Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 524
Alerts This Week
Warning Icon 1 524

Stay Ahead With Linux Security News

Filter%20icon Refine news
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security news

We found 63 articles for you...
209

Business Email Compromise with AI Enhancements and New Defense Strategies

Business Email Compromise used to be a numbers game — mass-blasted emails, broken English, an obvious "URGENT WIRE TRANSFER" subject line. That era is over. Generative AI has turned BEC into a tailored, low-noise operation that mimics writing style, voice, and even video presence. This piece looks at what's actually changed under the hood, what defenders are testing in response, and why so many organizations are still structurally unprepared for it. . The Infrastructure Problem Nobody Wants to Admit Here's an uncomfortable truth: most BEC defenses fail not because the AI is too clever, but because the mail infrastructure behind them is ancient. Legacy MTAs bolted together over a decade, half-configured SPF records, DKIM keys nobody rotated since 2019 — this is fertile ground for attackers who no longer need to guess your CFO's writing style, because a language model can extract it from three publicly available press releases in under a minute. Sysadmins carrying that kind of technical debt aren't fighting AI-generated phishing on equal footing; they're fighting it with one hand tied to a mail server that was never designed for this threat model. Modernizing that stack — replacing brittle, unmonitored legacy pipelines with something observable and policy-driven — has stopped being an IT hygiene task and become a security requirement. A proper software modernization solution addresses exactly this gap, turning fragmented legacy email and identity infrastructure into something that can actually enforce Zero Trust principles instead of just gesturing at them in a compliance document. That's not a hypothetical concern. According to industry incident data, BEC remains one of the costliest categories of cybercrime tracked by the FBI's IC3 division year over year, and the losses keep climbing even as awareness training budgets grow. Something isn't adding up — and the honest answer is that awareness training was built for a threat that has since evolved past it. What Attackers AreActually Testing Right Now Personalized Phishing at Machine Speed Large language models didn't just make phishing emails more grammatically correct. They collapsed the reconnaissance phase from days to minutes. Feed a model a target's LinkedIn history, a few earnings call transcripts, and a handful of public Slack or GitHub posts, and it will draft a message that references internal project codenames, mirrors the CEO's typical sentence rhythm, and lands in an inbox with zero red flags for a spam filter trained on 2021-era phishing patterns. A few technical shifts worth flagging: Style transfer at scale. Attackers fine-tune or prompt open-weight models on scraped email threads (often from prior breaches or public archives) to replicate an executive's tone precisely enough to fool colleagues who've worked with them for years. Multi-turn social engineering. Instead of one-shot emails, attackers now run conversational threads — the model adapts replies in real time, handling objections ("can you confirm this on a call?") with plausible, context-aware pushback. Automated OSINT pipelines. Reconnaissance that used to require a skilled human analyst is now a scripted pipeline chaining search APIs, scraping tools, and an LLM summarizer — cutting attacker prep time from days to under an hour. Voice Cloning and Deepfake Verification Calls This is the part that should genuinely worry anyone running finance operations. Voice cloning tools now need as little as three seconds of clean audio — pulled from a conference recording, a podcast appearance, an earnings call — to produce a convincing synthetic voice. Combine that with a deepfake video call (even a low-resolution one over a "bad connection," which conveniently masks artifacts), and you've defeated the exact verification step most finance teams were told to rely on: "just call them to confirm." Voice authentication as a control is quietly becoming obsolete. Not gone yet, but the trend line is unambiguous, and financeteams that still treat a phone call as a hard confirmation step are working from an outdated threat model. Business Logic Abuse Over Malware One detail that surprises people outside the field: a huge share of modern BEC doesn't involve malware at all. No payload, no exploit, nothing for an EDR agent to catch. It's pure social engineering wrapped around legitimate business processes — invoice changes, payroll redirects, vendor bank detail updates. Mapped against MITRE ATT&CK, this activity sits almost entirely in the Initial Access and Collection tactics, rarely touching Execution or Persistence in any way a traditional security stack is tuned to detect. That's precisely why signature-based and payload-based defenses keep missing it. What Defenders Are Building to Counter It The defensive side isn't standing still, and there's some genuinely interesting engineering happening — though most of it is still maturing from prototype into production reliability. Behavioral and Linguistic Baselining Instead of scanning for malicious links or attachments, newer platforms build a behavioral fingerprint per sender: typical sending hours, sentence length distribution, vocabulary patterns, even punctuation habits. When a message claiming to be from a known executive deviates from that baseline — arriving