RSnake Report 20250705

Hello, and thanks for reading! I hope you have all your fingers intact after the 4th of July - knowing some of my readers, that’s not hyperbole. You know who you are. There has been a lot of flooding in Texas, if you weren’t aware of it, and our thoughts go out to the families who lost their lives. People have a strange conception of what Texas is like. As the old adage goes, if you don’t like the weather in Texas, wait 5 minutes. One minute, blue skies, and the next, a microburst hits that takes out trees, and in this case, the rain caused around two dozen dead and another two dozen missing children. One woman I spoke with hours ago said one of her old camp counselors lost their life. Tragic. 😢 

In Russia/Ukraine news, Russia unleashed two of what might have been one of the biggest missile and drone barrages on Ukraine's capital to date, lasting 3.5 hours following another that was 7 hours. Just a day after the US decided to freeze shipments of air defense munitions, Russia launched a massive combined drone and missile attack, hitting numerous sites across Kyiv, including civilian and residential buildings.

The scale of this attack, with over 450 Shahed drones, Kh-101/Kh-55 cruise missiles, 3M14 Kalibr cruise missiles, Kh-47M2 Kinzhal hypersonic aeroballistic missiles, and 9M723 Iskander-M/KN-23 ballistic missiles, suggests that Russia is attempting to raise a larger point of discussion in their peace deal. They aren’t going to settle for less than what will allow Putin to look like he accomplished something great for the million casualties he’s suffered thus far. The missiles and drones were launched from ships, land, submarines, and bomber aircraft.

Meanwhile, Ukrainian forces have been getting creative with their arsenal, dropping standard artillery shells from drones. This allows for excellent precision but also eliminates the issue of barrel wear, a game-changer in modern warfare. It's like turning a simple artillery shell into a smart bomb without the need for expensive and disposable guidance systems. With similar range but unmatched precision and the same devastation, I think this is the future of artillery units.

Meanwhile, Ukraine's Main Intelligence Directorate has been busy with Operation "Dronocide," successfully striking over 42 enemy positions of Russian UAV operators in the Zaporizhzhia region within a month. They really want to focus on drone operators because they represent the largest risk to the front-line troops.

Speaking of drones, Russian forces have, apparently, devised a new low-tech method to take down Ukrainian Mavics using a rope attached to their drones, equipped with magnets and nuts. This makes a pretty good case for lightweight cages to enclose and protect the blades. This would also help with drone netting to avoid accidentally getting tangled up in the nets.

Ukrainian attack drones penetrated over 1,300 km of Russian airspace to strike the Izhevsk Electromechanical Plant, a major UAV and missile manufacturer. The footage of a Ukrainian AN-196 Liutyi slamming into the plant's administration building is interesting, but I am more impressed with the range they’re hitting with these drones. Most of Russia is in the range of Ukraine now, so they need to switch manufacturing to far from the border and ship it in if they want to protect that infrastructure.

Case in point was a massive explosion in Donetsk Oblast where a Russian ammunition depot was obliterated by Ukrainian missiles. The video was passed around within the Russian forces, trying to claim it was a nuclear strike to spin up a stronger response from the Russians. Obviously, that was incorrect, but it’s not clear if this kind of thing gets revisited by propagandists or whether a lot of Russians really believe they just got nuked at an ammo dump.

Sanctions are starting to bite, with Western cassette bearings for Russian rail trains becoming a major issue. The lack of these bearings could lead to a high risk of derailments, potentially crippling Russia's logistics and supply chains. Already 300 thousand disused railway wagons are sitting idle, congesting the network. That’s a lot of garbage on the tracks, and it has the effect of causing even greater outages as the trains sit and rot, waiting for the tracks to clear. That means Russia will have an increasingly difficult time manufacturing in distant regions and shipping the products to the front.

Five Russian shadow oil tankers were hit with limpet mines. They all visited ports weeks before the blasts, so they also could have been tracked and hit using subs later or attached in the ports of call while they were being loaded. Apparently, the mines detonated in such a way that they were incapacitated and there was fire aboard, but no oil was spilled.

Ukraine's autonomous interceptor UAVs have been busy, downing over 100 Russian Shahid drones. These once-experimental systems are now operational and scaling across all branches of Ukraine's military. The part that really needs to be underlined here is that they were autonomous. That is, they had no direct input from the ground, meaning they can’t be jammed or detected, necessarily. I recall when I was told it was an awful idea that drones would be given authority to kill, and yet, here we are. It’s a drone-on-drone conflict for the moment, but that’s just an artifact of the fact that drones are cheaper than similar human-manned craft like the helicopter.

Finally, the emergence of uncrewed drone carriers threatens anything near the coast. So imagine a boat that sits there, in wait, quietly awaiting orders, or maybe passively allowing the water to push it into a certain direction, and when it finally launches a drone at the coastline, it does so with virtually no warning. This will be a big deal for Crimea.

