oldest deployed nearly a year before analysis, indicating a long-running, actively maintained operation.

Pulse ID: 6a15ba2632bd7e246e9c1250
Pulse Link: https://otx.alienvault.com/pulse/6a15ba2632bd7e246e9c1250
Pulse Author: AlienVault
Created: 2026-05-26 15:20:06

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BlockChain #Browser #CandC #ClearFake #CyberSecurity #EtherHiding #InfoSec #InfoStealer #Java #JavaScript #NET #OTX #OpenThreatExchange #RAT #RemoteAccessTrojan #SocialEngineering #Trojan #bot #cryptocurrency #AlienVault

Smart Contracts for C&C: How ClearFake Hid in Plain Sight on BSC Testnet

Threat actors exploited the EtherHiding technique to store ClearFake payload routing instructions within smart contracts on the BNB Smart Chain testnet, creating an immutable command-and-control infrastructure that cannot be taken down. The attack began with injected JavaScript on a compromised Swiss website that queried blockchain contracts to deliver malicious payloads. Victims passing anti-analysis checks were fingerprinted by operating system and routed to platform-specific ClickFix social engineering overlays. The campaign simultaneously deployed SectopRAT, a .NET-based remote access trojan capable of browser session hijacking, and ACRStealer, a C++ infostealer targeting credentials and cryptocurrency wallets. An on-chain execution tracker confirmed each compromise in real time. Four smart contracts shared a single deployer wallet, with the oldest deployed nearly a year before analysis, indicating a long-running, actively maintained operation.

Pulse ID: 6a15ba2632bd7e246e9c1250
Pulse Link: https://otx.alienvault.com/pulse/6a15ba2632bd7e246e9c1250
Pulse Author: AlienVault
Created: 2026-05-26 15:20:06

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BlockChain #Browser #CandC #ClearFake #CyberSecurity #EtherHiding #InfoSec #InfoStealer #Java #JavaScript #NET #OTX #OpenThreatExchange #RAT #RemoteAccessTrojan #SocialEngineering #Trojan #bot #cryptocurrency #AlienVault

Smart Contracts for C&C: How ClearFake Hid in Plain Sight on BSC Testnet

Threat actors exploited the EtherHiding technique to store ClearFake payload routing instructions within smart contracts on the BNB Smart Chain testnet, creating an immutable command-and-control infrastructure that cannot be taken down. The attack began with injected JavaScript on a compromised Swiss website that queried blockchain contracts to deliver malicious payloads. Victims passing anti-analysis checks were fingerprinted by operating system and routed to platform-specific ClickFix social engineering overlays. The campaign simultaneously deployed SectopRAT, a .NET-based remote access trojan capable of browser session hijacking, and ACRStealer, a C++ infostealer targeting credentials and cryptocurrency wallets. An on-chain execution tracker confirmed each compromise in real time. Four smart contracts shared a single deployer wallet, with the oldest deployed nearly a year before analysis, indicating a long-running, actively maintained operation.

Pulse ID: 6a15ba2632bd7e246e9c1250
Pulse Link: https://otx.alienvault.com/pulse/6a15ba2632bd7e246e9c1250
Pulse Author: AlienVault
Created: 2026-05-26 15:20:06

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BlockChain #Browser #CandC #ClearFake #CyberSecurity #EtherHiding #InfoSec #InfoStealer #Java #JavaScript #NET #OTX #OpenThreatExchange #RAT #RemoteAccessTrojan #SocialEngineering #Trojan #bot #cryptocurrency #AlienVault

Smart Contracts for C&C: How ClearFake Hid in Plain Sight on BSC Testnet

Threat actors exploited the EtherHiding technique to store ClearFake payload routing instructions within smart contracts on the BNB Smart Chain testnet, creating an immutable command-and-control infrastructure that cannot be taken down. The attack began with injected JavaScript on a compromised Swiss website that queried blockchain contracts to deliver malicious payloads. Victims passing anti-analysis checks were fingerprinted by operating system and routed to platform-specific ClickFix social engineering overlays. The campaign simultaneously deployed SectopRAT, a .NET-based remote access trojan capable of browser session hijacking, and ACRStealer, a C++ infostealer targeting credentials and cryptocurrency wallets. An on-chain execution tracker confirmed each compromise in real time. Four smart contracts shared a single deployer wallet, with the oldest deployed nearly a year before analysis, indicating a long-running, actively maintained operation.

