More

deafpolygon · 2026-05-13T21:14:06 1778706846

Maybe this is proof of time-travel.

jamiek88 · 2026-05-14T01:13:35 1778721215

NO. NO TIME TRAVEL. NO ALIENS.

Every fucking time we learn something cool about our ancestors someone attempts to undermine it with shit like this.

Neanderthals doing dentistry is way, way, way cooler and more interesting than your fucking woo.

Every single time.

alexanderdmitri · 2026-05-14T03:26:57 1778729217

This is exactly the type of comment I'd expect from a time-traveling alien trying to cover its tracks.

Why did you create us? Why do you hide in the shadows?!

deafpolygon · 2026-05-11T17:46:12 1778521572

This seems like a bad idea, but.. I’m no kernel dev.

deafpolygon · 2026-05-11T14:06:07 1778508367

What’s misleading?

"Novel Campaign Abuses Obsidian Note-Taking App to Target Finance and Crypto Professionals with PHANTOMPULSE RAT”

It’s novel (new), an abuse of Obsidian, specifically targeting a group of people.. and the RAT is embedded in the vault.

kepano · 2026-05-11T14:20:39 1778509239

The headline on HN is different: "Obsidian plugin was abused to deploy a remote access trojan". It's not a plugin that was abused, but the ability for shared vaults to contain plugins.

deafpolygon · 2026-05-12T15:37:35 1778600255

Isn’t that nearly the same thing? It depends on the presence of a particular plugin which was abused to run remote commands.

kepano · 2026-05-12T16:09:30 1778602170

No. The attack does not depend on the presence of a specific plugin. The ones listed in the article are just the ones that were used in the POC. Any plugin could be modified by the attacker if the user trusts the attacker and accepts 1. the vault, 2. the shared plugins, 3. disables restricted mode.

deafpolygon · 2026-05-11T10:27:21 1778495241

It does.

> It enables malicious versions of legitimate Obsidian plugins ('Shell Commands' and 'Hider') that are present in the shared vault.

lossyalgo · 2026-05-11T11:44:54 1778499894

Thanks! I also scanned the detailed article looking for which plugins were affected and wasn't able to find it. Came to the comments looking for a quicker answer.

deafpolygon · 2026-05-07T21:22:52 1778188972

On the other hand, I found it quite pleasant and subsequently forgot about it. It’s out of my way and I focus on the task at hand.

deafpolygon · 2026-05-07T21:19:41 1778188781

> Apple's software incompetence is absolutely universally hated

Weird. Maybe he spent too much time on ChatGPT and got AI psychosis.

deafpolygon · 2026-05-07T19:47:52 1778183272

After letting Mulder go early, I’m not surprised.

deafpolygon · 2026-05-07T09:04:38 1778144678

One of the reasons why these kind of software is not allowed is that it opens up a new class of social engineering attacks (install this, run this code) against users that have normally placed great trust in their software.

deafpolygon · 2026-05-07T09:00:06 1778144406

What does SpaceX get out of this deal?

deafpolygon · 2026-05-06T20:15:44 1778098544

What’s old is new again.