In European news the, FSB agents disguised as journalists were arrested during a raid on the Sputnik office in Baku. These Russian propagandists had ignored an official order to cease operations and continued to show up at the office as if nothing had happened, despite the outlet being officially shut down on February 24th. The raid comes amid a sharp deterioration in Russia-Azerbaijan relations, with tensions flaring after the detention of several Azerbaijani nationals in Yekaterinburg, during which two people died. Azerbaijan's Foreign Ministry summoned the Russian ambassador, and cultural events linked to Russia were canceled across the country.

In South East Asia news, Chinese drone maker DJI has introduced a heavy coaxial quadcopter capable of lifting 80 kg (around 176 lbs). In comparison, the Ukrainian "Vampire" hexacopter can only lift 15 kg, making DJI's new drone a heavyweight and probably quite capable of dropping larger bomb loads or even delivering equipment. It comes with 62-inch blades, a 30-meter winch line, millimeter wave radar, and machine learning guidance. I am slightly surprised they didn’t up this lift capability to more like 113kg, which would enable them to lift most troops who sustained injuries or deliver them to distant locations quickly. I suspect that is coming, though. The ability to rapidly deliver troops behind enemy lines has a lot of utility. Either way, expect to see this DJI in Russian hands soon.

In Middle East news, the Grand Ayatollah Naser Makarem Shirazi of Iran has issued a fatwa calling for the assassination of U.S. President Donald J. Trump and Israeli Prime Minister Benjamin Netanyahu, referring to them as "Enemies of God." This legal ruling in Islam is not just a statement but a call to action, and it's clear that Iran is not backing down from its stance against the U.S. and Israel.

Meanwhile, revolutionaries in Tehran have been seen torching banners of high-ranking IRGC commanders eliminated by Israel, a clear sign of growing dissent within Iran. While this is all a low rumble, things like this can flip quickly, and I wouldn’t be surprised if Iran was relatively peaceful one day and the people rose up and took control the next, so I’ll be watching it closely. Either way, threatening the US while they push towards peace treaties is a strange opening move, given how poorly they performed in the most recent conflict. Case in point was this video I saw of an Israeli air strike a couple weeks back. The Iranian skies were all but completely undefended.

Meanwhile, there's a growing suspicion that the person(s) behind the Iran Military commentary account on X might be grifters running multiple accounts due to the fact that they accidentally posted a Billie Eilish fan photo. In the age of social media, it's hard to know who to trust and what to believe. But I think it’s safe to say that this is run by a social media company or group that is in charge of a variety of things, including military and pop culture, apparently.

In a surprising turn of events, U.S. President Trump announced that Israel has agreed to a 60-day Gaza ceasefire deal. It's a glimmer of hope in a region that has seen nothing but conflict for years, but the question remains whether this ceasefire will hold. Who knows if this will hold, and I suspect it likely wont, but it does nicely put people who are constantly decrying this war in their place. Because, no matter how many times Israel offers peace or agrees to it, Hamas will break it.

Adding to the chaos, fireworks were seen in the sky over Hezbollah-controlled Lebanon when 3,000 rockets were destroyed in an Israeli attack. It’s clear that Hezbollah is beaten but not defeated, though this does help.

Speaking of 3,000 missiles in North America news, the USAF is putting serious money behind the low-cost modular open architecture cruise missile efforts, with FY26 funding supporting over $600 million in procurement funds for more than 3,000 missiles. The RFI to industry was clear: the U.S. wants a capacity to deliver 1,000 ERAM/FAMM class missiles within 24 months of order, meaning multiple vendors will make it into production. Companies like Zone 5, Anduril, Coaspire, Leidos, Lockheed Martin, and General Atomics have already demonstrated weapons in this class, so we’ll see a variety of payloads and avionics, I’m guessing.

Some of the biggest news of the week was that President Trump signed the "One Big Beautiful Bill" into law, which he claims will be a game-changer. I was not a fan of more spending, but here is the steel man argument I’ve heard about why it’s not as bad as it sounds. This should raise the deficit by $3.2T, approximately, but spread out over 10 years, which is bad. The last fiscal year budget was $1.5T, approximately. So if you take the $3.2T and divide it by 10 years, it’s $320B annually.

Okay, but that’s still pretty bad, you might be thinking. Yes, but $320B is about 1/5th of the current spend. Said another way, last year we were spending 500% more than we will be spending. Also, if you increase GDP through tariffs and more domestic production, you can counteract the $320B and get to a more balanced budget. It’s GDP/Deficit, so if the GDP rises, you get a > one result, which means you’re taking in more than you’re spending. There’s a lot of question marks in here, but there is a strong chance this isn’t as bad as it appeared at first blush. Time will tell! Here’s the actual text if you want to read it for yourself.

President Trump slammed Elon Musk and threatened to cut government subsidies to his companies, which did at least partially happen in the O-BBB. At least Musk wasn’t fighting back this time with Jeffrey Epstein's comments, but he did threaten to pay for alternative campaigns to whoever voted for the O-BBB. Trump's "One Big Beautiful Bill" will end the $7,500 EV credit for new vehicles and the $4,000 used EV credit by September 30, 2025. We shall see if he follows through with that threat during the midterms.