Pulse ID: 6a15ba2632bd7e246e9c1250
Pulse Link: https://otx.alienvault.com/pulse/6a15ba2632bd7e246e9c1250
Pulse Author: AlienVault
Created: 2026-05-26 15:20:06

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BlockChain #Browser #CandC #ClearFake #CyberSecurity #EtherHiding #InfoSec #InfoStealer #Java #JavaScript #NET #OTX #OpenThreatExchange #RAT #RemoteAccessTrojan #SocialEngineering #Trojan #bot #cryptocurrency #AlienVault

Idempotency keys: 5 граблей, которые мы поймали на проде

Пятница, 23:47. PagerDuty: “Платёж AmEx, провайдер вернул 5xx три раза подряд, билеты не зарезервированы.” Открываю логи – действительно три ответа провайдера 5xx, ни одной успешной транзакции по нашей базе. Закрываю как временный сбой на стороне провайдера, пишу короткую сводку в дежурный чат и иду досматривать. Через 40 минут второй алерт – уже от ночной поддержки: клиент прислал скрин выписки, 3 списания подряд за одну бронь. У клиента рейс через 6 часов, ему нужна действующая бронь и подтверждение, что он завтра нормально улетит, а не тикет в поддержку. Мы делали B2B-платформу для деловых поездок: бронь авиа, отели, трансфер, страховка, в финале – оплата корпоративной картой через платежный шлюз. С этой ночи началась история, которая закончилась переписыванием всего платёжного слоя нашего booking-сервиса. По дороге мы поймали 5 граблей.

https://habr.com/ru/articles/1039860/

#идемпотентность #idempotency #платежи #распределённые_системы #NET #C# #API #intentkey #race_condition #грабли

Idempotency keys: 5 граблей, которые мы поймали на проде

Пятница, 23:47. PagerDuty: “Платёж AmEx, провайдер вернул 5xx три раза подряд, билеты не зарезервированы.” Открываю логи – действительно три ответа провайдера 5xx, ни одной успешной транзакции по нашей базе. Закрываю как временный сбой на стороне провайдера, пишу короткую сводку в дежурный чат и иду досматривать. Через 40 минут второй алерт – уже от ночной поддержки: клиент прислал скрин выписки, 3 списания подряд за одну бронь. У клиента рейс через 6 часов, ему нужна действующая бронь и подтверждение, что он завтра нормально улетит, а не тикет в поддержку. Мы делали B2B-платформу для деловых поездок: бронь авиа, отели, трансфер, страховка, в финале – оплата корпоративной картой через платежный шлюз. С этой ночи началась история, которая закончилась переписыванием всего платёжного слоя нашего booking-сервиса. По дороге мы поймали 5 граблей.

https://habr.com/ru/articles/1039860/

#идемпотентность #idempotency #платежи #распределённые_системы #NET #C# #API #intentkey #race_condition #грабли

Idempotency keys: 5 граблей, которые мы поймали на проде

Пятница, 23:47. PagerDuty: “Платёж AmEx, провайдер вернул 5xx три раза подряд, билеты не зарезервированы.” Открываю логи – действительно три ответа провайдера 5xx, ни одной успешной транзакции по нашей базе. Закрываю как временный сбой на стороне провайдера, пишу короткую сводку в дежурный чат и иду досматривать. Через 40 минут второй алерт – уже от ночной поддержки: клиент прислал скрин выписки, 3 списания подряд за одну бронь. У клиента рейс через 6 часов, ему нужна действующая бронь и подтверждение, что он завтра нормально улетит, а не тикет в поддержку. Мы делали B2B-платформу для деловых поездок: бронь авиа, отели, трансфер, страховка, в финале – оплата корпоративной картой через платежный шлюз. С этой ночи началась история, которая закончилась переписыванием всего платёжного слоя нашего booking-сервиса. По дороге мы поймали 5 граблей.

https://habr.com/ru/articles/1039860/

#идемпотентность #idempotency #платежи #распределённые_системы #NET #C# #API #intentkey #race_condition #грабли

Idempotency keys: 5 граблей, которые мы поймали на проде

Пятница, 23:47. PagerDuty: “Платёж AmEx, провайдер вернул 5xx три раза подряд, билеты не зарезервированы.” Открываю логи – действительно три ответа провайдера 5xx, ни одной успешной транзакции по нашей базе. Закрываю как временный сбой на стороне провайдера, пишу короткую сводку в дежурный чат и иду досматривать. Через 40 минут второй алерт – уже от ночной поддержки: клиент прислал скрин выписки, 3 списания подряд за одну бронь. У клиента рейс через 6 часов, ему нужна действующая бронь и подтверждение, что он завтра нормально улетит, а не тикет в поддержку. Мы делали B2B-платформу для деловых поездок: бронь авиа, отели, трансфер, страховка, в финале – оплата корпоративной картой через платежный шлюз. С этой ночи началась история, которая закончилась переписыванием всего платёжного слоя нашего booking-сервиса. По дороге мы поймали 5 граблей.