at 3 a.m., using unusually formal phrasing, requesting an action that's never occurred in that thread's history — it gets flagged for review, regardless of whether it contains any traditionally "malicious" content. AI-Driven Anomaly Detection Across Mail Flows Security teams are increasingly running anomaly detection models across aggregate mail flow data rather than individual messages: sudden changes in reply-to domains, unusual DKIM signature patterns, mismatches between the claimed sending infrastructure and actual delivery path. This is where solid fundamentals still matter enormously — a well-configured DMARC policy with strict alignment, properly rotated DKIM keys, andenforced SPF still catch a meaningful share of spoofing attempts before any AI layer even needs to look at content. For teams building this out on Linux mail infrastructure, the practical groundwork is covered well in Zero Trust for Email: Implementing Advanced Protections on Linux — worth revisiting even if your DMARC rollout already feels "done," because alignment mode and reporting configuration drift over time in ways nobody notices until an audit. Adaptive Filtering That Learns Per Organization Generic, vendor-wide filtering models struggle with BEC precisely because these attacks are so context-specific — there's no universal signature for "email pretending to be your specific CFO." Adaptive filtering approaches train lightweight models on an organization's own historical mail corpus, learning what "normal" actually looks like internally rather than applying a one-size-fits-all threat model. Early deployments show promise here, though false-positive tuning remains the genuine bottleneck; block too aggressively and you're fielding help desk tickets from the actual CFO. A quick summary of where the technical controls stack up: SPF/DKIM/DMARC enforcement — foundational, still catches a real share of spoofing, but useless against compromised legitimate accounts Behavioral baselining — effective against style mimicry, resource-intensive to maintain accurately Voice/video verification protocols — need a second, out-of-band channel (a pre-shared code phrase, a callback to a known number, not one provided in the suspicious message itself) Payload-agnostic anomaly detection — necessary given how much BEC skips malware entirely, but requires mature baseline data to avoid alert fatigue Attachments Still Matter — Just Not the Way They Used To It would be a mistake to assume BEC 2.0 has made malicious attachments irrelevant. Attackers still pair social-engineering pretext with weaponized documents in a meaningful minority of campaigns — usually as asecondary payload once initial trust is established through a convincing AI-generated thread. The detection techniques covered in Enhancing Linux Email Security: Identify Malicious Attachments Effectively remain directly relevant here; sandboxed detonation and macro analysis haven't gone anywhere; they've just become one layer among several rather than the primary defense. Where Server-Level Hardening Fits In None of the AI-era detection tooling matters much if the underlying mail transfer agent itself is exploitable. The disclosure and patch cycle around Exim 4.98 is a good reminder that MTA-level vulnerabilities remain very much alive as an attack surface, and BEC campaigns increasingly chain infrastructure compromise with social engineering — gaining a foothold through an unpatched mail server, then using that legitimate infrastructure to send convincing internal-looking messages that sail past reputation-based filtering entirely. NIST's guidance on email security practices (SP 800-177 and related publications) has aged surprisingly well as a baseline framework, even against threats its authors couldn't have fully anticipated — encrypted transport, authenticated sending domains, and least-privilege access to mail infrastructure are still exactly the right starting points. What's changed isn't the framework; it's the sophistication of what's probing for gaps in it. So What Should Actually Change on the Ground? Not a full teardown of existing security stacks — that's neither realistic nor necessary. But a few shifts in priority are overdue: Treat voice and video confirmation as compromised by default; require a genuinely out-of-band verification step for any financial or credential-related request. Audit DMARC alignment and DKIM key rotation schedules now, not after the next quarterly review — this is cheap to fix, and attackers are actively scanning for the gaps. Shift detection budget toward behavioral and flow-based anomaly detection, since a growing share ofBEC never triggers payload-based defenses at all. Stop treating legacy mail and identity infrastructure as untouchable. Every unpatched, unmonitored legacy component is one more surface a language model can map faster than your team can document it. Is this an arms race? Sure, in the sense that every era of email security has been. But the pace has changed — attacker tooling that took a skilled operator days to build manually is now a weekend project with off-the-shelf models. Defenders who treat that shift as just another line item in next year's budget request are going to keep losing ground. The ones who close the infrastructure gaps now, while also investing in behavior-aware detection, are the ones who'll actually keep pace. . Generative AI is revolutionizing Business Email Compromise, enhancing phishing tactics and challenging your existing defenses.. Business Email Compromise, AI Security, Phishing Attacks, Identity Infrastructure, Cyber Defense Strategies. . Anthony Pell