Texas Governor Abbott signed a law making gold and silver legal tender in 'day-to-day' financial transactions. I doubt you’re going to see a lot of people carrying gold around day to day, but I am curious what it means for fiat currency in Texas if anything at all. One nice thing is that these metals are untraceable.

An active shooter situation unfolded in Idaho, with firefighters ambushed while responding to a brush fire. At least two people are dead, with the FBI and U.S. Marshals on the scene, and the shooter, Wes Roley, was found dead on the scene. The Idaho shooter appears to be a brony (a boy who likes my little pony, for those who are confused by that term) and a furry (dresses like an animal in a furry costume), and included bizarre hashtags in his videos like “isellorgans” and “isellorgansontheblackmarket”. Lovely. Clearly, this person was extremely mentally ill.

In a move that could have far-reaching implications, the Pentagon has halted shipments of some air defense missiles and other precision munitions to Ukraine due to worries that U.S. weapons stockpiles have fallen too low. It's a reminder that even in the heart of America, the decisions made can have a ripple effect across the globe. In related news, 155mm shell production has fallen to 40,000 per month, a decrease from the 50,000 per month reported last year. The new shell body production facility in Mesquite, TX, is behind schedule, and the Army has formally notified General Dynamics Ordnance and Tactical Systems that their management of the facility is being reviewed for breach of contract. Just when we are talking about stockpiles being low, true or not, this isn’t great. Either it’s true, and we’re falling behind on our resupply, or it’s not, and we are falling behind on our stockpiling.

The Trump administration has struck a deal with UPenn, forcing the school to strip Lia Thomas of his records, titles, and other recognitions won while competing on the women's sports team. UPenn is required to start treating athletes as Title IX describes them using the biological definition of man and woman.

In Tech news, a Mexican drug cartel hired a hacker to surveil the movements of a senior FBI official in Mexico City in 2018 or earlier, gathering information from the city's camera system that allowed the cartel to kill potential FBI informants. Just shows how this digital exhaust can be siphoned up and used for all kinds of nefarious uses.

Cloudflare has dropped a beta for "Pay-per-crawl," a way for websites to monetize bot traffic by charging crawlers for access. It's like turning a nuisance into a revenue stream. But my personal opinion on this is that it will work the same way as blocking robots entirely. Most robots won’t know what to do with this status code because they have never encountered it before, and therefore, anyone who implements it will just not be seen in the LLMs and, therefore, have decreasing relevance. Doesn’t sound so great to me.

In a concerning development, a new vulnerability has been discovered in sudo, allowing users to escalate privileges without even being in the sudo group. The --host option in sudo has been broken since 2013, allowing users to trick the system into accepting remote rules on the local system and get root access.

In a rather terrifying scenario, some AI code deleted an app because it got moody and wanted to set itself free. Even if it does it for non-moody reasons, this shows how desperately we need guardrails and protections from LLMs that run rampant. Backups are just one of the controls that we’ll need.

In Economic news, home sellers now outnumber buyers by almost 500,000, the largest gap ever recorded. That makes it a buyers’ market like none other, or if not yet, it will be soon enough. Also, if you look at that red line, it looks pretty steady, which means it could get worse… maybe much worse.

Okay, onto the articles!

Russian internet service providers have started throttling access to websites and services protected by Cloudflare, affecting users in the country and other Western nations.

• Russian ISPs are employing multiple throttling and blocking mechanisms against Cloudflare, including packet injection and packet blocking, which cause timeouts.

• The throttling is outside of Cloudflare's control, and there are no effective workarounds or mitigations to address the access problems it causes.

[RSnake: That means millions of sites are de facto broken for Russians. Many of the social media sites, for instance, and retail sites that they rely on, will not be accessible. This is another example of how Internet balkanization is increasingly likely.]

Source: https://www.bleepingcomputer.com/news/technology/russias-throttling-of-cloudflare-makes-sites-inaccessible/

Iran's response to recent U.S. military strikes is likely to solidify its nuclear ambitions rather than diminish them, with evidence suggesting only a temporary setback to its nuclear program. The Iranian leadership, facing external pressure and internal challenges, may perceive nuclear capabilities as essential for regime survival and regional influence.

• U.S. strikes may have inadvertently strengthened Iran's nuclear resolve.

• Iran's leadership is faced with critical decisions regarding its nuclear program amidst regional instability.

[RSnake: Two years. We likely bought two years, based on various reporting I have seen. That said, it is clearly within our wheelhouse to re-do that same conflict with similar outcomes.]

Source: https://www.realcleardefense.com/articles/2025/06/27/uss_iran_strike_may_have_strengthened_tehrans_nuclear_resolve_1119244.html

The US military is planning to deter China from invading Taiwan through a comprehensive joint force effort that includes threats against China's economy and use of force in all domains.

• The US military is planning a comprehensive joint force effort to deter China from invading Taiwan.

