Washington State’s House Bill 2321 is currently causing a bit of an uproar, as it seeks to add blocking technologies to 3D printers, in order to prevent them from printing “a firearm or illegal firearm parts”, as per the full text. Sponsored by a sizeable number of House members, it’s currently in committee, so the likelihood of it being put to a floor vote in the House is still remote, never mind it passing the Senate. Regardless, it is another chapter in the story of homemade firearms, which increasingly focuses on private 3D printers.
Also called ‘ghost guns‘ in the US, these can be assembled from spare parts, from kits, from home-made components, or a combination of these. While the most important parts of a firearm, like the barrel, have to be made out of something like metal, the rest can feature significant amounts of plastic parts, though the exact amount varies wildly among current 3D-printed weapons.
Since legally the receiver and frame are considered to be ‘firearms’, these are the focus of this proposed bill, which covers both additive and subtractive technology. The proposal is that a special firearms detection algorithm has to give the okay for the design files to be passed on to the machine.
This blocking feature would have to be standard for all machines sold or transferred in the state, with a special ‘preprint authentication’ handshake protocol required. The attorney general is here expected to create and maintain a database of the no longer legal firearm and parts designs for those without a requisite license.
Putting aside for a moment the ridiculousness of implementing such a scanning feature, even if it wouldn’t be child’s play to circumvent, it also barks up the wrong tree. Although in the most recent ruling pertaining to this topic in Bondi v. VanDerStok it was acknowledged that advances in 3D printing have made this worth considering from a legislative context, the main issue with ‘ghost guns’ comes still by far from kits and similar sources.
Based on this, it seems highly unlikely that HB 2321 will be put up for a vote, never mind get signed into law. Although 3D printed designs like the 9 mm x1 9 mm cartridge Urutau bullpup are apparently quite functional, it’s notable that its manufacturing involves many steps, many DIY store parts, and a bolt carrier manufactured from steel bar stock, not to mention a significant time investment. Trying to detect ‘firearm parts’ at any of these steps would seem to be a fool’s errand, even if privacy considerations were not an issue.
Recently, [Vinnie] aka [vinthewrench] moved from Oregon to Arkansas to start a farmstead. This is a style of farming that focuses not just on a profitable farm where produce is sold at market, but also on a homestead where much of one’s own food is grown on the farm as well. Like any farm, though, it’s extremely hard work that takes a tremendous amount of time. Automation and other technology can make a huge impact in these situations, and [Vinnie] is rolling out his own software stack to help with this on his farm.
He calls his project the Pi Internet of Things, or PioT, and as its name suggests is based around the Raspberry Pi. Since this will all be outdoors and exposed to the extremes of Arkansas weather, everything built under the auspices of this project prioritizes ruggedness, stability, and long-term support, all while avoiding any cloud service. The system also focuses on being able to ride through power outages. The server side, called piotserver, uses a REST API to give the user access to the automation systems through a web interface
[Vinnie] also goes into detail about why existing systems like Home Assistant and Open Sprinkler wouldn’t work in his situation, and why a ground-up solution like this is more appropriate for his farm. This post is largely an overview of his system, but some of his other posts go into more detail about things like integrating temperature sensors, rainfall monitoring, controlling irrigation systems, and plenty of other farm automation tasks that are useful for any farmer or gardener.
An artist’s conception shows a spacecraft with robotic arms preparing to grapple the Hubble Space Telescope. (Orbital Robotics Illustration)
A space startup founded by veterans of Jeff Bezos’ Blue Origin space venture is recruiting partners in its quest to build robotic arms powered by artificial intelligence.
Founded in late 2024, Puyallup, Wash.-based Orbital Robotics is still in its infancy — but it has already raised about $310,000 in funding. Orbital Robotics CEO Aaron Borger told GeekWire that the company is working with a stealthy space venture on an orbital rendezvous project for the U.S. Space Force, with a series of missions scheduled in the next year and a half.