Calendar%202 Jul 17, 2026 User Avatar Anthony Pell Security Trends
209

OpenSSF & OpenJS Warning: Social Engineering Risks Affecting OSS Security

As the backbone of much of the world's technological infrastructure, the open-source community prides itself on transparency, collaboration, and innovation . However, these strengths can also present vulnerabilities, as seen with the notorious XZ Utils backdoor. . Recently, social engineering attacks targeting open-source projects have emerged as a significant threat. The Open Source Security Foundation (OpenSSF) and OpenJS Foundation have issued alerts highlighting attempts to manipulate project maintainers into granting unauthorized access or introducing malicious code. These incidents underscore the need for heightened awareness and robust defenses among Linux admins, developers, and open-source project maintainers. Let's examine these recent warnings and actionable strategies you can implement to combat this concerning trend. Understanding The Nature of Social Engineering Attacks Social engineering attacks exploit the human element of security, relying on deceit and manipulation rather than technical exploits. Attackers typically pose as legitimate contributors or community members, using friendly and persuasive tactics to build trust over time. The ultimate goal is often to gain maintainer status or convince existing maintainers to accept harmful changes. This method can be particularly effective in open-source environments where collaboration and trust are foundational. Recognizing Suspicious Activity To combat these threats, we must be able to recognize the patterns of social engineering attacks. Persistent, friendly engagement from relatively unknown contributors aiming for high-level access should raise red flags. Additionally, endorsements from unfamiliar accounts or networks can signal coordinated deception efforts. Pay close attention to pull requests (PRs) containing obfuscated code or binaries that lack transparency. Such changes can be vehicles for introducing malicious payloads. Security admins must remain vigilant for deviations from standard build and deploymentpractices that could compromise security. If a contributor creates a false sense of urgency, pushing for expedited reviews or immediate changes, take a step back and scrutinize their motives. Strengthening Authentication and Access Controls Strong authentication methods are one of the best ways to safeguard against attacks. Two-factor or multifactor authentication (MFA) can add another layer of protection, making it much harder for attackers to gain unauthorized access. Password managers provide additional security and ensure passwords are strong, unique, and not reused across services. Administrators should store recovery codes safely offsite to regain control if their accounts become compromised. Ensuring Code Integrity The review and merging of code can be critical points of vulnerability. Enabling branch protections and insisting on signed commits can help maintain the integrity of a codebase. Code reviews are required from a second developer before merging, even for changes proposed by maintainers. This additional step can catch potentially harmful alterations before they’re integrated into the project. It’s also essential to enforce readability requirements for new code. Obfuscated code or binaries hidden within a pull request can introduce significant security risks. By ensuring all changes are human-readable, maintainers can better understand the logic and purpose behind each modification, making it easier to spot malicious intent. Periodic Reviews and Minimal Permissions Administrative practices also play a crucial role in defending against social engineering attacks. Regularly review the list of committers and maintainers to verify their ongoing involvement and legitimate status within a project. Removing inactive or unnecessary accounts can