RSnake Report 20251206

Hello, and thanks for reading! I would normally say that things are slowing down as the holiday approaches, but if my calendar is any hint, things are really heating up on the business front. We got the youngest into Jiu Jitsu, so it’s been a lot of watching and teaching him how to fold clothing with people still inside of them. 🥋 

In Russian/Ukrainian news, Ukrainian kamikaze drones struck central districts of Grozny, the capital of the Chechen Republic, targeting a building that houses the Ministry of Finance of Chechnya, the regional office of Russia's Ministry of Justice, the National Security Council of Chechnya, the Secretariat of the Deputy Chairman of the Government of Chechnya, the Chamber of Control of Chechnya, the Central Election Commission of Chechnya, the regional office of Russia's ruling party United Russia, the propagandist channel Put’, and Ramzan Kadyrov’s personal architect’s design studio. This was clearly a good hit and proves that the coordination of intelligence and highly targeted drone strikes is a lethal combination.

There was more attacks on energy this week with footage arising from the from Temryuk port in Krasnodar Krai shows a large fire at the LPG and gas terminal following a Ukrainian drone strike, with FIRMS thermal-anomaly data confirming the blaze. Kinda impressive how the thermal anomaly system is being used to identify successful target hits. This used to be accessible only to well-funded militaries.

It wasn’t just Ukraine going after energy and critical infrastructure this week, though. Russia launched an air attack on Ukrainian energy and transport infrastructure, firing 653 suicide drones and 51 missiles at Ukrainian cities. Ukraine downed 585 drones, 29 of 34 cruise missiles, one of 14 ballistic missiles, and none of the three Kinzhal hypersonic missiles. While, a great success in terms of the number of interceptions that got through, it still did a pretty notable amount of damage. Hits included the Fastiv railway station and energy infrastructure in the Kyiv region, a power plant in Bila Tserkva, a power plant in the Lviv region, and energy infrastructure in the Dnipropetrovsk, Poltava, and Chernihiv regions.

A Ukrainian unmanned ground vehicle engaged a Russian MT-LB troop carrier near the forward line during testing, destroying the vehicle. The interesting part of this wasn’t just that it was a remotely piloted gun, but it was just in a test phase, and likely not expecting to encounter the enemy directly, or at such close range. Either way, these robot guns are a real menace on the battlefield, and in many ways are just as lethal as a main battle tank, because the survivability is 100% and they don’t care about getting up and personal, or waiting for long periods.

The Ukrainian company ARes developed an acoustic detection system for FPVs and UAVs, using a phased-array microphone system with bimodal beamforming to scan the sky and locate noise sources by analyzing millions of sound beams. If it radiates, it dies, and apparently that includes things like sound. I doubt this works well at a significant range, but for close-in targets, it probably would work great, and not only that, it is likely quite passive, unlike a lot of the other radar-based solutions, which means it’s less likely to be seen/detected and therefore destroyed.

The third Russian shadow tanker looks like it’s going to sink, if it hasn’t already, off Senegal's coast within 48 hours, part of Ukraine's targeting of Russia's shadow fleet. This isn’t as much about sinking the ships themselves as it is about making the owners of these oil companies and ships think twice about wanting to operate with the Russians.

As a for instance, Beşiktaş Denizcilik, owner of the Mersin oil tanker damaged near Senegal, ceased all Russia-related voyages due to escalated security risks, stating compliance with G7/EU price caps and sanctions. So we do know that ship sinking is working on multiple dimensions, including, by the way, a massive increase in shipping insurance premiums.

A Russian drone served as a radio re-transmitter for FPVs, equipped with three relay transmitters to switch frequencies between controller and FPV, using a motor and propeller for efficient hovering. It reminds me of something you’d see sticking out of someone’s backpack at DefCon. But the actual surprising thing is that this looks extremely cheap but well put together, which means they likely have this working at an industrial scale.

A Land Cruiser Prado owned by a 41-year-old Doctor of Physical and Mathematical Sciences from the sanctioned "Polus" Research Institute exploded in Moscow. The scientist, a quantum electronics specialist developing military laser systems like the LCD-4-1 for Russian artillery and aviation, was on a business trip to Southeast Asia with no one inside the vehicle at the time. So it was a failed attempt, but it goes to show that assassination is still in use in this theatre of war.

Speaking of, four unidentified military-style drones breached a no-fly zone near Dublin Airport, flying toward the expected path of Ukrainian President Volodymyr Zelensky’s plane, which landed moments earlier. The drones orbited an Irish Navy vessel deployed in the Irish Sea for the visit. So yes, Russia attempted to assassinate Zelensky in a NATO-controlled country. And the really shocking thing is that this got virtually no press outside of the milbloggers.

