Month: June 2024

Enlarge / Diamond Shruumz's "extremely potent" infused cones in "sprinkles" flavor. (credit: Diamond Shruumz)

More people have reported severe poisonings in an ongoing outbreak marked by people seizing and needing to be intubated after consuming microdose candies made by Diamond Shruumz, the Food and Drug Administration reported Tuesday.

There are now at least 12 reported cases across eight states. All 12 people were ill enough to seek medical care, and 10 needed to be hospitalized. The symptoms reported so far include seizures, central nervous system depression (loss of consciousness, confusion, sleepiness), agitation, abnormal heart rates, hyper/hypotension, nausea, and vomiting, the FDA reported.

In Tuesday's update, the FDA also expanded the products linked to the illnesses. In addition to all flavors of Diamond Shruumz's Microdosing Chocolate Bars, the agency's warning now covers all flavors of the brand's Infused Cones and Micro Dose and Macro Dose Gummies.

Enlarge

Hackers working for the Chinese government gained access to more than 20,000 VPN appliances sold by Fortinet using a critical vulnerability that the company failed to disclose for two weeks after fixing it, Netherlands government officials said.

The vulnerability, tracked as CVE-2022-42475, is a heap-based buffer overflow that allows hackers to remotely execute malicious code. It carries a severity rating of 9.8 out of 10. A maker of network security software, Fortinet silently fixed the vulnerability on November 28, 2022, but failed to mention the threat until December 12 of that year, when the company said it became aware of an “instance where this vulnerability was exploited in the wild.” On January 11, 2023—more than six weeks after the vulnerability was fixed—Fortinet warned a threat actor was exploiting it to infect government and government-related organizations with advanced custom-made malware.

Enter CoatHanger

The Netherlands officials first reported in February that Chinese state hackers had exploited CVE-2022-42475 to install an advanced and stealthy backdoor tracked as CoatHanger on Fortigate appliances inside the Dutch Ministry of Defence. Once installed, the never-before-seen malware, specifically designed for the underlying FortiOS operating system, was able to permanently reside on devices even when rebooted or receiving a firmware update. CoatHanger could also escape traditional detection measures, the officials warned. The damage resulting from the breach was limited, however, because infections were contained inside a segment reserved for non-classified uses.

Enlarge / In this pool photo distributed by Sputnik agency, Russia's President Vladimir Putin and North Korea's leader Kim Jong Un visit the Vostochny Cosmodrome in Amur region in 2023. An RD-191 engine is visible in the background. (credit: Vladimir Smirnov/Pool/AFP/Getty Images)

Russian President Vladimir Putin will reportedly visit North Korea later this month, and you can bet collaboration on missiles and space programs will be on the agenda.

The bilateral summit in Pyongyang will follow a mysterious North Korean rocket launch on May 27, which ended in a fireball over the Yellow Sea. The fact that this launch fell short of orbit is not unusual—two of the country's three previous satellite launch attempts failed. But North Korea's official state news agency dropped some big news in the last paragraph of its report on the May 27 launch.

The Korean Central News Agency called the launch vehicle a "new-type satellite carrier rocket" and attributed the likely cause of the failure to "the reliability of operation of the newly developed liquid oxygen + petroleum engine" on the first stage booster. A small North Korean military spy satellite was destroyed. The fiery demise of the North Korean rocket was captured in a video recorded by the Japanese news broadcaster NHK.