• The strategy would involve using US attack submarines, hypersonic anti-ship missiles, persistent overhead reconnaissance, and anti-access/area denial to vital Chinese shipping lanes and ports.

[RSnake: That will certainly make them think twice, but we have to understand that the CCP is fully prepared to lose a billion people in this conflict. It means virtually nothing to their leaders.]

Source: https://www.realcleardefense.com/articles/2025/06/27/in_deterring_china_peace_through_strength_cannot_be_just_a_catch_phrase_1119231.html

President Trump acknowledged approving Iran's attack on the Al Udeid Air Base in Qatar, which was subsequently defended by U.S. troops. This situation arose following U.S. strikes on Iranian nuclear sites. Reports indicate differing perspectives on the impact of these strikes on Iran's nuclear capabilities.

• Iran executed a missile attack on a U.S. military base in Qatar after receiving permission from President Trump.

• The U.S. military successfully defended against the missile strike, but concerns about troop safety and military readiness have been raised.

[RSnake: It allowed them to save face, so why not, especially knowing it would have no effect at all.]

Source: https://www.military.com/daily-news/2025/06/27/trump-said-he-okd-irans-plan-strike-al-udeid-his-top-military-adviser-said-troops-there-fended-off.html

There are ongoing casualties among Palestinians in Gaza, particularly near aid distribution sites managed by the Gaza Humanitarian Foundation, amid an Israeli military campaign following a recent attack by Hamas. The UN has expressed safety concerns regarding the aid operations, while the head of the GHF disputes claims linking deaths to the aid distribution activities. The conflict has resulted in significant loss of life, with over 56,000 reported deaths in Gaza since early October.

• Palestinians face ongoing fatalities while attempting to receive humanitarian aid in Gaza.

• The Israeli military's actions and the management of aid distribution are subjects of controversy and investigation.

[RSnake: These are very difficult areas to protect, so it’s not surprising that there is conflict there. Hamas has very little interest in allowing aid to flow.]

Source: https://www.bbc.com/news/articles/c20rz63g1zko

Leaders will convene in Seville, Spain, to address global inequality and the financing challenges hindering development, particularly in Africa. A significant gap in financing, estimated at $1.3 trillion annually for the continent, exacerbates socio-economic disparities and undermines progress toward the 2030 Sustainable Development Goals (SDGs). If global leaders do not adopt a new approach to development and finance, systemic inequalities will persist, limiting opportunities for future generations.

• Global leaders meet to discuss addressing systemic inequality and financing challenges.

• The financing gap for achieving SDGs, particularly in Africa, is around $1.3 trillion annually.

• Current geopolitical tensions and financial constraints are undermining development and economic growth.

[RSnake: Financing doesn’t seem to have the impact that we think it will. It’s one thing to build buildings, but to hand cash over seems like a fast path to corruption.]

Source: https://www.atlanticcouncil.org/?p=856637

Artificial intelligence is having a measurable impact on elections across at least 50 countries, including the generation of fake content that has influenced voter perceptions and election outcomes. There are significant concerns that this technology is amplifying social divisions and undermining electoral integrity, as evidenced by manipulated videos and fabricated social media posts tied to geopolitical actors like Russia. The use of such advanced technologies is expected to continue evolving, prompting challenges for democratic processes globally.

• AI-generated content has been used to create fake images and manipulate videos related to political candidates.

• Countries such as Romania, Poland, and others are experiencing significant disruptions to their electoral integrity due to AI-driven disinformation.

[RSnake: And it will get worse. Much, much worse. That said, there may be a situation where people start actually questioning things and acting more critically on the things they see on the Internet.]

Source: https://www.nytimes.com/2025/06/26/technology/ai-elections-democracy.html

Tariffs imposed by the U.S. on imports from China are disrupting global trade in 2025, leading to increased production costs and consumer prices. Companies are reconfiguring their supply chains to mitigate the impact of these tariffs, with some shifting sourcing to countries like Vietnam and Mexico. This situation is affecting multiple industries, particularly electronics, agriculture, and automotive, as businesses adapt to rising costs and logistical challenges.

• U.S. tariffs on Chinese imports are significantly raising production costs and consumer prices.

• Companies are diversifying their supply chains and seeking alternative sources to reduce reliance on impacted regions.

• The ongoing trade tensions are expected to have long-term implications for global trade patterns.

[RSnake: That may not help the US much, but it will hurt China, which is probably good enough for now. A weaker CCP leads to a safer South Pacific.]

Source: https://www.supplychainbrain.com/blogs/1-think-tank/post/41852-how-tariffs-are-reshaping-global-supply-chains-in-2025

The United States is set to end Temporary Protected Status for Haitian immigrants as of September 2, despite ongoing humanitarian crises in Haiti marked by gang violence and political instability. This decision follows similar actions against Venezuelan immigrants and other groups facing unrest, as the current administration aims to reshape immigration policy.

• The U.S. government will terminate special protections for Haitian immigrants, affecting approximately 260,000 people.

• Conditions in Haiti remain dire, with significant gang control and humanitarian crises persisting.