reduce the risk of hijacking dormant accounts. Limiting npm publish rights and other critical permissions to trusted individuals can further minimize risk. Ensuring that only a small, trusted group can make significant changesreduces the number of potential entry points for attackers. This principle of least privilege is a fundamental aspect of a security posture. Establishing and Following Security Policies A clear and comprehensive security policy is a cornerstone of protecting open-source projects. This policy should include protocols for coordinated disclosure, providing a transparent process for reporting and addressing vulnerabilities. By establishing these guidelines, maintainers can ensure that any discovered issues are handled systematically and securely. It's also imperative to align with industry standards for security best practices. Resources like the OpenSSF Guides provide valuable insights and frameworks to help maintainers enhance their security posture. Regularly updating and reviewing these policies ensures they remain relevant and effective in the face of evolving threats. Leveraging External Support No project is an island; the broader open-source community offers resources and support. Foundations like The Linux Foundation and OpenJS Foundation can provide valuable assistance and technical resources. These organizations can offer guidance and security reviews and help coordinate responses to security incidents. Alpha-Omega and Sovereign Tech Fund provide financial and technical support tailored explicitly toward strengthening the security of open-source projects. Participating projects gain access to funding and expertise by joining these programs, significantly boosting their defensive capacities. Fostering Vigilance To guard against social engineering attacks, open-source communities should create an atmosphere of vigilance. Communication channels must remain open between maintainers and contributors while encouraging transparency among contributors. Creating an atmosphere where maintainers and contributors feel comfortable reporting suspicious activities can help detect and mitigate threats early. Training and awareness programs also play a vital role in keepingprojects secure. Informing maintainers and contributors about social engineering attacks, their signature tactics, and how to recognize them can significantly bolster project defenses. Regular security training sessions consider these risks and prepare everyone involved if suspicious activities emerge. Our Final Thoughts on These Warnings Open-source communities' collaborative nature is their greatest strength and weakness, creating opportunities and risks. As social engineering attacks become more sophisticated, Linux security admins must take proactive measures to safeguard their projects against takeover attempts by recognizing suspicious activity, strengthening authentication and access controls , assuring code integrity, and enlisting external support to decrease takeover risk. Through vigilance, transparency, and community collaboration, the integrity and security of open-source projects can be maintained to ensure they continue to flourish and innovate over time. The joint alert from OpenSSF and OpenJS Foundation is an essential reminder that while the collaborative spirit of open-source projects is invaluable, their security must also be protected with robust measures and proactive approaches. By adopting these best practices, Linux security admins can ensure their projects remain safe from current and emerging digital threats. What measures are you taking to secure your open-source projects? Reach out to us @lnxsec and let us know! . Manipulation tactics target community-driven software; implement effective measures to strengthen defenses and resilience.. Open Source Security, Social Engineering Threats, Security Practices, Code Integrity, Community Collaboration. . Brittany Day

