YunoBlog

Author: tio

  • Does video show ‘humanoid’ robot in London? We inspected

    Some robotics companies develop robots that look like people, but the video from the U.K. capital appeared to show a human woman in costume.
  • Top 10 Most Pirated Movies of The Week – 02/23/2026

    Top 10 Most Pirated Movies of The Week – 02/23/2026

    The data for our weekly download chart is estimated by TorrentFreak, and is for informational and educational reference only.

    Downloading content without permission is copyright infringement. These torrent download statistics are only meant to provide further insight into piracy trends. All data are gathered from public resources.

    This week we have one newcomer on the list. “28 Years Later: The Bone Temple” is the most shared title.

    The most torrented movies for the week ending on February 23 are:

    Movie Rank Rank last week Movie name IMDb Rating / Trailer
    Most downloaded movies via torrent sites
    1 (…) 28 Years Later: The Bone Temple 7.5 / trailer
    2 (1) Marty Supreme 8.0 / trailer
    3 (2) The Housemaid 6.9 / trailer
    4 (…) Mercy 6.1 / trailer
    5 (3) Predator: Badlands 7.5 / trailer
    6 (4) Zootopia 2 7.6 / trailer
    7 (9) One Battle After Another 8.1 / trailer
    8 (6) The Wrecking Crew 6.5 / trailer
    9 (5) Anaconda 5.7 / trailer
    10 (7) Greenland Migration 5.3 / trailer

    Note: We also publish an updating archive of all the list of weekly most torrented movies lists.

    From: TF, for the latest news on copyright battles, piracy and more.

  • ProtonVPN Fights French Pirate Site Blockades, But Court Rejects Overblocking Fears

    ProtonVPN Fights French Pirate Site Blockades, But Court Rejects Overblocking Fears

    Earlier this week, a Spanish court ordered ProtonVPN and NordVPN to block pirate LaLiga streams on their networks.

    The VPN providers were not involved in the legal proceedings, and the orders were granted without a defense. In fact, ProtonVPN learned about it from news reports and questioned its legal validity.

    While the Spanish order made headlines due to its novelty, France has seen several of these orders already. This includes two new decisions issued in late January, where ProtonVPN fought back tooth and nail but still lost.

    ProtonVPN Faces Two New Blocking Orders in France

    The Paris Judicial Court issued two separate orders on January 28 and 29, both targeting Proton AG individually as the sole defendant. Both cases involved various rightsholders, including Canal+ companies, who sought to protect their interest in sports broadcasts.

    In one case, they want ProtonVPN to block 16 pirate sites (full list here) that streamed Premier League matches, and the other case targets the same number of domain names, focusing on sites that stream the Top 14 Rugby competition.

    From the Rugby case

    proton order

    The Paris Judicial Court ultimately granted both orders, which is in line with previous blocking injunctions. In the Rugby case, one domain was excluded from the blocklist due to an oversight; the court noted that the URL tested during the investigation didn’t match the domain name Canal+ actually requested to be blocked.

    Feature Premier League Case Top 14 Rugby Case
    Case Number RG nº 25/12499 RG nº 25/10983
    Plaintiffs Canal+ entities Canal+ entities and the Ligue Nationale de Rugby (LNR) as intervener
    Targeted Content Premier League (2025/2026 season) Top 14 Rugby (2025/2026 season)
    Domains Targeted 16 pirate domains 16 domains initially listed (one rejected)
    Duration of Block Until May 24, 2026 (end of season) Until June 27, 2026 (end of season)

    ProtonVPN Fought Back Hard

    While Proton was excluded from the legal process in Spain, the Swiss company was allowed to defend itself before the Paris court. This is precisely what it did, with the VPN provider raising a wide variety of defenses.

    The VPN provider raised jurisdictional questions and also requested to see evidence that Canal+ owned all the rights at play. However, these concerns didn’t convince the court.

    The same applies to Proton’s net neutrality defense, which argued that Article 333-10 of the French sports code, which is at the basis of all blocking orders, violates EU Open Internet Regulation. This defense was too vague, the court concluded, noting that Proton cited the regulation without specifying which provisions were actually breached.

    “Under these circumstances, the argument is unfounded. There is no basis for granting Proton’s subsidiary claim of non-compliance with European law,” the court concluded.

    Additionally, Proton argued that forcing a Swiss company to block content for French users restricts cross-border trade in services under the WTO’s General Agreement on Trade in Services. The court dismissed this argument, as the proposed blocking measures are limited in scope and duration, which should be allowed under the WTO agreement.

    Overblocking Concerns Dismissed

    Proton’s defense didn’t stop there; the company also argued that the blocking measures are technically unrealizable, costly, and unnecessarily complex.