In rather disgusting news, Russia's HIV epidemic has been reported to affect one in 25 men aged 15-50, with authorities suspecting higher rates due to insufficient testing. As a reminder, intravenous drugs and unprotected anal sex are the primary means of infection, which means either there is an epidemic of drug use, or a lot of anal sex happening amongst military age men. There is a lot of discussion about systemic rape amongst the Russian military, for fun, for punishment, etc. This would help explain the epidemic. 🤮 

In European news, NATO is discussing a preemptive strike on Russia in response to hybrid attacks, as stated by Admiral Giuseppe Cavo Dragone, head of NATO’s Military Committee. Eastern European diplomats push for action beyond mere expressions of concern, with Dragone noting that such strikes could qualify as self-defense but require legal and jurisdictional clarity. It really is not at all clear what they are saying, but it would have to be significant enough to be noticed above the din of the current Ukraine conflict, or be subversive in ways that slowly degraded Putin’s ability to project power.

There is an increasingly greater rift between how NATO treats the US and how the EU treats the US. European leaders are considering liquidating $2.34 trillion in US bonds if Donald Trump aligns with Russia, noting that Russia's economy is $1.8 trillion. It’s not quite clear what they mean by that, but it almost surely has to do with brokering peace and not getting every deal term that Ukraine wants. Meanwhile, the EU Commission may fine X hundreds of millions of dollars for not engaging in censorship. So we have the EU trying to push back on established US freedoms/law and US interventionism, while asking us to pay for defense. Not a great situation.

Meanwhile, the immigration issue has been increasing, and it looks like at least in small pockets, there is more push-back. Ireland's New Republican Movement warned that immigrants harming Irish lives or the safety of women and children are legitimate targets. It also threatened the politicians who let it happen. It’s not clear what this group might be analogous to, but it feels like they may be a splinter-cell of the IRA, but the politicians who were threatened spoke out against them, including the MP of Sinn Fein.

The French Navy fired on five drones over the Île Longue Strategic Submarine Base in Brittany, which houses nuclear-powered ballistic missile submarines. It is unclear if any drones were shot down, who launched them, or what their purpose was. But likely a mix of surveillance and testing of defenses.

In Southeast Asian news, China is leasing millions of hectares in Russia to the east. Basically, what happens is that entire huge sections of Russia are for rent and then bought and paid for to do farming or industrial. But when that happens, it is now run by the Chinese, including their laws. China is slowly eating at Russia, and Russia really has no choice, because it needs Chinese technology and its cash.

China’s private firm Lingkong Tianxing unveiled the YKJ-1000 hypersonic glide missile, flying at Mach 7 with a 1,300 km range and costing $99,000, using civilian materials like foamed concrete for heat protection and components such as camera modules and BeiDou chips. State media claims it competes internationally, allowing smaller nations to threaten major powers' warships, though analysts question the low cost due to fuel and engine expenses. It’s not clear how much of this is propaganda and how much is operational.

China’s “Photon Hunter” quantum radar entered service, using single-photon detectors to detect stealth aircraft like the F-22 and F-35 by capturing faint signals and heat. Large-scale production has begun, with potential integration into J-20 fighters, marking a breakthrough in military technology. This may actually work, because the difference in movement of wavelengths of light might be different when a stealth fighter/bomber is moving through airspace.

Speaking of more questionable tech, China unveiled upgraded anti-ship missiles YJ-15, YJ-17, YJ-19, and YJ-20 using scramjet engines for its A2AD arsenal. China's YJ-17 hypersonic anti-ship ballistic missile maneuvers at Mach 8 with a 1,500 km range, armed on 052D and 055 destroyers; YJ-19 is a submarine-launched hypersonic anti-ship missile at Mach 10 on 093/093A/B submarines; YJ-20 is a hypersonic anti-ship missile at Mach 8-10 with 1,500 km range on modern PLAN destroyers like 055 and 052D. We shall see if any of this is beyond prototype, but for now, it’s worth considering that China sees our ships as a real threat that needs to be dealt with.

Chinese shipbuilder CSSC unveiled a rocket-assisted smart mine for anti-ship and anti-submarine operations, launching a rocket-guided warhead from the seabed for high-precision strikes, deployable in swarms to create no-man's-land in the South China Sea. This feels like it may be further along, and a decent idea to speed munitions to targets quickly, which is probably a bigger deal when you are facing Phalanx systems that need moments to acquire the target.

In African news, Sudan's military government offered Russia a 25-year naval base lease at Port Sudan or another Red Sea facility, allowing up to 300 troops and four warships, including nuclear-powered ones, to monitor Suez Canal traffic carrying 12% of global trade. In exchange, Sudan seeks discounted Russian anti-aircraft systems and weaponry amid its civil war, which has killed over 150,000 and caused a humanitarian crisis, though the deal risks US and EU backlash. These systems wouldn’t be much use against Western forces, as we have seen in Ukraine, but against rival warlords, it’s probably plenty good.