Calendar%202 Jan 15, 2025 User Avatar Brittany Day Security Trends
209

Targeted Attacks on Open Source Maintainers Highlight Security Risks

Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently targeting the Linux xz data compression library, XZ Utils . Many believe the attempt to backdoor Linux’s xz data compression library might not be an isolated incident. According to the OpenJS Foundation and Open Source Security Foundation (OpenSSF) , there has been a series of suspicious emails that appear targeted at a popular unnamed JavaScript project that the OpenJS Foundation hosts. . What Targeted Threats Have Been Identified Targeting Open-Source Maintainers? The emails were sent from different names, all with GitHub-associated email addresses, and were constructed around the same theme. The suspected attackers were trying to get themselves added as project maintainers to “address any critical vulnerabilities” but didn’t provide details on these vulnerabilities, which raises suspicion. This approach is similar to how the backdoor was introduced into XZ/liblzma, and as a result, it has been flagged as a potential security danger. Two other popular JS projects also received similar messages, raising more concern that certain groups of attackers are looking to introduce backdoors into open-source projects. Moreover, OpenJS immediately flagged the potential security concerns to cybersecurity and infrastructure security agencies within the United States Department of Homeland Security (DHS). This kind of attack is not new, yet it seems an effective way for attackers to infiltrate an open-source project. Therefore, it is critical to note that project maintainers must be extra vigilant and perform rigorous checks when adding contributors as maintainers. According to the article, this attack method utilizes social engineering techniques and exploits a sense of duty that maintainers feel toward their projects to infiltrate them. What Can Be Done to Combat This Threat? The attack method exploits the maintainers’ sense of socialresponsibility to deceive them. As such, promoting technical expertise and sharing knowledge about emerging threats and attack methods is imperative. Additionally, it is necessary to ensure that open-source projects are well-funded and their maintainers are adequately supported. This would serve as a significant deterrent against potential social engineering attacks. As such, governments and other organizations must allocate resources to help secure the broader open-source ecosystem. Funding for security developers has already had a tremendous effect, for example, the security-focused Alpha-Omega project , which Microsoft, Amazon, and Google support. Germany’s Sovereign Tech Fund aims to support foundations like OpenJS to strengthen infrastructure and security. Our Final Thoughts on This Attack This attack is a clear example of how attackers can infiltrate open-source projects by exploiting users’ trust to introduce backdoors. Consequently, we recommend coordinating efforts from different organizations and collaborating globally within the open-source ecosystem. In essence, this will help ensure that open-source developers are better equipped to identify such threats and mitigate them promptly. Therefore, more resources, a coordinated approach, knowledge sharing, and adequate funding are imperative in raising open-source security levels to protect our interconnected open-source projects and shared digital economies. . Open-source software is vital to tech, yet it's increasingly under attack. Discover insights on motives behind these assaults and ways to secure projects. Open Source Security, Backdoor Attacks, Developer Vigilance, Cyber Threats, Trust Exploitation. . Brittany Day

Calendar%202 Apr 16, 2024 User Avatar Brittany Day Security Trends
74

Exploring Social Engineering: Key Threats and Manipulation Tactics

This small article is a brief overview on social engineering. It talks a bit about the psychology of social engineering, the security threat it imposes and about the methods used for it. Basically, this article is a summary that covers the . . . . This small article is a brief overview on social engineering. It talks a bit about the psychology of social engineering, the security threat it imposes and about the methods used for it. Basically, this article is a summary that covers the important facts (from my point of view) about social engineering. One of the basic laws of information security is that 'Client-Side Security Doesn't Work', or more precisely, as Scott Culp says: "The basic problem with client-side security is that the person sitting physically in front of the client has absolute control over it", and "If a bad guy has unrestricted physical access to your computer, it's not your computer anymore". Social engineering attack uses the fact that the human part of the security is the most essential. Moreover, there is not a single computer system in the world that does not rely on humans. This is why this security weakness is independent of platform, software, network, firewalls, VPNs etc. . Exploring social engineering unveils psychological tactics used to manipulate individuals into security breaches, focusing on trust, emotions, and cognitive biases.. Social Engineering, Security Threat, Psychology Methods. . Anthony Pell