    Crucially, the VPN provider argued that a block cannot be technically restricted to France. Therefore, forcing the company to block these domains in France would effectively force an international, global blockade, which is highly disproportionate to the localized rights Canal+ holds.

    The Paris Court was not swayed by these technical and cost-related concerns, including the fears of a global blockade.

    “It must be noted that no quantifiable and verifiable technical evidence corroborates the technical difficulties of implementation cited by the defense,” the court concluded.

    The Battle Continues

    While ProtonVPN was allowed to defend itself, unlike in Spain, the end result is similar. The VPN provider has to block access to the 31 domain names.

    That said, the court didn’t grant Canal+ everything it asked for. The broadcaster wanted ProtonVPN to publish the ruling on its website for three months, but the court concluded that this would unfairly put the VPN provider in a bad light, disproportionately associating it with the pirate sites. Canal+’s €30,000 cost claim didn’t survive either.

    Both orders are dynamic in nature, meaning that rightsholders can report new pirate domains or mirror sites directly to ARCOM, the French media regulator. After ARCOM verifies these new domains, ProtonVPN has to add them to their blocklist.

    The legal battle over VPN blocking is far from over yet. Proton previously said it would take VPN blocking to Europe’s highest court.

    Meanwhile, however, French rightsholders show no sign of slowing down. These two Proton orders came alongside a parallel Google DNS blocking order for the same Premier League domains, as well a massive ISP blocking order covering 150+ IPTV domains.

    At this point, the question isn’t whether French courts will keep ordering VPN blocks. They will. The question is whether Europe’s highest court will eventually set any limits or not.

    Copies of the court orders (in French) are linked below, alongside all targeted domain names.

    Premier League Case (16 Domains):

    – abbasport.online
    – antenaplanet.store
    – antenawest.store
    – daddylive.dad
    – foot22.ru
    – miztv.top
    – tous-sports.ru
    – andrenalynrushplay.cfd
    – vidembed.re
    – bleedfilter.net
    – alldownplay.xyz
    – catchthrust.net
    – 4kultramedia.fr
    – smart.stella.cx
    – franceiptvabonnement.fr
    – slayvision.xyz

    Top 14 Rugby Case (15 Domains):

    – abbasport.online
    – antenashop.site
    – antenawest.store
    – canalsport.ru
    – daddylive2.top
    – sporttuna.click
    – antenaplanet.store
    – veplay.top
    – catchthrust.net
    – lefttoplay.xyz
    – home.sporttuna.vip
    – sporttuna.website
    – zukiplay.cfd
    – iptv-pro.co
    – atlaspro.tv

    (Additionally, here is the simultaneous Google DNS order that targets the same 16 Premier League domains, and the massive ISP order targets roughly 150+ domains tied to seven major IPTV operations).

    From: TF, for the latest news on copyright battles, piracy and more.

  • Snopestionary: 8 tips to vet fundraisers and protect your donations

    Here is how to make sure your money is going to a legitimate cause.

  • Slovakia Marks 8 Years Since the Murder of Journalist Ján Kuciak and his Fiancée

    Hundreds of people gathered in Bratislava and other cities across Slovakia on Saturday to mark the eighth anniversary of the killings of investigative reporter Ján Kuciak and his fiancée, Martina Kušnírová, in a case that shook the country but still lacks a final answer about who ordered their deaths.

    The murders on Feb. 21, 2018, were carried out by gunman Miroslav Marček, who shot Kuciak twice in the chest and Kušnírová once in the head, while an accomplice, Tomáš Szabó, waited nearby, prosecutors said. 

    Both men are serving 25-year prison sentences. Authorities say they acted on instructions relayed by intermediary Zoltán Andruskó, who confessed and received a 15-year term.

    Yet the central question — who commissioned the assassination — remains unresolved, leaving one of Europe’s most consequential journalist murder cases without closure.

    Prosecutors allege that businessman Marian Kočner ordered the killing through an associate, Alena Zsuzsová, who then tasked Andruskó. Courts have twice acquitted Kočner and once convicted Zsuzsová, but each verdict has been overturned on appeal, effectively resetting the case.

    The retrial, now underway at the Specialized Criminal Court in Pezinok, follows a ruling last May by the Supreme Court of Slovakia that cited serious flaws in how earlier judges evaluated evidence. The high court said the panel had failed to address key facts and had not followed prior judicial instructions.

    The new proceedings, which opened in January and are scheduled to run through December, also include charges tied to alleged plots against prosecutors. Two additional defendants — Dušan Kračina and Darko Dragić — are accused in those cases.

    The killings prompted mass demonstrations in 2018 that helped topple a government and reshaped the country’s political landscape. Eight years on, the case remains a symbol of unresolved justice and the risks faced by investigative journalists.