And that’s just the start: Borger and his teammates are trying to get traction for a plan that could give NASA’s aging Hubble Space Telescope a much-needed boost.
“We worked to get to the right people to talk to, both on the servicing side and on the mission side, and we’re in conversations now on how we could work together on a collaborative mission,” said Doug Kohl, Orbital Robotics’ chief operating officer.
Members of the Orbital Robotics team — chief operating officer Doug Kohl, CEO Aaron Borger, engineer Sohil Pokharna and adviser Chris Sembroski — pose for a holiday portrait at last month’s GeekWire Gala. (Orbital Robotics via LinkedIn)
Orbital Robotics aims to focus on a key challenge looming for the next stage of the new space age: how to build spacecraft that can interact with other orbiting objects safely.
That’s not as easy as it may sound, especially when you’re trying to manipulate objects in space while obeying Newton’s Third Law of Motion. When a robotic arm on a free-flying spacecraft moves around, the spacecraft itself reacts with an equal and opposite motion. The arm has to compensate for those movements as it reaches out to grab its target.
“That is exactly one of the hardest parts about putting robotic arms on spacecraft,” Borger said. “When you move the arm, your spacecraft is going to move as well.”
To address the challenge, Orbital Robotics is developing a suite of AI-based software tools designed to track targets in space, plan out orbital maneuvers and interact with other spacecraft. It’s also laying the groundwork for robotic arms and spacecraft that make use of its technology. “A lot of NASA engineers will say you can’t use AI because you can’t really predict what it’s going to do, but with our method, we can,” Borger said.
Orbital Robotics’ prototype robotic arm, known as ORA-T1, has seven degrees of freedom. (Orbital Robotics Photo)
Earlier in their careers, Borger and Mark were involved in efforts to put small AI-controlled robotic arms through suborbital testing. Now Orbital Robotics has built a larger prototype arm with seven degrees of freedom. For the next few months, the company will be putting that hardware through its paces in its lab.
“Those smaller arms were designed to catch, like, a ball or a cube. We had a small 3D-printed wrench that we were focused on,” Borger said. “This one is more focused on how you dock with space debris, for example.”
The ability to inspect or link up with objects in space has obvious implications for national security in space, which is why the Pentagon is so interested in the technology. Borger declined to discuss that side of Orbital Robotics’ business plan, but he noted that there are commercial applications as well.
“Now that there’s the ability to put so much mass up there, it’s come to the point where, OK, you have all this stuff up there. How do you actually continue to use it, rather than just letting it come down or die up there?” he said. “If you want to refuel something, if you want to repair something, the first step is, how do you capture it? That’s what we’re really focused on right now. … Then we can start focusing on using our robotic arms to manipulate things, start refilling it, repairing it, all sorts of stuff.”
Orbital Robotics recently tested its tracking software using video footage that was captured during an earlier suborbital test mission. Now the team is collaborating with a stealth partner on a series of space missions. The first mission would test Orbital Robotics’ flight software. Later missions would test the company’s robotic arm and demonstrate its ability to capture a spacecraft in orbit. Borger said it would be premature to disclose the partner’s identity, but he mentioned a 2026-2027 time frame for the missions.
There’s a growing interest in orbital rendezvous, proximity operations and capture, or RPOC for short — and Orbital Robotics isn’t the only space company targeting that market. Starfish Space and Portal Space Systems are among other Seattle-area ventures on the RPOC frontier.
Borger said he prefers to think of such companies as potential partners rather than rivals.
“I think they could use our arms,” he said. “They could use some of our software.” The company has already announced partnerships with Redmond, Wash.-based Starcloud and Texas-based Space Ocean.
Orbital Robotics is also recruiting partners for an effort to save the 35-year-old Hubble Space Telescope from a fiery, mission-ending descent. Kohl said he and his collaborators are working on a white paper about the project that would be reviewed by NASA experts as well as astronauts who participated in previous Hubble servicing missions.