In Middle East news, Israeli loitering-munitions firm UVision acquired SpearUAV, specializing in AI-enabled unmanned systems, to accelerate battalion-level air power integration for tactical operations. The merger consolidates the loitering munitions market, following UVision's 2021 partnership with Rheinmetall for European expansion. The Viper 300 drone from SpearUAV supports small units and special operations. You can fire one or more at a time, which is a pretty useful feature. It has a kinda silly little launcher, which feels unnecessary when you are launching one at a time, but when they are launched three at a time, it starts making way more sense.

As I have talked about a few times in the last few months, Iran's water crisis in Tehran worsens, with President Masoud Pezeshkian warning of evacuations without rain and proposing a capital move due to the uninhabitable central plateau. Phasing out water-intensive agriculture and industries challenges the economy, while targeting the IRGC's Khatam al-Anbiya Construction Headquarters risks regime stability. Constitutional food self-sufficiency counters sanctions, but raising water and electricity prices could spark unrest. Reforms are needed to sustain Tehran’s thirst. Once again, NASA predicted this almost 10 years ago with their satellite telemetry. The only nation with the necessary desalination tech to help Tehran currently… is Israel.

In North American news, Lee's Summit, Missouri, a prowler shot down a police drone during a routine patrol. I think it’s a little funny that civilians are having to deal with drones, and I think this is one of the first recorded situations where citizens are fighting against drones on US soil.

The Trump administration has changed its stance on immigration from a number of typically Muslim and Communist controlled countries. US Citizenship and Immigration Services halted immigration and naturalization for individuals from 19 countries: Afghanistan, Burma, Burundi, Chad, Cuba, Equatorial Guinea, Eritrea, Haiti, Iran, Laos, Libya, Republic of the Congo, Sierra Leone, Somalia, Sudan, Togo, Turkmenistan, Venezuela, and Yemen.

Starting next week, 21 Democrat-controlled states, California, Colorado, Connecticut, Delaware, Hawaii, Illinois, Maine, Maryland, Massachusetts, Michigan, Minnesota, Nevada, New Jersey, New Mexico, New York, Oregon, Pennsylvania, Rhode Island, Vermont, Virginia, and Washington, will lose federal SNAP funding for refusing USDA anti-fraud data requests. Compliant states revealed 186,000 dead Social Security numbers used, 500,000 duplicate recipients, and multi-state benefit claims. The remaining 29 Republican states complied. I think it’s pretty sad that this is even an issue. Democratic states are hurting their taxpayers, and Republicans are hurting the people on SNAP. Granted, many on SNAP should not be on it at all, but still. I think this will be a much bigger deal in the press next week, so brace for impact.

University of Delaware student Luqmaan Khan, 25, of Pakistani origin, was arrested after a traffic stop allegedly revealed a loaded Glock converted to a machine gun with 1,200 rounds, body armor, extended magazines, and a manifesto planning a campus attack, including diagrams of UD police headquarters, warfare tactics, and martyrdom goals. This was a completely unexpected situation because it was just a normal traffic stop. But it just shows how this extremism is on the rise, and in some cases, we’re just lucky that we’re catching them.

CNN's Jake Tapper described the newly alleged January 6 pipe bomber as a "white man" without showing the images they already had on file. This is despite the suspect appearing Black, continuing the ongoing CNN anti-white rhetoric. But I honestly think it was a mistake, just the kind of mistake that happens a lot when you attempt to lace every conversation with race-based language. I am not certain that this individual will be found guilty, but the point remains that the news seems to be pretty wildly skewed in their reporting, even on issues where the audience can see it for their own eyes. The Joe Biden dementia story, for example, comes to mind. So far, Tapper hasn’t retracted/corrected his reporting on either of those things - color me shocked.

Investigations into USS Harry S. Truman incidents revealed a series of preventable failures that lead to loss of super hornets: on December 22, guided-missile cruiser USS Gettysburg fired two Standard Missile 2s at landing Super Hornets; on February 12, the carrier collided with a tanker in Port Said; on April 18, an F/A-18E Super Hornet slid from the hangar while evading a Houthi missile; on May 6, an F/A-18F Super Hornet went over the edge during landing. All of this resulted in the loss of three aircraft. The Houthi strike seems like the most egregious situation because this is precisely what they train for, but they got confused. Confusion is not a great excuse; we need better training/equipment to stop these losses, especially when the threat is against a more serious near-peer adversary.

In Tech news, OpenAI plans to introduce ads on ChatGPT soon, and may already be rolling out to some users. They are likely to sit alongside/below the answers rather than being embedded into the answers themselves. Ads are obviously trying to answer the question of how to monetize the user base, but it also means they need to combine external information with what users believe are highly private chats. Pretty gross. Gemini is likely going to do the same, which is yet another reason to be pushing the envelope for private models that don’t hand over data to advertisers.