https://habr.com/ru/articles/1039860/

#идемпотентность #idempotency #платежи #распределённые_системы #NET #C# #API #intentkey #race_condition #грабли

Critical Vulnerability in KnowledgeDeliver LMS Has Been Patched

A zero-day (CVE-2026-5426) in KnowledgeDeliver LMS is being actively exploited due to reused ASP.NET machine keys.

Pulse ID: 6a164033c76e927d4afb9278
Pulse Link: https://otx.alienvault.com/pulse/6a164033c76e927d4afb9278
Pulse Author: cryptocti
Created: 2026-05-27 00:52:03

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #Edge #InfoSec #Mac #NET #OTX #OpenThreatExchange #Vulnerability #ZeroDay #bot #cryptocti

Critical Vulnerability in KnowledgeDeliver LMS Has Been Patched

A zero-day (CVE-2026-5426) in KnowledgeDeliver LMS is being actively exploited due to reused ASP.NET machine keys.

Pulse ID: 6a164033c76e927d4afb9278
Pulse Link: https://otx.alienvault.com/pulse/6a164033c76e927d4afb9278
Pulse Author: cryptocti
Created: 2026-05-27 00:52:03

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #Edge #InfoSec #Mac #NET #OTX #OpenThreatExchange #Vulnerability #ZeroDay #bot #cryptocti

Critical Vulnerability in KnowledgeDeliver LMS Has Been Patched

A zero-day (CVE-2026-5426) in KnowledgeDeliver LMS is being actively exploited due to reused ASP.NET machine keys.

Pulse ID: 6a164033c76e927d4afb9278
Pulse Link: https://otx.alienvault.com/pulse/6a164033c76e927d4afb9278
Pulse Author: cryptocti
Created: 2026-05-27 00:52:03

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #Edge #InfoSec #Mac #NET #OTX #OpenThreatExchange #Vulnerability #ZeroDay #bot #cryptocti

Critical Vulnerability in KnowledgeDeliver LMS Has Been Patched

A zero-day (CVE-2026-5426) in KnowledgeDeliver LMS is being actively exploited due to reused ASP.NET machine keys.

Pulse ID: 6a164033c76e927d4afb9278
Pulse Link: https://otx.alienvault.com/pulse/6a164033c76e927d4afb9278
Pulse Author: cryptocti
Created: 2026-05-27 00:52:03

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #Edge #InfoSec #Mac #NET #OTX #OpenThreatExchange #Vulnerability #ZeroDay #bot #cryptocti

Critical Vulnerability in KnowledgeDeliver LMS Has Been Patched

A zero-day (CVE-2026-5426) in KnowledgeDeliver LMS is being actively exploited due to reused ASP.NET machine keys.

Pulse ID: 6a164033c76e927d4afb9278
Pulse Link: https://otx.alienvault.com/pulse/6a164033c76e927d4afb9278
Pulse Author: cryptocti
Created: 2026-05-27 00:52:03

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #Edge #InfoSec #Mac #NET #OTX #OpenThreatExchange #Vulnerability #ZeroDay #bot #cryptocti

Doing More with GitHub Copilot as a .NET Developer
https://devblogs.microsoft.com/dotnet/doing-more-with-github-copilot/

#microsoft #NET #AI #ASP_NET_Core #copilot #GitHub_Copilot #GitHub_Copilot_CLI #visual_studio #VS_Code

Give Your .NET MAUI Android Apps a Material 3 Makeover
https://devblogs.microsoft.com/dotnet/dotnet-maui-material-3/

#microsoft #NET #NET_for_Android #NET_MAUI #android #Material_3 #Material_Design #Material_You #UI

Give Your .NET MAUI Android Apps a Material 3 Makeover
https://devblogs.microsoft.com/dotnet/dotnet-maui-material-3/

#microsoft #NET #NET_for_Android #NET_MAUI #android #Material_3 #Material_Design #Material_You #UI

Give Your .NET MAUI Android Apps a Material 3 Makeover
https://devblogs.microsoft.com/dotnet/dotnet-maui-material-3/

#microsoft #NET #NET_for_Android #NET_MAUI #android #Material_3 #Material_Design #Material_You #UI

Critical Vulnerability in KnowledgeDeliver LMS Has Been Patched

A zero-day (CVE-2026-5426) in KnowledgeDeliver LMS is being actively exploited due to reused ASP.NET machine keys.