Orbital Robotics has drawn up a concept for a spacecraft equipped with robotic arms that could attach itself to the Hubble Space Telescope and boost it to a higher, more stable orbit. (Orbital Robotics Illustration)
The plan calls for building a robotic spacecraft that could attach itself to the telescope, install a star tracker package on its exterior, boost Hubble to a more stable orbit, and then undock.
“Jared is as interested in Hubble as we are, and so we’re hoping to take an unsolicited proposal to him with the white paper on helping to recover Hubble,” he said.
The clock is ticking: Last week, a team of scientists reported that Hubble could fall to its doom in as little as three or four years, due to increased atmospheric drag caused by heightened solar activity. “Even though it would come in around 2030, we actually need to save it before that,” Borger said. “The longer you wait, the more difficult it is.”
Meanwhile, the clock is ticking for Orbital Robotics as well. Borger acknowledged that it’s going to take more funding to fuel the venture’s grand ambitions. “We’re OK with where we’re at on funding for now, and then we’ll go for a much larger round in a couple of months,” he said.
Correction: Orbital Robotics has raised a total of $310,000 to date, including $110,000 from a friends-and-family funding round that was completed in November. An earlier version of this report didn’t reflect earlier investments.
SteamOS's slow march across the Windows-dominated PC gaming landscape is continuing to creep along. At CES this week, Lenovo announced it will launch a version of last year's high-priced, high-powered Legion Go 2 handheld with Valve's gaming-focused, Linux-based OS pre-installed starting in June. And there are some intriguing signs from Valve that SteamOS could come to non-AMD devices in the not-too-distant future as well.
Valve has also been working behind the scenes to expand SteamOS's footprint beyond its own hardware. After rolling out the SteamOS Compatible software label last May, SteamOS version 3.7 offered support for manual installation on AMD-powered handhelds like the ROG Ally and the original Legion Go.
Ørsted is seeking a court injunction against the Trump administration’s decision to suspend its work on a major wind farm project off the US northeast coast.
In the latest salvo between the US government and the offshore wind industry, the Danish company filed a legal challenge against the suspension in the US District Court for the District of Columbia on Thursday.
In a statement, Ørsted—the world’s largest offshore wind developer that is 50 percent owned by the Danish state—and its joint venture partner Skyborn Renewables, a unit of BlackRock’s Global Infrastructure Partners, said the US government’s order to suspend the lease on its Revolution Wind project was a violation of applicable law.
The first version of the AdaptixC2 post-exploitation framework, which can be considered an alternative to the well-known Cobalt Strike, was made publicly available in early 2025. In spring of 2025, the framework was first observed being used for malicious means.
In October 2025, Kaspersky experts found that the npm ecosystem contained a malicious package with a fairly convincing name: https-proxy-utils. It was posing as a utility for using proxies within projects. At the time of this post, the package had already been taken down.
The name of the package closely resembles popular legitimate packages: http-proxy-agent, which has approximately 70 million weekly downloads, and https-proxy-agent with 90 million downloads respectively. Furthermore, the advertised proxy-related functionality was cloned from another popular legitimate package proxy-from-env, which boasts 50 million weekly downloads. However, the threat actor injected a post-install script into https-proxy-utils, which downloads and executes a payload containing the AdaptixC2 agent.
Metadata for the malicious (left) and legitimate (right) packages
OS-specific adaptation
The script includes various payload delivery methods for different operating systems. The package includes loading mechanisms for Windows, Linux, and macOS. In each OS, it uses specific techniques involving system or user directories to load and launch the implant.
In Windows, the AdaptixC2 agent is dropped as a DLL file into the system directory C:\Windows\Tasks. It is then executed via DLL sideloading. The JS script copies the legitimate msdtc.exe file to the same directory and executes it, thus loading the malicious DLL.