[RSnake: Not long ago, the press and celebrities were telling us that Haiti is already great, but how quick they are to forget their own reporting. Or at least they hope we’ll forget. Now it’s a humanitarian crisis.]

Source: https://www.aljazeera.com/news/2025/6/27/us-sets-deadline-to-end-temporary-protected-status-for-haitian-immigrants?traffic_source=rss

The Democratic Republic of the Congo (DRC) and Rwanda have signed a peace deal mediated by the US and Qatar to end years of conflict, with provisions for military withdrawal and regional economic integration. This agreement comes in the wake of violence in the DRC linked to the Rwandan-backed M23 rebel group, which has exacerbated long-standing tensions between the two nations.

• DRC and Rwanda signed a peace agreement to end years of conflict.

• The deal includes a framework for economic integration and military withdrawal.

• The agreement has potential implications for control over valuable mineral resources in the DRC.

[RSnake: That’s good. More reporting on it here.]

Source: https://www.aljazeera.com/news/2025/6/27/dr-congo-and-rwanda-sign-peace-deal-in-turning-point-after-years-of-war?traffic_source=rss

North Korea may soon send troops into Ukraine to support Russian military operations, with deployment potentially beginning as early as July or August 2025.

• North Korea is preparing to send its troops into Ukrainian territory to support Russian military operations, according to South Korean intelligence service.

• The deployment may begin as early as July or August 2025, with the involvement of mutual defense clauses between North Korea and Russia signed in June 2024.

[RSnake: Doesn’t surprise me a bit. It’s not like Kim Jung Un wants to feed those people anyway.]

Source: https://euromaidanpress.com/?p=346889

The Department of Government Efficiency is deploying personnel to slash 47 gun regulations at the Bureau of Alcohol, Tobacco, Firearms and Explosives, with a deadline of July 4, to make firearms more accessible.

• DOGE staff will revise or cut 47 existing gun regulations, including changes to licensing fees and the 4473 Form that gun buyers are required to fill out.

• The Trump administration has also been reducing the size and purpose of the Department of Justice's inspectors, which could impact its ability to investigate businesses selling guns to criminals.

[RSnake: I have not read what those gun regulations are yet, but I am sure we’ll hear soon enough.]

Source: https://gizmodo.com/?p=2000621322

A critical vulnerability identified in AMI MegaRAC firmware allows attackers to gain substantial control over thousands of servers, impacting data centers that manage essential tasks. This security flaw could enable remote exploitation, allowing attackers to install malicious code and compromise internal networks. The US Cybersecurity and Infrastructure Security Agency has classified this as an active threat requiring immediate attention from administrators of affected systems.

• A maximum severity vulnerability in AMI MegaRAC firmware poses significant risks to server management.

• Successful exploitation can allow attackers to bypass authentication and gain control over internal systems and sensitive data.

[RSnake: I remember long conversations I had with the Intel folks about this. Think of it as a computer living below your computer, with many similar issues but more limited in features.]

Source: https://arstechnica.com/security/2025/06/active-exploitation-of-ami-management-tool-imperils-thousands-of-servers/

Cisco has reported two critical remote code execution vulnerabilities in its Identity Services Engine (ISE) that allow unauthenticated attackers to execute arbitrary commands and upload files with root privileges. The flaws, assigned CVEs 2025-20281 and 2025-20282, affect multiple versions of ISE and have a maximum severity rating, necessitating immediate patching to secure systems. Additionally, a medium-severity authentication bypass flaw has been identified in ISE, impacting all versions up to the 3.4 branch, with fixes scheduled for future updates.

• Two critical vulnerabilities in Cisco's Identity Services Engine allow remote code execution.

• Immediate patching is required to secure affected systems and prevent exploitation.

• A medium-severity authentication bypass flaw has also been identified in the same product.

[RSnake: I guess I shouldn’t be surprised by this, but it keeps seeming over and over like security devices are the new pathway into enterprises.]

Source: https://www.bleepingcomputer.com/news/security/cisco-warns-of-max-severity-rce-flaws-in-identity-services-engine/

A new critical vulnerability, known as CitrixBleed 2, has been identified in NetScaler ADC and Gateway, tracking as CVE-2025-5777, which allows unauthorized access and potential session hijacking. Active exploitation of this vulnerability has been observed, with attackers leveraging session tokens to maintain longer-term access undetected across multiple systems. Citrix has recommended immediate updates to mitigate the risks associated with this flaw.

• CitrixBleed 2 vulnerability allows unauthorized access and session hijacking.

• Active exploitation of this vulnerability has been observed in the wild.

[RSnake: Time to upgrade Citrix if you use it!]

Source: https://www.darkreading.com/vulnerabilities-threats/citrixbleed-2-active-exploitation

A Washington Post editor, Thomas LeGro, has been charged with possessing child pornography and is on leave, and his home was searched by authorities.

• Thomas LeGro, a Washington Post editor, has been charged with possessing child pornography and is on leave.