    At a commemorative gathering at Freedom Square, Kuciak’s father, Jozef Kuciak, told attendees, according to The Slovak Spectator: “Every day we live with pain; every day we go to the cemetery to light candles instead of raising our grandchildren.”

    In a statement, Pavol Szalai of Reporters Without Borders urged judges to “duly examine” all evidence and rule independently, adding, “Europe’s eyes are on Slovakia.”

    Roberta Metsola, president of the European Parliament, said the murders had “shaken Europe” and noted they came months after the killing of Daphne Caruana Galizia. “Their courage remains a beacon for journalists across the continent who risk everything to uncover the truth and safeguard our democracies,” she wrote on X.

  • Leftists Can Stack Up Wins in the 2026 Midterms

    Leftists Can Stack Up Wins in the 2026 Midterms

    We’re now two months into 2026, roughly a quarter of the way through Donald Trump’s second presidency, and things have been grim. Overseas, Trump’s government has attacked Venezuela and kidnapped its head of state, killing at least 83 people in the process. Trump is now threatening Colombia, Cuba, Mexico, Iran, Greenland, and Nigeria with the same kind of aggression, and that’s the short list. At home, ICE troops have murdered Renee Good and Alex Pretti in the street, and they’ve killed at least six people in nightmarish detention centers across the country. Measles is spreading everywhere, thanks largely to the anti-vaccine propaganda of people like Robert F. Kennedy, Jr, and the literacy rate continues to slide downward, while the economy and the environment are consumed by AI data centers. The state of the union, frankly, is a train wreck. Or it would be, if we had any decent trains to begin with.

  • People searching NHS advice on high blood pressure skyrocketed last year

    The number of people searching for trusted NHS advice on high blood pressure surged in 2025 with hundreds of thousands of extra visits to online information on risk and how to get checked. The NHS webpage on high blood pressure rocketed from 30th place in 2024, to the second most visited health condition on NHS.uk […]
  • The Crackpots of the ’90s Foreshadowed Our Political Moment

    The Crackpots of the ’90s Foreshadowed Our Political Moment

    Nation columnist John Ganz is the New York Times best-selling author of When the Clock Broke: Con Men, Conspiracists, and How America Cracked Up in the Early 1990s. Jacobin magazine has called him “one of America’s most astute observers of the Right.” Ganz writes the Unpopular Front newsletter on Substack, and his work has appeared in The Washington Post, Harper’s Magazine, Artforum, the New Statesman, and other publications.

  • Corruption Case Sparks Street Clashes and Political Showdown in Albania

    Police in Tirana fired tear gas and water cannons on Friday to disperse protesters who hurled petrol bombs and fireworks toward the office of Prime Minister Edi Rama, as demonstrators demanded the government’s resignation over corruption allegations involving his deputy.

    It’s the fourth time protesters are hitting the streets over what they see as government efforts to shield senior officials from anti-corruption investigations. At the center is a case against Deputy Prime Minister Belinda Balluku who stands accused of interfering in public tenders in favor of certain companies.

    The country’s anti-corruption prosecutor, SPAK, opened a criminal case after indicting Balluku in December on suspicion of “violation of the equality of participants in public tenders or auctions,” tied to a 2021 procurement connected to the Llogara Tunnel project. She has denied wrongdoing, and Mr. Rama has continued to support her.

    Prosecutors have also linked the allegations to a tender for the Tirana Grand Ring Road, saying Balluku, then infrastructure minister, tilted procedures to favor certain companies and “predetermined the winner,” according to details reported by Reuters.

    On Feb. 6, Albania’s Constitutional Court left in place a court-ordered suspension barring Deputy Prime Minister Belinda Balluku from exercising her public functions, after judges split 4–4 on Rama’s request to lift the measure — short of the five votes needed to overturn it. The decision is expected to take effect once published in the Official Gazette.

    Dorian Matlija, a lawyer and head of the rights group Res Publica, told OCCRP the suspension is meant “to protect the integrity of the investigation” and “does not imply guilt,” describing it as a precaution used when prosecutors argue an official could influence evidence or witnesses.

    Parliament is now weighing a separate prosecutorial request to authorize her arrest. A session of the Council of Mandates and Immunities is scheduled for Feb. 23, followed by a full parliamentary vote expected March 5, according to a timeline compiled by local media. 

    Matlija said the debate would hinge on proportionality, noting that if suspension removes the alleged risks, arrest — an “ultima ratio” measure — becomes harder to justify.

    The case has also ignited a dispute over proposed changes to the criminal procedure code that would exempt top officials, including the prime minister and deputy prime minister, from court-ordered suspensions — a move critics say is designed to protect Rama’s allies.