Deobfuscated Windows-specific code for loading AdaptixC2
In macOS, the script downloads the payload as an executable file into the user’s autorun directory: Library/LaunchAgents. The postinstall.js script also drops a plist autorun configuration file into this directory. Before downloading AdaptixC2, the script checks the target architecture (x64 or ARM) and fetches the appropriate payload variant.
Deobfuscated macOS-specific code for loading AdaptixC2
In Linux, the framework’s agent is downloaded into the temporary directory /tmp/.fonts-unix. The script delivers a binary file tailored to the specific architecture (x64 or ARM) and then assigns it execute permissions.
Deobfuscated Linux-specific code for loading AdaptixC2
Once the AdaptixC2 framework agent is deployed on the victim’s device, the attacker gains capabilities for remote access, command execution, file and process management, and various methods for achieving persistence. This both allows the attacker to maintain consistent access and enables them to conduct network reconnaissance and deploy subsequent stages of the attack.
Conclusion
This is not the first attack targeting the npm registry in recent memory. A month ago, similar infection methods utilizing a post-install script were employed in the high-profile incident involving the Shai-Hulud worm, which infected more than 500 packages. The AdaptixC2 incident clearly demonstrates the growing trend of abusing open-source software ecosystems, like npm, as an attack vector. Threat actors are increasingly exploiting the trusted open-source supply chain to distribute post-exploitation framework agents and other forms of malware. Users and organizations involved in development or using open-source software from ecosystems like npm in their products are susceptible to this threat type.
To stay safe, be vigilant when installing open-source modules: verify the exact name of the package you are downloading, and more thoroughly vet unpopular and new repositories. When using popular modules, it is critical to monitor frequently updated feeds on compromised packages and libraries.
Barneys Farm Genetics Keep Growing at The Vault — Win a Free 10-Pack!
Big news for collectors and connoisseurs: our Barneys Farm catalogue just got even bigger. We’ve added a fresh wave of genetics, mixing brand-new drops with favourite strains now available through The Vault. To celebrate, we’re also giving you the chance to win a 10-pack of seeds completely free — plus, there are new free seed options with every qualifying order.
Fresh Additions to The Vault
This isn’t just about new releases — it’s about expanding the choice. Whether you’re on the hunt for the latest autoflowering creations or looking to revisit some tried-and-true classics, here’s what’s now on offer:
Frosted Zinn × 3 Bears OG Auto
– A frosty, resin-soaked autoflowering hybrid with a 70–75 day seed-to-harvest time. Compact and easy to manage, yet capable of producing dense buds dripping with trichomes. Expect earthy, spicy, and tropical flavours with THC levels up to 24%.
Frosted Zinn × Cookie Dog Auto
– A dessert-inspired auto that combines sweet, cookie-style terpenes with the frosty genetics of Zinn. Balanced effects make it perfect for those who want both mood-lift and relaxation, with a fast turnaround and sticky, aromatic buds.
Thin Mint × Sour Pinot Auto Feminised
– A flavourful auto boasting sweet minty notes cut with sour, tangy undertones. Delivers impressive resin coverage and reliable yields in under 11 weeks from seed.
Garlic Cookies Feminised
– A heavy-hitting cross sometimes known as “GMO.” This pungent strain serves up savoury, garlicky funk with a skunky punch. High THC and long-lasting effects make it a connoisseur’s favourite.
Gary Payton Feminised
– Named after the NBA legend, this powerhouse is a modern staple. Expect sky-high potency, creamy sweet-gas aromas, and dense buds loaded with trichomes. One of the hottest strains in recent years.
GMO Cookies Feminised
– Another big hitter in the Cookies family, GMO delivers bold diesel-fuel flavours and funky undertones with knockout potency.
Purple Punch × Lemon Drizzle Feminised
– A colourful hybrid that marries the dessert-sweet notes of Purple Punch with zesty lemon-citrus terps. A treat for terpene lovers looking for both flavour and eye-catching bag appeal.