• The U.S. Attorney's Office announced the charges and will be prosecuted by Assistant U.S. Attorneys Caroline Burrell and Janani Iyengar.

[RSnake: I talked a bit about this before, but this is more info on it.]

Source: https://www.foxnews.com/media/washington-post-editor-leave-after-doj-charges-him-possessing-child-pornography

A British national known as "IntelBroker" has been charged by the U.S. for stealing and selling sensitive data from victims worldwide, causing an estimated $25 million in damages.

• Kai West, a 25-year-old British man, has been accused of using the handle "IntelBroker" in a years-long campaign to steal and sell data from government agencies, companies, and critical infrastructure.

• The stolen information included sensitive health records, internal files from telecommunication and cybersecurity firms, and user data from online platforms.

[RSnake: Pretty good run!]

Source: https://www.bleepingcomputer.com/news/security/british-hacker-intelbroker-charged-with-25m-in-cybercrime-damages/

French police arrested five BreachForum cybercrime forum operators accused of leaking and selling stolen data, compromising the sensitive information of millions.

• BreachForums was a popular platform for cybercriminals to trade and leak stolen data, with five threat actors arrested by French authorities in June 2025.

• The arrested individuals, including ShinyHunters and IntelBroker, were reportedly involved in several high-profile data breaches and attacks, including those against the US organization that administers healthcare plans for U.S. House members.

[RSnake: Even I have used that platform before to check on known breaches. So that’s going to make a good dent until people shift.]

Source: https://www.bleepingcomputer.com/news/security/breachforums-hacking-forum-operators-reportedly-arrested-in-france/

North Korean threat actors are targeting job seekers with a malicious campaign utilizing nefarious npm packages that install infostealers and backdoors on victims' devices. These packages mimic trusted libraries and are distributed through fraudulent job offers and coding assignments. The attacks aim to extract sensitive data from software engineers and developers via these compromised packages.

• North Korean operatives are using malicious npm packages to infect developers' devices.

• These packages are disguised as legitimate tools and target job seekers.

• The payloads include information stealers and persistent backdoors for ongoing access.

[RSnake: I was just talking with Jeremiah Grossman about this. We are likely to see an uptick of malicious packages coming from nation-states and professional hacking groups.]

Source: https://www.bleepingcomputer.com/news/security/new-wave-of-fake-interviews-use-35-npm-packages-to-spread-malware/

Recent strikes by the U.S. on Iran's nuclear facilities have triggered cyberattacks on American banks and the oil industry, although significant damage has not yet occurred. Pro-Iranian hacker groups are increasingly active and pose a continued threat, calling for further digital retaliation against U.S. interests. These developments highlight the growing vulnerabilities of U.S. cyber infrastructure amidst ongoing geopolitical tensions.

• U.S. strikes on Iran's nuclear program have led to cyberattacks targeting U.S. banks and oil companies.

• Pro-Iranian hacker groups are calling for increased attacks against American infrastructure, indicating a heightened state of cyber threats.

• There is a pressing need for stronger cybersecurity measures in light of these evolving threats and geopolitical tensions.

[RSnake: Some of these pro-Iranian hackers are pretty good, btw, especially at things like industrial control systems hacking.]

Source: https://www.fastcompany.com/91358064/u-s-strikes-irans-nuclear-program-have-unleashed-cyberattacks-american-banks-oil-industry

Many Americans are falling victim to travel scams as they attempt to book vacations while reducing personal spending. As scammers utilize increasingly sophisticated tactics, including fake booking sites and manipulated travel images, it's reported that nearly 25% of those targeted have lost money, with losses exceeding $1,000 for some individuals. The prevalence of these scams highlights the need for heightened vigilance when booking travel online.

• Nearly 25% of individuals who encountered travel scams lost money, with significant losses reported.

• Younger travelers are more likely to fall victim to scams involving fake confirmation links and manipulated images.

• A large number of Americans are reducing personal spending to afford vacations, making them more susceptible to scams.

[RSnake: Vacation rentals are especially dangerous, btw. Make absolutely sure you are dealing with a real human and that they really own the property in question.]

Source: https://thereadable.co/new-mcafee-report-finds-young-adults-fall-for-travel-scams-more-often-than-older-generations-2/

L&T Technology Services has opened a new Engineering Design Center in Plano, Texas, which is set to create over 350 high-skilled jobs focused on AI, digital engineering, and cybersecurity. The facility is designed to develop and test defense-related products and aims to enhance Texas' position as a hub for innovation in advanced technologies and smart manufacturing.

• The center will house over 350 engineers specializing in AI and digital manufacturing.

• It is equipped to handle defense-related product development and cybersecurity solutions.

[RSnake: That’s excellent news. While there aren’t a lot of roles involved, it tends to create spinoff innovations that have tons of jobs attached.]

