Hackaday Podcast Episode 374: Flippin’ Phones, Sexy Spraysers, And Frikkin’ Lasers

June 19, 2026 by Kristina Panos No comments

Things are back to normal around the Podcast studio, and this week you’ll hear the dulcet tones of Elliot Williams and Kristina Panos.

In Hackaday news, we still have a Frikkin’ Lasers Challenge going on, and now you can even enter your project into it! Join the ranks, won’t you?

Not only do we have a triple mailbag this week, we have another failed attempt at guessing the sound by Kristina. However, [Baron Maximilian von Knuthausen] knew that it was a train, a British one, even. Then it’s on to the hacks, of course, which ought to go far in explaining the show title.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Download in lovely MP3.

Continue reading “Hackaday Podcast Episode 374: Flippin’ Phones, Sexy Spraysers, And Frikkin’ Lasers” →

This Week In Security: Arch AUR, Steam Marketplace, WordPress All Face Issues, Taco-Themed Coding, And Mythos Makes National News

June 19, 2026 by Mike Kershaw 2 Comments

Starting on June 11, 2026, the Arch User Repository (AUR) was targeted by malware which rapidly compromised over 1,500 packages. The AUR repository allows for abandoned community packages to be taken over by a new maintainer, which was exploited by the attackers to claim ownership.

Once the packages were adopted by the malicious maintainers, the next part should sound familiar: The package build scripts, which are executed by the Arch yay and paru package managers, were modified to install malicious NPM packages (atomic-lockfile and js-digest) each containing the now-usual suite of infostealer malware targeting browser credentials and tokens, SSH private keys, package repository tokens, cloud compute, AI tokens, and crypto wallets.

The malware once installed uses several tricks to cloak itself by renaming processes, and to install systemd services to restart itself, and leveraging eBPF filtering in the kernel to hide the sockets and processes further. It specifically targets browsers and Electron-based applications, which are basically a light-weight Chromium browser disguised as an application anyway. Slack, Discord, Signal, and many more use the Electron wrapper.

A preliminary analysis of the malware is available, which breaks down the exact behavior in more detail and lists the known targets of the malware.

Initially believed to be “only” a few hundred packages, the compromised list eventually grew to over 1500, and additional packages may still be discovered. On June 14, Phoronix reported that a second wave of compromised packages has been found in the AUR repositories, including NeoVim plugins and multiple browsers. The second set of infected packages were compromised in a similar fashion, but with more heavily obfuscated scripts.

Steam Wallpaper Malware

Kaspersky Labs finds that Steam users have been targeted by malware uploaded via a popular animated wallpaper application, “Wallpaper Engine”.

While Valve normally does an admirable job filtering the Steam store, it looks like an exploit has slipped through in “Wallpaper Engine”. Animated wallpapers can be videos, web pages, or full executables themselves. Obviously, being able to run any program masquerading as wallpaper directly is an excellent vector to install malware, so of course this is what happened.

Using the integrated Steam Workshop, which allows users to share game mods and other game content directly, malicious wallpapers install a wide variety of malware including the usual gamut of infostealers, remote access, residential proxy, key logging, and crypto miners. This makes it one of the rare times installing crypto miners almost makes sense, considering most Steam users likely have better than average video cards.

Once a user is infected, the malware also steals the current Steam login credentials, and several instances attempt to then upload additional infected wallpapers to the Steam Workshop under the compromised users identity, completing the supply chain circle of life.

Continue reading “This Week In Security: Arch AUR, Steam Marketplace, WordPress All Face Issues, Taco-Themed Coding, And Mythos Makes National News” →

FLOSS Weekly Episode 871: Rust Won’t Save You

June 17, 2026 by Jonathan Bennett No comments

This week Jonathan chats with Florian Gilcher about Rust and Ferrous Systems! How have we gotten here, what’s coming next, and what’s new in the Rust world? Watch to find out!

Continue reading “FLOSS Weekly Episode 871: Rust Won’t Save You” →

An image of a miniature diorama of Snow White and the Seven Dwarves. On the left is a more detailed 1/6 scale model with a tall, dark haired Snow White and dwarves with red caps and tan tunics. The image on the right is of a much smaller and less detailed set of miniatures. The figures's proportions are a little more uncanny and feel like a low budget Disney rip-off.

How Did They Make View-Master Slides?

June 16, 2026 by Navarre Bartz 19 Comments

The basics of producing a stereophotograph of real life places were well-established by the time the View-Master arrived, but producing images of imaginary scenes was a bit more involved. [View Master Travels and Peter Dibble] took a look at how the fairy tale and media tie-in reels may have been made.

Starting with simple dioramas, View-Master eventually developed an entire team to work on fairy tales. One of the most influential members was sculptor [Florence Thomas]. She was instrumental in updating many of the original fairy tale reels from small scale miniatures to 1/6 scale dioramas for the scenes. Unfortunately, the department was eventually cut and all the original miniatures thrown away.