Calendar%202 Jan 13, 2024 User Avatar Anthony Pell Network Security
210

Wireshark Security Alert: Malware Risk From Packet Capture Files

Maliciously constructed Wireshark packet capture files might be used to distribute malware , providing recipients can be tricked into double clicking file URL fields. A CVE has been assigned to the security issue (now resolved through a recent update) due its potential for harm, despite the fact that some social engineering trickery is required. . Variants of the same attack could potentially be thrown against users of the popular network security tool, widely used by security analysts and penetration testers, whether they use Windows or Xubuntu Linux-based systems. The attack, discovered by security researcher Lukas Euler of Positive Security , is explained in a recent post on GitLab that features proof-of-concept videos. Even though developers of Wireshark normally avoid asking for a CVE to be created for potential security issues that require user interaction, an exception was made in this case because of the “low barrier to entry and level of control” an attacker might gain. The issue, tracked as CVE-2021-22191 , was resolved through a recent update. . Alterations of a breach could target individuals employing popular cybersecurity solutions, increasing the dangers of malware propagation.. Network Attack Vectors, Wireshark Security Risks, Malware Distribution. . Brittany Day

Calendar%202 Mar 16, 2021 User Avatar Brittany Day Security Vulnerabilities
209

Understanding Social Engineering: Psychological Tactics to Gain Access

Social engineering is the art of exploiting human psychology, rather than technical hacking techniques, to gain access to buildings, systems or data. Learn how to spot the signs in a great CSO article: . Social engineering is the art of exploiting human psychology, rather than technical hacking techniques, to gain access to buildings, systems or data. For example, instead of trying to find a software vulnerability, a social engineer might call an employee and pose as an IT support person, trying to trick the employee into divulging his password. Famous hacker Kevin Mitnick helped popularize the term 'social engineering' in the '90s, although the idea and many of the techniques have been around as long as there have been scam artists. . Social engineering manipulates human behavior to bypass security and gain unauthorized access. Learn how to defend against these cunning tactics to stay safe. Social Engineering, Human Exploitation, Security Awareness, Cybersecurity Tactics. . Brittany Day

Calendar%202 Sep 25, 2019 User Avatar Brittany Day Security Trends
76

GDPR Exploitation Risks: Identity Theft at Black Hat USA Conference

The GDPR (General Data Protection Regulation) is supposed to help individuals keep their information private, but as it turns out, it could also potentially serve to help attackers as well. . In a session at the Black Hat USA conference in Las Vegas, titled, "GDPArrrrr: Using Privacy Laws to Steal Identities", James Pavur, DPhil student and Rhodes Scholar at Oxford University , outlined how he was able to abuse a key component of the GDPR to get access to personally identifiable information for his fiance. Pavur said that there are multiple exploitable properties of GDPR, that a social engineering attacker could seek to exploit. The first is fear of non-compliance, since GDPR prescribes large fines if there is a violation. The link for this article located at Infosecurity is no longer available. . The GDPR was created to protect personal data in the EU, but studies show that malicious actors exploit it using social engineering for identity theft. GDPR exploitation, identity theft awareness, privacy regulations, social engineering tactics, cybersecurity threats. . Brittany Day

Calendar%202 Aug 09, 2019 User Avatar Brittany Day Organizations/Events
83

Increasing Cybersecurity Needs More Hackers for Effective Defense

Cybersecurity incidents are gaining an increasingly high profile. In the past, these incidents may have been perceived primarily as a somewhat distant issue for organizations such as banks to deal with. But recent attacks such as the 2017 Wannacry incident, in which a cyber attack disabled the IT systems of many organizations including the NHS, demonstrates the real-life consequences that cyber attacks can have. . These attacks are becoming increasingly sophisticated, using psychological manipulation as well as technology. Examples of this include phishing emails, some of which can be extremely convincing and credible. Such phishing emails have led to cybersecurity breaches at even the largest of technology companies, including Facebook and Google. The link for this article located at TheNextWeb is no longer available. . The frequency of cybersecurity breaches is escalating, revealing tangible impacts from assaults fueled by manipulation techniques and deceptive email schemes.. Cybersecurity Attacks, Incident Response Strategies, Cyber Threat Actors. . LinuxSecurity.com Team

Calendar%202 Apr 25, 2019 User Avatar LinuxSecurity.com Team Hacks/Cracks
News Add Esm H340

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200