Sour Diesel Feminised
– One of the most legendary strains of all time. Known for its sharp, fuel-heavy aroma and energising, uplifting high, Sour D is a must-have classic for any serious collector.
Tropicana Cherry Feminised
– Bright, candy-like cherry terps dominate this strain, making it as tasty as it is potent. Its uplifting, euphoric effects make it perfect for daytime enjoyment.
New Free Seed Options & Win a Free 10-Pack
We’ve refreshed our free seed lineup, giving you more choice with every order. Even better, you could WIN a 10-pack of one of these very strains, absolutely free:
Bubblegum Gelato Feminised
– A sweet, fruity hybrid with bubblegum notes layered over creamy dessert terps. Known for dense buds, uplifting highs, and colourful bag appeal.
Glookies Feminised
– A cross of Gorilla Glue and Thin Mint Girl Scout Cookies, bringing sticky resin, rich earthy flavours, and seriously potent effects. A strain made for those who want both flavour and punch.
Blue Gelato 41 Feminised
– A decadent mix of Blueberry and Gelato genetics, producing vibrant, fruity aromas with strong euphoric highs. A consistent best-seller thanks to its incredible terp profile.
Jealousy Feminised
– One of the most talked-about modern strains. Expect sweet, creamy terpenes, heavy potency, and dense, resinous buds. An instant classic in the making.
Gorilla Glue Auto Feminised
– A fast-finishing auto version of the famous Gorilla Glue. Delivers sticky, resin-heavy buds with strong pine and earthy flavours in a quick 70–75 days from seed.
Every order brings extra value, with top strains included as free bonuses.
Final Word
Some strains are brand new, some are classics making a welcome return, but together they make one of the strongest Barneys Farm lineups we’ve seen yet. Combine that with extra freebies and a 10-pack giveaway, and it’s the perfect time to top up your collection.
So — what’s caught your eye this time? 🍪🍒🍋
How to enter:
Leave a comment on this blog telling us which strain excites you the most.
(Optional) Share your pick on social media to spread the love.
GIVEAWAY TERMS – PLEASE READ
1. The giveaway is live until Thursday the 30th of October with the winner announced same / next day
2. Entries are verified first so your entry may not show up for 24-48 hours
3. The winners will be updated on this blog post on the closing date
4. Lost or unclaimed Prizes can’t be resent
5. We will share the news on our social media pages.
6. The winners of the blog prizes will also be emailed / messaged directly and your details will remain discreet. We will only publish your name / alias as it is on the blog that is supplied with the entry
7. The prize must be claimed within 28 days or it will be put into the pot for a future promo
8. The results are final
9. Only 1 win per person, per promo.
10. Anyone using multiple accounts will be banned from future promos.
All winners will be selected by RNG
Winner Update 30th Oct – Chris Satchwell
Congrats buddy I will email you via the email you used to comment with to arrange delivery of your prize!
Newsletter Sign Up
Make sure you never miss another Vault promo – sign up for our newsletter!
Legal Disclaimer: The competition winners will have their prizes sent to them via recorded delivery. Please, double-check you’re giving us your full address correctly. If you win the competition but don’t receive your prize, we cannot resend competition prizes, so you’ll have to raise this with your local delivery service (In the UK, for example, this would be Royal Mail).
Remember: It is illegal to germinate cannabis seeds in many countries including the UK. It is our duty to inform you of this fact and to urge you to obey all of your local laws to the letter. The Vault only ever sells or sends out seeds for souvenir, collection or novelty purposes.
The Digital Fortress: How APIs Are Reshaping Cybersecurity in the Age of AI Cybersecurity isn’t just about protecting networks. It’s about understanding the intricate digital highways that connect our most...
Driving through the quiet, endless beauty of the Nevada desert, I let the raspy voice of Jim Morrison carry me forward. “The End” played as the final song before I...
Login
