- ByteSize
- Posts
- Russian Wine Hacks, Apple's Emergency Patch, and Fortinet's Firewall Fiasco
Russian Wine Hacks, Apple's Emergency Patch, and Fortinet's Firewall Fiasco
In other news: OpenAI's wallet is $3B lighter, Meta might lose its Instagram filters, and X users discover the support account actually existed...
Congrats, it's April 22, 2025! You’ve survived another week in tech without rage-quitting or throwing your laptop into a canal.
Today, Mosaic turns 32, which means it’s officially old enough to be replaced by a younger browser with more plug-ins and commitment issues. For those who need a refresher, Mosaic 1.0 was the first web browser with a graphic interface. That's right, folks – the browser that allowed people to actually SEE the World Wide Web instead of just reading it like some digital stone tablet. I like to imagine someone in 1993 excitedly showing off their fancy new Mosaic browser saying, "Look, PICTURES on the INTERNET!" while everyone's minds collectively exploded. Simpler times.
Russian Spies Use Wine Tastings to Deploy Malware, Proving They’ll Stoop to Any Level
Russia's notorious hacker group Cozy Bear (aka APT 29) is back with yet another "sophisticated" phishing campaign that's targeting European diplomats with fake invitations to wine tastings. Because apparently, nothing says "I'm about to compromise your national security" like a nice Cabernet Sauvignon. The emails appear to come from foreign ministries and include follow-ups if targets don't respond – showing persistence that would impress even my ex.
The malware package they're deploying is called "Grapeloader" (previous version was "Wineloader" – real creative, guys), which allows access to sensitive government data. These hackers must've binged Succession and thought, "You know what? Logan Roy had the right approach to business." Just pure evil wrapped in a fancy suit, serving you poisoned digital hors d'oeuvres (correct pronunciation: horse divorce)
For those keeping score at home, this is the same group behind the 2020 SolarWinds hack and is believed to be run by the FSB, Russia's primary intelligence agency. They're like the Kardashians of cyber espionage – they never really go away, just keep reinventing themselves with slightly different (brain dead) tactics every season.
Apple Fixes Zero-Day Bugs Targeting “Specific Individuals” — Translation: Rich People and Politicians
Apple released updates across its product line to fix two zero-day vulnerabilities that were "actively exploited" against "specific targeted individuals on iOS." Let me translate Apple's corporate speak for you: "Someone important enough for us to care about got hacked."
These bugs are labeled as "zero-days," which means they were unknown to Apple while being exploited. One bug affects Apple's Core Audio system and can be triggered by processing "a maliciously crafted media file" to execute unauthorized code. Basically, someone out there figured out how to turn your questionable taste in music against you via your AirPods. Joke’s on them — I wanted someone to hear me blasting My Chemical Romance like it's 2006. (So what if my AirPods are broadcasting my emo phase?) Hackers can judge me when they stop using light mode.
The other bug allows attackers to bypass pointer authentication, a security feature that's supposed to prevent code injection. Credit for discovering one bug goes to Google's Threat Analysis Group, suggesting this may be a nation-state operation.
It's giving real "The Last of Us" vibes – except instead of cordyceps fungi, it's either nation-states turning your $1,200 phone into their personal surveillance device or a guy in a basement in Belarus stealing your camera roll. Awesome…
16,000+ Fortinet Devices Compromised With Backdoor — Your Firewall Has A Firewall Problem
Guess which enterprise security product forgot it was supposed to secure things? Over 16,000 internet-exposed Fortinet devices have been compromised with a new symlink backdoor that allows read-only access to sensitive files. (If your firewall was a bouncer, this is the part where it let in 16,000 guys named "admin’"with no ID.) This persistence mechanism doesn't rely on new vulnerabilities, but instead exploits previous compromises from attacks in 2023 and 2024.
Basically, attackers created symbolic links in the language files folder to the root file system on devices with SSL-VPN enabled, giving them persistent access even after the initial vulnerabilities were patched. It’s giving major "hiring a PI to spy on your spouse, and they end up dating both of you" energy.
Fortinet is now notifying customers of compromised devices and has released updates to detect and remove this backdoor. (Ah yes, classic cybersecurity move: "notify and pray.") They're also advising that all credentials should be reset since attackers may have accessed configuration files. I mean, imagine your firewall having a secret OnlyFans you didn’t know about—but the content is just config file leaks. Major oof.
⚙️ Tool Time
We recommend Beyond Compare.
You know what's better than being able to tell if two files are the same? Being able to tell if they're different—and exactly how they're different. That's where Scooter Software’s Beyond Compare comes in.
