Original post on mindly.social

Now this is an interesting #Python problem. I don't know if it's a #bug, but it's a change in behaviour that I don't see documented.

I upgraded from #Debian 12/Bookworm to 13/Trixie, so the default Python3 changed from 3.11 to 3.13. A script of mine broke, because `pathlib.Path.is_mount()` […]

How to Clean Up Your Broken Symlinks: The Good Way and the Better Way Find the best way.

How to Clean Up Your Broken Symlinks: The Good Way and the Better Way

#linux #symlink

www.howtogeek.com/how-t...

Links and aliases: which are best? Three different ways to link to files, and two for folders. Which should you use, and how well do they cope with changes in that volume?

Literally me today (Symlink Targets)

#linux #meme #symlink

How to tell the difference between copies, clone files, and hard links Distinguishing conventional copies, clone files, symlinks, hard links and Finder aliases can be confusing. Here's how to tell them apart with using Terminal.

Am at #FIRSTCTI25 if #symlink is on your radar

Backdoor symlink sur des VPN SSL Fortinet – Blog | Big Data for Cyber Defense

💥Méthode de détection de la #backdoor #symlink sur #fortinet

"nous sommes prêts à la partager, en privé"

Plus de 18,000 équipements compromis

Lire l'article : blog.onyphe.io/backdoor-sym...

Symlink backdoor on Fortinet SSL-VPN devices – Blog | Big Data for Cyber Defense

💥Detection method for #symlink #backdoor on #fortinet

"we are willing to share it, privately"

More than 18k devices compromised

Read more: blog.onyphe.io/en/symlink-b...

New SSL-VPN Symlink Exploit Enables Silent FortiGate Compromise Fortinet, a leading potatosecurity...

certera.com/blog/new-ssl-vpn-symlink...

#Vulnerability #FortiGate #Vulnerabilities #SSL-VPN #Symlink #Exploit

Event Attributes

Awakari App

New SSL-VPN Symlink Exploit Enables Silent FortiGate Compromise Fortinet, a leading cybersecurity...

certera.com/blog/new-ssl-vpn-symlink...

#Vulnerability #FortiGate #Vulnerabilities #SSL-VPN #Symlink #Exploit

Event Attributes

14.000 Fortinet-Firewalls kompromitiert: Angreifer nisten sich ein Mehr als 14.000 Fortinet-Firewalls sind derzeit von Angreifern kompromittiert. Die verankern sich mit Symlinks im System.

"14.000 Fortinet-Firewalls kompromitiert: Angreifer nisten sich ein...
#CyberSecurity #Hacking #Fortinet #Firewall #Symlink
www.heise.de/news/14-000-...

WinRAR Bug Circumvents Windows Mark of Web Security Notifications.  A security flaw in the WinRAR file archiver solution might be used to circumvent the Mark of the Web (MotW) security warning and execute arbitrary code on a Windows computer. The vulnerability is known as CVE-2025-31334 and impacts all WinRAR versions except the most recent release, 7.11.  Mark of the Web is a security mechanism in Windows that uses a metadata value (an additional data stream called 'zone-identifier') to identify potentially dangerous files downloaded from the internet. When you launch an executable with the MotW tag, Windows informs you that it was obtained from the internet and can be risky, and you can choose whether to continue or terminate it. Symlink to executable The CVE-2025-31334 flaw allows an attacker to circumvent the MotW security warning when opening a symbolic link (symlink) to an executable file in any WinRAR version prior to 7.11. Using a specially designed symbolic link, an attacker can execute arbitrary code. It should be noted that on Windows, symlinks can only be generated with administrator privileges.  The security flaw received a medium severity score of 6.8 and was fixed in the latest version of WinRAR, according to the applications change log: “If symlink pointing at an executable was started from WinRAR shell, the executable Mark of the Web data was ignored” - WinRaR.  Shimamine Taihei of Mitsui Bussan Secure Directions reported the vulnerability to the Information Technology Promotion Agency (IPA) in Japan. The responsible disclosure was organised by Japan's Computer Security Incident Response Team with the developer of WinRAR. Starting with version 7.10, WinRAR allows you to remove information from the MotW alternative data stream (such as location and IP address) that could be deemed a privacy issue. Cybercriminals, including state-sponsored ones, have previously used MotW bypasses to transmit malware without triggering the security warning.  Recently, Russian attackers exploited a vulnerability in the 7-Zip archiver that did not propagate the MotW when double archiving (archiving one file within another) to launch the Smokeloader malware dropper.

WinRAR Bug Circumvents Windows Mark of Web Security Notifications. #MarkoftheWeb #Securityflaw #Symlink

💡 Falla di sicurezza in WinRAR bypassa il MotW di Windows

gomoot.com/falla-di-sic...

#blog #bug #cve #falla #news #picks #sicurezza #symlink #tech #tecnologia #winrar #zip

fed up w/ #samba #shared #doc #attachment #issue thru #thunderbird ? Try ths #symlink via #term user@MyLinuxBoX:~$ ln -s ~/.gvfs samba