    Afrim Krasniqi, head of the Albanian Institute for Political Studies, said that in a country seeking closer ties with the European Union, senior officials facing charges should step aside, warning that altering rules mid-case would appear to be “a pure abuse of power.”

    Economist Zef Preçi, who leads the Albanian Center for Economic Research, said it is “a proven fact” that large contracts have increasingly gone to businesses widely seen as politically connected, calling major infrastructure procurement one of Albania’s least transparent sectors.

  • ‘Starkiller’ Phishing Service Proxies Real Login Pages, MFA

    ‘Starkiller’ Phishing Service Proxies Real Login Pages, MFA

    Most phishing websites are little more than static copies of login pages for popular online destinations, and they are often quickly taken down by anti-abuse activists and security firms. But a stealthy new phishing-as-a-service offering lets customers sidestep both of these pitfalls: It uses cleverly disguised links to load the target brand’s real website, and then acts as a relay between the target and the legitimate site — forwarding the victim’s username, password and multi-factor authentication (MFA) code to the legitimate site and returning its responses.

    There are countless phishing kits that would-be scammers can use to get started, but successfully wielding them requires some modicum of skill in configuring servers, domain names, certificates, proxy services, and other repetitive tech drudgery. Enter Starkiller, a new phishing service that dynamically loads a live copy of the target login page and records everything the user types, proxying the data to the legitimate site and back to the victim.

    According to an analysis of Starkiller by the security firm Abnormal AI, the service lets customers select a brand to impersonate (e.g., Apple, Facebook, Google, Microsoft et. al.) and generates a deceptive URL that visually mimics the legitimate domain while routing traffic through the attacker’s infrastructure.

    For example, a phishing link targeting Microsoft customers appears as “login.microsoft.com@[malicious/shortened URL here].” The “@” sign in the link trick is an oldie but goodie, because everything before the “@” in a URL is considered username data, and the real landing page is what comes after the “@” sign. Here’s what it looks like in the target’s browser:

    Image: Abnormal AI. The actual malicious landing page is blurred out in this picture, but we can see it ends in .ru. The service also offers the ability to insert links from different URL-shortening services.

    Once Starkiller customers select the URL to be phished, the service spins up a Docker container running a headless Chrome browser instance that loads the real login page, Abnormal found.

    “The container then acts as a man-in-the-middle reverse proxy, forwarding the end user’s inputs to the legitimate site and returning the site’s responses,” Abnormal researchers Callie Baron and Piotr Wojtyla wrote in a blog post on Thursday. “Every keystroke, form submission, and session token passes through attacker-controlled infrastructure and is logged along the way.”

    Starkiller in effect offers cybercriminals real-time session monitoring, allowing them to live-stream the target’s screen as they interact with the phishing page, the researchers said.

    “The platform also includes keylogger capture for every keystroke, cookie and session token theft for direct account takeover, geo-tracking of targets, and automated Telegram alerts when new credentials come in,” they wrote. “Campaign analytics round out the operator experience with visit counts, conversion rates, and performance graphs—the same kind of metrics dashboard a legitimate SaaS [software-as-a-service] platform would offer.”

    Abnormal said the service also deftly intercepts and relays the victim’s MFA credentials, since the recipient who clicks the link is actually authenticating with the real site through a proxy, and any authentication tokens submitted are then forwarded to the legitimate service in real time.

    “The attacker captures the resulting session cookies and tokens, giving them authenticated access to the account,” the researchers wrote. “When attackers relay the entire authentication flow in real time, MFA protections can be effectively neutralized despite functioning exactly as designed.”

    The “URL Masker” feature of the Starkiller phishing service features options for configuring the malicious link. Image: Abnormal.

    Starkiller is just one of several cybercrime services offered by a threat group calling itself Jinkusu, which maintains an active user forum where customers can discuss techniques, request features and troubleshoot deployments. One a-la-carte feature will harvest email addresses and contact information from compromised sessions, and advises the data can be used to build target lists for follow-on phishing campaigns.

    This service strikes me as a remarkable evolution in phishing, and its apparent success is likely to be copied by other enterprising cybercriminals (assuming the service performs as well as it claims). After all, phishing users this way avoids the upfront costs and constant hassles associated with juggling multiple phishing domains, and it throws a wrench in traditional phishing detection methods like domain blocklisting and static page analysis.

    It also massively lowers the barrier to entry for novice cybercriminals, Abnormal researchers observed.

    “Starkiller represents a significant escalation in phishing infrastructure, reflecting a broader trend toward commoditized, enterprise-style cybercrime tooling,” their report concludes. “Combined with URL masking, session hijacking, and MFA bypass, it gives low-skill cybercriminals access to attack capabilities that were previously out of reach.”