HN Reader

New battery has life so long you may never have to recharge (neowin.net)

3 points by Bluestein 3m ago 0 comments

Just released my open-source project: Log Manager (github.com)

1 points by bodyast1010 3m ago 1 comments

Belarus Shuts Down Nuclear Unit After Cooling System Alert (oilprice.com)

4 points by Bluestein 5m ago 0 comments

Breaking Device and Network Barriers to Ensure Stable Cross-Border Teaching

1 points by yt1314 8m ago 0 comments

Show HN: Silk – Simple Invoicing for freelancers (macOS native) (naivehuman.com)

1 points by buditanrim 8m ago 0 comments

Why Do Iceland's Volcanoes Keep Erupting, and How Dangerous Are They? (bloomberg.com)

3 points by Bluestein 12m ago 0 comments

ChatGPT Plus Gets Record Mode on Mac for Meeting Transcription (macrumors.com)

1 points by thm 13m ago 0 comments

Show HN: Agent bypasses LLM context-window limit,read and edit >10k LOC reliably (marketplace.visualstudio.com)

4 points by PreciousH 16m ago 0 comments

An undocumented UEFI firmware bootkit fused with Lumma (virustotal.com)

2 points by georgepiser 18m ago 1 comments

The Righteous Ego – A Different Kind of 'Special One' (medialens.org)

2 points by k1m 31m ago 0 comments

FOSS4G Europe 2025 Live Streaming (2025.europe.foss4g.org)

1 points by altilunium 31m ago 0 comments

Jove (Jonathan's Own Version of Emacs) (en.wikipedia.org)

1 points by nanna 33m ago 0 comments

Zoho Launches Zia LLM (zoho.com)

2 points by Brajeshwar 33m ago 0 comments

Almost Always Auto (2013) (herbsutter.com)

1 points by susam 35m ago 0 comments

Ceratosaur Fossil Auctioned for $30.5M by Sotheby's (nytimes.com)

1 points by woldemariam 37m ago 0 comments

The 0.1x Engineer [video] (youtube.com)

1 points by redbell 38m ago 0 comments

Migrating over 30 lambdas from Serverless Framework with LLMs (intmaker.com)

1 points by ribtoks 39m ago 1 comments

Mitochondrial donation: the pioneering IVF treatment giving families hope (wellcome.org)

1 points by woldemariam 41m ago 0 comments

China Puts New Restrictions on E.V. Battery Manufacturing Technology (nytimes.com)

2 points by bookofjoe 42m ago 1 comments

Scraping vulnerability data from 100 different sources (without LLMs) (secalerts.co)

1 points by louisstow 51m ago 0 comments

Graduate level topics in computer science and engineering?

1 points by shivajikobardan 51m ago 0 comments

C++ Trailing Return Types (2022) (danielsieger.com)

2 points by susam 52m ago 0 comments

NativePHP: Build a Mobile and Desktop Apps with PHP/Laravel (nativephp.com)

2 points by MarcellusDrum 54m ago 0 comments

Transformers Tutorial (github.com)

1 points by demirbey05 55m ago 0 comments

Simulating Hand-Drawn Motion with SVG Filters (camillovisini.com)

3 points by camillovisini 56m ago 0 comments

Suggestion: Add gRPC as a Standard Transport for MCP (github.com)

2 points by saeedesmaili 56m ago 0 comments

We built AI dev agent that turns Jira tickets into ready PRs – no human needed (deepsense.ai)

1 points by raczekk 58m ago 0 comments

Are we trading our hard-earned intelligence for convenience? (lmyslinski.com)

2 points by lmyslinski 59m ago 0 comments

Bpftrace Variable Types (nanxiao.me)

1 points by nanxiao 1h ago 1 comments

Earn $200 Only by Referring (waitlister.me)

1 points by DavidvsGoliath 1h ago 0 comments

Bundler: Bundler v2.7: last release before Bundler 4 (bundler.io)

1 points by amalinovic 1h ago 0 comments

Show HN: A tool that helps users create viral videos to promote products (viralcraftai.com)

1 points by zin9726 1h ago 0 comments

Rethinking the Illusion of Thinking (arxiv.org)

1 points by jamesblonde 1h ago 1 comments

Flower movement induced by weather-dependent tropism (nature.com)

1 points by bryanrasmussen 1h ago 1 comments

Live AI interviews speech to speech (recrootiq.com)

2 points by muronuch 1h ago 0 comments

Selection from the Vaults of Fug: Mr. Wilson (medium.com)

1 points by bryanrasmussen 1h ago 0 comments

Show HN: SnapCal, take a pic of an event poster and it’s in your calendar. (apps.apple.com)

2 points by coltonkinstley 1h ago 3 comments

Why Jane Austen is definitely not just for girls (theconversation.com)

1 points by bryanrasmussen 1h ago 0 comments

Show HN: Top Websites Ranked Hypergraph (hugston.com)

1 points by trilogic 1h ago 0 comments

The ChatGPT "Awakening": Why Your AI Seems Alive (But Isn't) (lightcapai.medium.com)

1 points by WASDAai 1h ago 1 comments

Rising Wealth Inequality and Democratic Backsliding Across U.S. States (osf.io)

1 points by alphabetatango 1h ago 0 comments

Dynamic witnesses for static type errors in OCaml, or, ill-typed programs usuall (arxiv.org)

1 points by fanf2 1h ago 0 comments

A minimal block-style logger for Go (with red alert blocks) (github.com)

1 points by seipan 1h ago 0 comments

LongSum:Intelligent text summarization supporting up to 1 million words (longsum.lovable.app)

1 points by na1 1h ago 0 comments

Open, free, and ignored: the afterlife of Symbian (theregister.com)

23 points by mdp2021 1h ago 5 comments

From Idea to Launch in 2 Weeks (yusufaytas.com)

3 points by jatwork 1h ago 1 comments

Show HN: Interactive coloring and learn about space (for kids) (dibulo.com)

2 points by zengineer 1h ago 0 comments

Distant Writing: Literary Production in the Age of Artificial Intelligence (papers.ssrn.com)

1 points by mrcgnc 1h ago 0 comments

Can Keyword Ranking Data Help Agencies Retain SEO Clients? (medium.com)

2 points by chig3rl 1h ago 0 comments

The companies laying off staff for AI today will regret it in five years (fortune.com)

5 points by ekpyrotic 1h ago 6 comments

An undocumented UEFI firmware bootkit fused with Lumma

2 georgepiser 1 7/17/2025, 9:50:30 AM virustotal.com ↗

Comments (1)

georgepiser · 18m ago
I think this is how this bootkit works: Modifies UEFI Firmware (likely inserts a SMM module in ME region) -> you boot -> SMM module somehow hooks into OS to load a driver, stealthily. Driver downloads known / foss RATs, and gives them visibility cover.

Those samples are falsely labelled as "lumma", it's possible the bootkit is fused with lumma, as lumma is one of the rats it deploys post-infection.

I think this bootkit is developed/smuggled out of a elite hacking unit, by "Nir Lichtman" who is very popular in "the com" where he hacks people for "ego", and "status" mainly.

Basically I suspect Nir lichtman to be a rogue state operator who abuses 0-days and toolkits to hack people off discord / telegram drama. As crazy as that sounds.