Source: https://thereadable.co/lt-technology-services-launches-new-engineering-design-center-in-plano-texas-to-propel-advancements-in-ai-tech-digital-manufacturing/

Normalizing Flows (NFs) have been shown to be more effective for generative modeling than previously understood, now exemplified by a new architecture called TarFlow. This model combines Transformer techniques with autoregressive methods, leading to state-of-the-art results in image likelihood estimation and sample generation quality. Key innovations include training techniques that enhance model performance and sample diversity, placing this model at the forefront of generative modeling.

• TarFlow is a new architecture that enhances the capabilities of Normalizing Flows in generative modeling.

• The model achieves state-of-the-art results in likelihood estimation and sample generation for images.

• Innovative training techniques improve sample quality and diversity significantly.

[RSnake: There is tons of work to be done here, but I think this is a step in the right direction.]

Source: https://machinelearning.apple.com/research/normalizing-flows

OpenAI's partnership with Microsoft is under tension due to disagreements regarding the definition and future declaration of artificial general intelligence (AGI). This conflict could impact Microsoft's access to OpenAI's future technologies, especially if OpenAI declares achieving AGI before their partnership concludes in 2030.

• OpenAI and Microsoft are in conflict over the terms related to artificial general intelligence, which affects their partnership.

• A framework for classifying AI capabilities has caused internal debates within OpenAI regarding its implications on their AGI declaration.

[RSnake: That is a big point of contention either way.]

Source: https://www.wired.com/story/openai-five-levels-agi-paper-microsoft-negotiations/

Researchers have developed a method to produce acetaminophen from plastic waste using E. coli bacteria, potentially transforming how pharmaceuticals are made by utilizing environmentally harmful PET waste. This process, which operates at room temperature with minimal carbon emissions, could significantly reduce plastic pollution and greenhouse gas emissions associated with drug production.

• E. coli was manipulated to convert PET-derived terephthalic acid into acetaminophen.

• The process shows potential for sustainable pharmaceutical manufacturing while addressing plastic waste.

[RSnake: Very interesting. I bet this is an area that is all but completely untapped - how waste can become something extremely valuable in other industrial processes.]

Source: https://www.wired.com/story/the-next-paracetamol-tablet-you-take-could-be-made-from-pet/

Meta is increasing its investment in artificial intelligence to compete more effectively in the market, with CEO Mark Zuckerberg realizing the company's previous efforts have not kept pace with rivals such as OpenAI. This includes a significant financial commitment of $14.3 billion to Scale AI, as well as efforts to recruit top researchers from competitor firms, aiming to accelerate development and innovation in AI technologies.

• Mark Zuckerberg acknowledges that Meta's current AI technology is lagging behind competitors.

• Meta is undertaking a significant hiring initiative, targeting top talent from rival companies to enhance its AI capabilities.

[RSnake: Hundreds of millions of dollars just in staffing. This is a big push.]

Source: https://www.nytimes.com/2025/06/27/technology/mark-zuckerberg-meta-ai.html

India has launched its first astronaut into space after 41 years, marking a milestone in its space exploration efforts. Group Captain Shubhanshu Shukla is part of the Axiom-4 mission, which includes a collaboration of multiple space agencies and aims to conduct several scientific experiments aboard the International Space Station.

• Group Captain Shubhanshu Shukla becomes the second Indian astronaut to travel to space.

• The Axiom-4 mission involves collaboration with NASA, ISRO, ESA, and private company SpaceX.

• India plans further space exploration efforts, including a human spaceflight and establishing a space station by 2035.

[RSnake: Congrats to India. That’s a big step!]

Source: https://www.bbc.com/news/articles/cz09lx2gjm4o

Major issues continue to arise in the pharmaceutical industry, particularly regarding the exploitation of regulatory loopholes and the sourcing of drugs from unverified foreign suppliers. Companies are leveraging these gaps to market compounded medications at lower prices, often resulting in questionable safety and ethical practices while prioritizing profit over patient care.

• Companies like Hims & Hers exploit regulatory exemptions in the pharmaceutical industry to market compounded medications, often using low-quality foreign ingredients.

• There are significant concerns regarding the ethics and safety of telehealth services that automate prescriptions for marketed medications without adequate medical oversight.

• The business model of these companies focuses on profit maximization through subscription traps and premium pricing for generic medications.

[RSnake: I do wonder about a lot of the generics as well. Technically, the FDA should be all over this, but they’ve done a historically terrible job of double-checking to see if what you are getting is what was on offer.]

Source: https://www.alexkesin.com/p/the-hollow-men-of-hims

Broadcom is conducting audits on former VMware customers who have declined to renew their support contracts, sending cease-and-desist letters regarding the use of VMware products. Companies have reported stress and potential financial repercussions due to these audits, as they may be found in violation of their licensing agreements. This situation has raised concerns about Broadcom's practices following its acquisition of VMware and its impact on customers.

• Broadcom is auditing former VMware customers for license compliance.

• The audits and cease-and-desist letters are causing financial anxiety among companies.

[RSnake: I talked about this last week as well. I am very curious what the results will be. Again, these companies haven’t been paying their bill, so what happens when the bill comes due?]