This cross-platform utility lets you compare files, folders, FTP sites, and more with the precision of an obsessive-compulsive detective. Whether you're trying to merge code changes, sync folders, or just figure out which of your seventeen "final_final_FINAL_v2_ACTUALLY_FINAL.docx" files is actually the final one, it's got you covered.
Think of it as the lovechild of a forensic analyst and a petty ex—it will find every tiny difference and then never shut up about it. But unlike your ex, it actually tells you where things went wrong. With syntax highlighting for code comparison and specialized viewers for images and data files, it’s a multi-tool so sharp… it can cut through your excuses and your backup folders.
Recommended by three separate ByteSize readers (Bruce, Michael, and Yuri), this is basically It’s the golden retriever or "Air Bud" of utilities—loyal, eager to help, and slightly too good for the chaotic world it lives in.
👨💻 Job Opportunities
Atlassian is looking for a "tech whisperer" to design technical solutions for clients, provide guidance on SaaS solutions, and ensure successful product adoption – essentially making products seem less intimidating than they actually are. Perfect for anyone who dreams of being the Nathan Fielder of enterprise software – meticulously planning implementations that still somehow go hilariously wrong.
If you've ever watched "White Lotus" and thought, "I identify most with the hotel staff desperately trying to keep everything running while rich people do bizarre things," this job might be for you. Gitlab needs someone who can stay calm during on-call hell, pretend Kubernetes isn’t gaslighting them, and can juggle ClickHouse, PostgreSQL, and cloud infrastructure without crying.
Cedar needs a Senior Software Engineer to join their Clarity squad, focused on improving healthcare bill transparency. Be the hero in your own personal episode of "Severance," where instead of mysterious corporate cultism, you're actually just helping people understand why they're paying $500 for a bandaid.
🛩 Industry Moves
OpenAI is reportedly in discussions to buy Windsurf, an AI-assisted coding tool formerly known as Codeium, for approximately $3 billion. This would be OpenAI's largest acquisition yet, which makes sense – they've generated so much hype they need to start actually delivering value before everyone realizes the emperor might be wearing fewer clothes than advertised. But if you're asking me, this acquisition is reeks of 'midlife crisis in a Patagonia vest" energy—like when your ex-crypto friend buys a cybertruck, a samurai sword, and a $3B startup in the same week.
The trial between the FTC and Meta has begun, with the future of the company at stake. The FTC wants Meta to sell off Instagram and WhatsApp, arguing that it acquired them illegally to suppress competition. Mark Zuckerberg took the stand Monday, defending against accusations that Facebook bought these platforms to eliminate competitors. The government's case revolves around emails where Zuck allegedly wrote it's "better to buy than compete.” The trial feels like Marriage Story – a messy, expensive divorce proceeding where both parties are fighting over who gets custody of the kids (users) and vacation home (billions in ad revenue).
X (formerly Twitter) announced it would be shutting down its Support account, prompting disgruntled users to roast the platform for providing "essentially non-existent" support in the first place. The company says users can now get help through the Premium account or the Help Center, which several users claim is just an endless loop that links back to itself. It’s like subscribing to a haunted Ouija board—except the ghost charges $8/month and still leaves you on read.
US government funding for Common Vulnerabilities and Exposures (CVE), has been renewed just hours before its deadline expired. House Reps. Zoe Lofgren and Bennie Thompson had called the potential funding lapse "reckless and ignorant," stating it would "undermine cybersecurity around the world." It's like watching a movie where they defuse the bomb with one second left on the timer – except this particular bomb would have silently exploded critical infrastructure across the globe.
Introducing Chip, our resident IT therapist who's seen every error message known to mankind and still hasn't thrown a computer out a window (professionally, at least)! **
PDF Puzzle Party: George is asking how to merge four separate PDF files into a single document after scanning them. George, I feel your pain – nothing says "modern technology" like needing six different tools to perform one basic task that should be built into every OS.
Outlook's Split Personality Disorder: Another user is wondering how to stop the Outlook New-Classic Headache" with both versions of Outlook installed on Windows 11 Pro.
The Great Database Migration Crisis: Jason's fighting the classic "square peg, round hole" battle—trying to jam a 430MB MySQL dump into SQL Server. So, naturally, he's asking "how do you import a hefty MySQL file into SQL Server without fail?"
Huzzah! You’ve made it through another week of breaches, bugs, and billionaires pretending to be innovators. Now go touch grass, patch your systems, uninstall one suspicious Chrome extension, and scream into the void (Slack).
Enjoyed the news? Discuss over on Experts Exchange.
Got news to share or topics you'd like us to cover?
Send 'em our way. We can't wait to hear from you. Really.