Pulse ID: 6a15820b3e17a040b5f904e1
Pulse Link: https://otx.alienvault.com/pulse/6a15820b3e17a040b5f904e1
Pulse Author: cryptocti
Created: 2026-05-26 11:20:43

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #Edge #InfoSec #Mac #NET #OTX #OpenThreatExchange #Vulnerability #ZeroDay #bot #cryptocti

Critical Vulnerability in KnowledgeDeliver LMS Has Been Patched

A zero-day (CVE-2026-5426) in KnowledgeDeliver LMS is being actively exploited due to reused ASP.NET machine keys.

Pulse ID: 6a15820b3e17a040b5f904e1
Pulse Link: https://otx.alienvault.com/pulse/6a15820b3e17a040b5f904e1
Pulse Author: cryptocti
Created: 2026-05-26 11:20:43

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #Edge #InfoSec #Mac #NET #OTX #OpenThreatExchange #Vulnerability #ZeroDay #bot #cryptocti

Critical Vulnerability in KnowledgeDeliver LMS Has Been Patched

A zero-day (CVE-2026-5426) in KnowledgeDeliver LMS is being actively exploited due to reused ASP.NET machine keys.

Pulse ID: 6a15820b3e17a040b5f904e1
Pulse Link: https://otx.alienvault.com/pulse/6a15820b3e17a040b5f904e1
Pulse Author: cryptocti
Created: 2026-05-26 11:20:43

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #Edge #InfoSec #Mac #NET #OTX #OpenThreatExchange #Vulnerability #ZeroDay #bot #cryptocti

Critical Vulnerability in KnowledgeDeliver LMS Has Been Patched

A zero-day (CVE-2026-5426) in KnowledgeDeliver LMS is being actively exploited due to reused ASP.NET machine keys.

Pulse ID: 6a15820b3e17a040b5f904e1
Pulse Link: https://otx.alienvault.com/pulse/6a15820b3e17a040b5f904e1
Pulse Author: cryptocti
Created: 2026-05-26 11:20:43

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #Edge #InfoSec #Mac #NET #OTX #OpenThreatExchange #Vulnerability #ZeroDay #bot #cryptocti

Critical Vulnerability in KnowledgeDeliver LMS Has Been Patched

A zero-day (CVE-2026-5426) in KnowledgeDeliver LMS is being actively exploited due to reused ASP.NET machine keys.

Pulse ID: 6a15820b3e17a040b5f904e1
Pulse Link: https://otx.alienvault.com/pulse/6a15820b3e17a040b5f904e1
Pulse Author: cryptocti
Created: 2026-05-26 11:20:43

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #Edge #InfoSec #Mac #NET #OTX #OpenThreatExchange #Vulnerability #ZeroDay #bot #cryptocti

Dew Drop – May 26, 2026 (#4676)

https://fed.brid.gy/r/https://alvinashcraft.com/2026/05/26/dew-drop-may-26-2026-4676/

C# мне нравится больше Java. Но в банковском enterprise мне всё равно понадобилась Java

C# я до сих пор считаю одним из самых удобных языков для backend разработки. В нём много вещей к которым быстро привыкаешь: свойства, LINQ, async/await, generics без type erasure, хороший tooling и понятная модель разработки. Но банковский enterprise редко выбирает стек только по удобству языка. На практике важны не только синтаксис и экосистема, но и инфраструктура, сопровождение, безопасность, регламенты, legacy, найм, CI/CD, требования к платформам и долгосрочная стратегия организации. Так я оказался в ситуации где C# мне субъективно нравится больше, но Java объективно стала полезнее в конкретном банковском контуре. Эта статья не про холивар C# vs Java. Это попытка спокойно разобрать почему backend разработчику в enterprise иногда приходится расширять стек, даже если текущий язык его полностью устраивает. Почему в банке выбирают стек не только по

https://habr.com/ru/articles/1038626/

#C# #Java #backend #enterprise #банки #Spring_Boot #NET #микросервисы #импортозамещение #карьера

C# мне нравится больше Java. Но в банковском enterprise мне всё равно понадобилась Java