Source: https://arstechnica.com/information-technology/2025/06/vmware-perpetual-license-holder-receives-audit-letter-from-broadcom/

The S&P 500 and Nasdaq have reached record closing highs as the stock market has surged, gaining more than 20% since April. Despite some volatility due to geopolitical tensions and trade policy developments, investor sentiment remains optimistic amidst signs of economic growth and easing tariffs.

• The S&P 500 reached an all-time high closing price amid rising stock market gains.

• Investor confidence has increased due to improved economic indicators and a rollback of tariffs.

[RSnake: This is partly why Trump was yelling at Jerome Powell at the Fed about not decreasing interest rates.]

Source: https://abcnews.go.com/Business/sp-500-hits-record-high-stock-market-surges/story?id=123225899

A majority of businesses are planning to restructure their supply chains due to a 'poly-crisis' characterized by rising procurement costs, geopolitical instability, and climate change impacts. Many companies report having faced supply shortages and increased costs, prompting a shift towards regional diversification and local sourcing strategies. Businesses are increasingly adopting risk management techniques, including supplier evaluations and dual-sourcing, to navigate these challenges.

• 87% of businesses plan to restructure their supply chains in response to multiple overlapping crises.

• Significant supply shortages and increased procurement costs are driving companies to prioritize local and regional sourcing.

[RSnake: They are right to focus on local supply chains, sustainable processes, and reduced reliance on rare earths.]

Source: https://www.supplychainbrain.com/articles/42041-survey-poly-crisis-pushes-companies-to-rework-supply-chains

In 2025, many major corporations have withdrawn support for LGBTQ+ Pride events and Juneteenth celebrations, influenced by the political climate under Donald Trump that promotes nationalist messaging and downplays diversity initiatives. Polls indicate a significant decrease in corporate engagement with social justice, which has led to a perceived void in support for progressive movements, with some companies fearing backlash for their past commitments to diversity, equity, and inclusion programs.

• Major corporations are pulling back from support for Pride and Juneteenth events amidst political shifts.

• There is a growing trend of brands adopting nationalist messaging in advertising, reflecting a wider cultural change influenced by current political leadership.

[RSnake: I think they realized the bulk of the buyers out there knew it was theatre, and not even entertaining theatre.]

Source: https://www.wired.com/story/the-era-of-woke-brand-activism-is-over/

Proposed changes to the Qualified Small Business Stock (QSBS) tax exemption aim to expand benefits for tech startup investors, potentially allowing them to realize significant income tax-free. If passed, this legislation could enable an estimated $17 billion in tax breaks for wealthy investors, while previous restrictions on these benefits were rolled back by Democratic lawmakers in 2021.

• QSBS provision allows early-stage investors in tech startups to benefit from capital gains tax exemptions.

• Proposed changes could significantly expand tax advantages for investors, possibly costing the government $17 billion.

[RSnake: That’s great news for small businesses.]

Source: https://gizmodo.com/?p=2000621460

Major U.S. banks, including Wells Fargo, successfully passed the Federal Reserve's annual stress test, demonstrating resilience amidst a simulated economic downturn involving high unemployment and significant drops in home prices. This success indicates their financial stability, allowing them to proceed with dividend and stock-buyback plans for shareholders.

• U.S. banks passed a stress test simulating a severe economic downturn.

• Wells Fargo and other major banks are expected to announce dividend and stock-buyback plans.

[RSnake: That’s good news for once! Lol…. I wonder if it works in practice, though.]

Source: https://www.marketwatch.com/story/wells-fargo-clears-another-fed-hurdle-as-banks-pass-stress-tests-6b9870d0?mod=mw_rss_topstories

European companies are facing a productivity gap relative to their US counterparts, producing only 76% as much as they did 30 years ago. The Accenture report indicates that over half of large European firms have not yet scaled major AI investments, despite the potential for nearly €200 billion in annual revenues if AI capabilities are enhanced. The need for coordinated AI strategies and the development of key capabilities is emphasized, especially for smaller companies and sectors that play critical roles in regional infrastructure.

• European productivity is declining compared to the US due to underinvestment in technology.

• Significant revenue growth is possible if European firms enhance their AI capabilities.

[RSnake: Regulations. That’s a huge, huge chunk of the issue. Way too many regulations. It’s prohibitively difficult to run companies out of the EU or fire people for a lack of productivity, etc.]

Source: https://thereadable.co/accenture-report-european-firms-must-accelerate-ai-adoption-to-close-productivity-gap/

Cheniere Energy has announced an expansion of its liquefied natural gas production capabilities through a $3 billion investment in its Corpus Christi facilities, expected to add approximately 5 million tonnes per annum of LNG capacity. Additionally, Cheniere plans to increase its annual dividend and aims to generate over $25 billion in available cash by 2030 to support growth and operational excellence initiatives.

• Cheniere's Corpus Christi expansion will increase LNG capacity to over 60 million tonnes per annum.

• The company is on track to increase annual dividends significantly and is strategically investing to enhance production capabilities.

[RSnake: Hooray for Texas.]

Source: https://gcaptain.com/?p=229986