Before VCRs, View-Master was the primary way people could interact with their favorite TV shows and movies when they weren’t being broadcast. TV shows could be photographed while in production in Hollywood with a stereo camera giving great visual detail. Some cartoon and movie reels were less engaging, having been made from promotional images, giving more of a paper cutout appearance rather than “real” 3D. In either case, many of these visual techniques have been lost with little documentation on how they were achieved.

We previously covered [View Master Travels and Peter Dibble]’s History of the View-Master and how you can digitize the disks for posterity.

Continue reading “How Did They Make View-Master Slides?” →

Hackaday Links: June 14, 2026

June 14, 2026 by Tom Nardi No comments

Times are tough out there, and many are starting to feel the pressure at the grocery store checkout line or the gas pump. But whenever you start to worry about affording life’s necessities, take comfort in the knowledge that somebody is so flush with cash that on Friday they decided to treat themselves and spend $3 million for a sealed copy of Super Mario Bros for the Nintendo Entertainment System.

Although we’re not going to say it necessarily justifies the insane price — a new record for the most ever paid for a video game, incidentally — Heritage Auctions does note in their press release that this is an exceptionally rare version of what’s admittedly one of the most iconic pieces of software ever produced. This is only one of three copies of this particular variant known to exist, which Nintendo apparently distributed to test markets in the United States ahead of the game’s official 1985 release.

In slightly more modern gaming news, Asha Sharma, the new head of Microsoft’s Xbox division, has been making some big swings to try and get Microsoft’s gaming division back on track after years of declining sales. As part of that effort, she recently penned an article detailing some of the challenges the company is facing, which includes some interesting hardware details.

According to the blog post, she claims that in February, the cost of memory and storage components for the Xbox console had doubled compared to the previous year. But those numbers have jumped again, and by the time the holidays roll around, she expects they’ll be paying five times what they did in 2024. That’s bad news for anyone looking to put an Xbox under the tree come Christmas, but even worse news as the company works on the console’s successor. Considering that today’s hardware from Sony and Microsoft can already set you back $700 USD depending on which version you get, it seems like we’re approaching a point where gaming consoles could price themselves out of the market.

Continue reading “Hackaday Links: June 14, 2026” →

Patterns Everywhere

June 13, 2026 by Elliot Williams 23 Comments

I studied physics in college, and I’m always surprised how fundamental some of the concepts are. Take waves for example. You really wouldn’t expect the same underlying concept to be at work on surface of a pond, the string of a guitar, light passing through two slits, and then in the probabilistic behavior of electrons orbiting inside nuclei. But here we are, in a world filled with wave-like phenomena.

What little control theory I know, I’ve learned in the school of hard knocks. But it’s equally amazing that the same basic concepts govern the tuning of car shock absorbers, PID controllers, active audio filters, and other more complex systems where feedback matters. Crucial in all of these systems is the judicious balance of amplification and damping.

And last week on vacation, learning to drive a covered wagon pulled by a heavy draft horse, I saw the same patterns again. The horse likes to pull, and when the wagon comes over the crest of the top of a hill, it starts to roll forward into his harness, pushing him from behind. This makes the horse uneasy, and he slows down, the wagon pushes him harder, and positive feedback gets out of control.

The man who was teaching me to drive the wagon said, “it’s not like a car” in that you don’t tap the brakes to slow down and then let go. Rather, you hold on the brakes for a lot longer than you think is necessary – until the horse tells you that he feels like pulling again – and then you let up only a tiny bit at a time. Otherwise, you end up in the under-damped case, where you let the wagon go too much, it slows the horse, you slam the brakes, the horse pulls hard, and you let up on the brakes, and the cycle continues anew.

What he meant by “not like a car” was that the brakes aren’t just slowing down the wagon, they’re adding damping to keep the horse-wagon system from oscillating. Once that clicked in my mind, everything was smooth sailing. After a couple of days, I even started adding some feed-forward to my mental PID controller, letting the brakes go a little bit more when the horse was approaching the bottom of a hill, and he obviously wanted to pick up a little more speed before the grade ahead.

The horse seemed happy that I was finally getting it, but I don’t think he had any understanding of tuning PID loops. He did have me pondering, on a long stretch of rolling hills on a summer morning, if there were a good minimal set of patterns that explained a maximal breadth of phenomena. I’m starting with the physics of waves and the control of feedback systems, but what’s next?

Hackaday Podcast Ep 373: GPS, Danger In Space, And Robby The Robot

June 12, 2026 by Elliot Williams 3 Comments

Last week, Elliot got his foot stepped on by a 1.5 metric ton draft horse, and boy is he glad to be back to the relative safety of podcasting! Joining him today is Jenny List, no stranger to farm life, who has been trodden by a cow. It’s going to be one of those podcasts, folks.

Another thing the two hosts have in common is a love for the mystery of the numbers station. But did you know that GPS satellites, for the last 20 years, have broadcast literally millions of secret messages to everyone on the earth with a receiver? After that bombshell, we have an ATtiny85 emulating an 8080, a primer on how to embed magnets in 3D prints, definitive proof that more than one cassette mechanism is still being manufactured, and a look at what makes home automation enthusiasts tick.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Download in DRM-free MP3 and play it in space.