C# я до сих пор считаю одним из самых удобных языков для backend разработки. В нём много вещей к которым быстро привыкаешь: свойства, LINQ, async/await, generics без type erasure, хороший tooling и понятная модель разработки. Но банковский enterprise редко выбирает стек только по удобству языка. На практике важны не только синтаксис и экосистема, но и инфраструктура, сопровождение, безопасность, регламенты, legacy, найм, CI/CD, требования к платформам и долгосрочная стратегия организации. Так я оказался в ситуации где C# мне субъективно нравится больше, но Java объективно стала полезнее в конкретном банковском контуре. Эта статья не про холивар C# vs Java. Это попытка спокойно разобрать почему backend разработчику в enterprise иногда приходится расширять стек, даже если текущий язык его полностью устраивает. Почему в банке выбирают стек не только по

https://habr.com/ru/articles/1038626/

#C# #Java #backend #enterprise #банки #Spring_Boot #NET #микросервисы #импортозамещение #карьера

C# мне нравится больше Java. Но в банковском enterprise мне всё равно понадобилась Java

C# я до сих пор считаю одним из самых удобных языков для backend разработки. В нём много вещей к которым быстро привыкаешь: свойства, LINQ, async/await, generics без type erasure, хороший tooling и понятная модель разработки. Но банковский enterprise редко выбирает стек только по удобству языка. На практике важны не только синтаксис и экосистема, но и инфраструктура, сопровождение, безопасность, регламенты, legacy, найм, CI/CD, требования к платформам и долгосрочная стратегия организации. Так я оказался в ситуации где C# мне субъективно нравится больше, но Java объективно стала полезнее в конкретном банковском контуре. Эта статья не про холивар C# vs Java. Это попытка спокойно разобрать почему backend разработчику в enterprise иногда приходится расширять стек, даже если текущий язык его полностью устраивает. Почему в банке выбирают стек не только по

https://habr.com/ru/articles/1038626/

#C# #Java #backend #enterprise #банки #Spring_Boot #NET #микросервисы #импортозамещение #карьера

C# мне нравится больше Java. Но в банковском enterprise мне всё равно понадобилась Java

C# я до сих пор считаю одним из самых удобных языков для backend разработки. В нём много вещей к которым быстро привыкаешь: свойства, LINQ, async/await, generics без type erasure, хороший tooling и понятная модель разработки. Но банковский enterprise редко выбирает стек только по удобству языка. На практике важны не только синтаксис и экосистема, но и инфраструктура, сопровождение, безопасность, регламенты, legacy, найм, CI/CD, требования к платформам и долгосрочная стратегия организации. Так я оказался в ситуации где C# мне субъективно нравится больше, но Java объективно стала полезнее в конкретном банковском контуре. Эта статья не про холивар C# vs Java. Это попытка спокойно разобрать почему backend разработчику в enterprise иногда приходится расширять стек, даже если текущий язык его полностью устраивает. Почему в банке выбирают стек не только по

https://habr.com/ru/articles/1038626/

#C# #Java #backend #enterprise #банки #Spring_Boot #NET #микросервисы #импортозамещение #карьера

Dew Drop – May 25, 2026 (#4675)

https://fed.brid.gy/r/https://alvinashcraft.com/2026/05/25/dew-drop-may-25-2026-4675/

Exploitation of KnowledgeDeliver via ViewState Deserialization Vulnerability

In late 2025, an unknown threat actor exploited a critical zero-day vulnerability in KnowledgeDeliver, a Learning Management System widely used in Japan. The vulnerability, tracked as CVE-2026-5426, allowed unauthenticated remote code execution through ViewState deserialization attacks. The issue stemmed from identical hardcoded ASP.NET machine keys distributed across multiple customer deployments in the vendor's configuration files. Attackers obtained these keys from one deployment and used them to compromise other internet-facing instances. Following initial access, threat actors deployed the BLUEBEAM in-memory web shell, modified JavaScript files to display fake security alerts, and tricked users into installing malicious software that delivered Cobalt Strike BEACON backdoors. The attack demonstrates the severe risks of shared secrets in deployment templates and highlights the importance of unique cryptographic keys per installation.

Pulse ID: 6a140384686e44f07358066d
Pulse Link: https://otx.alienvault.com/pulse/6a140384686e44f07358066d
Pulse Author: AlienVault
Created: 2026-05-25 08:08:36

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BackDoor #CobaltStrike #CyberSecurity #Edge #InfoSec #Japan #Java #JavaScript #Mac #NET #OTX #OpenThreatExchange #RAT #RemoteCodeExecution #Vulnerability #ZeroDay #bot #AlienVault