Why, you ask? Smartphones worldwide were allegedly infected with Israeli-developed malware from Intellexa via malicious ads, granting access to cameras, microphones, chat apps, emails, GPS, photos, files, and browsing without user interaction. Shoving more ads and making them even more highly targeted than they already are doesn’t strike me as a good or safe idea, so no, I’m not a fan of ad networks, be it Google or OpenAI or whomever it is. Remember, if you aren’t paying for it, you are the product. The sad news is that even if you’re paying for OpenAI, you’re still going to get ads. Anyway, start blocking ads if you aren’t already. Use Brave instead of Chrome as an example.

Anduril founder Palmer Luckey stated that subterranean domains, involving vehicles moving through Earth's crust, will define 21st-century warfare over space. He even strangely said that he has built working prototypes. I’d love to hear what he means by this, and he might be right, although the complexity and cost are high. However, Anduril is already moving into sub-sea operations. That video is worth a watch because there are three different operational types: one is a torpedo, one is a carrier ship, and the other is a sensor/mapping drone of sorts.

Amazon threat intelligence detected exploitation of CVE-2025-55182 (React2Shell), disclosed December 3, 2025, by China-linked groups like Earth Lamia and Jackpot Panda within hours. A GitHub Chrome extension now scans and exploits vulnerable sites during browsing. This is the perfect storm - a widely deployed software suite that can be remotely exploited, giving user-level access to the website, allowing the attacker to run arbitrary code. Nasty. Make sure that if you run React on your website, you patch up!

Lastly, in Economic news, Michael Dell committed $6.25 billion to "Trump Accounts" for 25 million American children in low-income zip codes, providing $250 deposits each under a new law offering $1,000 Treasury seed for kids born 2025-2028, with parents adding up to $5,000 yearly tax-deferred into S&P 500 investments. Qualifying organizations like Dell's can contribute unlimited amounts beyond the parent limit, using government infrastructure for distribution without overhead. The move doubles Dell's prior $2.9 billion lifetime giving; his net worth rose $6 billion via stock gains, offsetting the donation. Withdrawals are taxed at age 18; other firms like Uber, Zillow, Nvidia, and Salesforce have discussed potentially channeling $100 billion in philanthropy through this system over five years. Basically, the idea is that with the changes to the tax code, you can now invest tax-free every year into your kid’s retirement.

Okay, onto the articles!

U.S. Army Special Operations Forces are undergoing transformations to prepare for modern warfare, emphasizing multi-domain operations that integrate land, air, sea, space, and cyberspace capabilities. As operational demands increase, the Army is enhancing its strategies and technologies, including the use of drones and artificial intelligence, to effectively conduct irregular warfare and maintain an edge against peer adversaries like China and Russia.

• U.S. Army Special Operations Forces are evolving their strategies to focus on multi-domain operations involving integrated capabilities.

• The rise in operational demands has led to the incorporation of advanced technologies such as AI and drones in the Army's tactics.

[RSnake: I heard a rumor that the US Army is buying a million new low-cost drones, and the other forces are also ordering millions as well. That will put us on track to defend against a modern conflict, but defensive drones, ISR drones, radio relays, etc., are going to be very important as well.]

Source: https://sofrep.com/?p=220546

Palestinian leader Marwan Barghouti is reportedly suffering severe abuse in Israeli prison, with allegations of torture including broken ribs and other injuries. His family, alongside various Palestinian organizations, expresses grave concerns for his safety, particularly in light of increasing reports of violence and deaths among Palestinian detainees in Israeli facilities since the conflict escalation in October 2023. The situation raises significant human rights issues in the context of the ongoing Israeli-Palestinian conflict, as Barghouti is seen as a pivotal figure for future Palestinian statehood.

• Marwan Barghouti, a senior Palestinian leader, is allegedly facing torture and abuse in Israeli custody.

• There has been an alarming rise in reports of deaths and abuses against Palestinian prisoners in Israeli facilities.

[RSnake: I would expect nothing different. He hasn’t exactly been a peaceful peer throughout the years. I don’t condone torture, but also, I wouldn’t expect to be treated nicely when captured by an enemy that I sanction the killing of either.]

Source: https://www.aljazeera.com/news/2025/12/6/palestinian-groups-express-grave-concerns-over-marwan-barghoutis-safety?traffic_source=rss

The United States is engaged in a competition with China over artificial intelligence, with Oak Ridge, Tennessee, emerging as a critical hub for advancements in AI and nuclear technology. The development of supercomputers like Frontier is aimed at accelerating research and maintaining a technological edge against Chinese capabilities. This situation represents a pivotal moment for American leadership in science and defense, echoing the historical significance of the original Manhattan Project.

• Oak Ridge, Tennessee, is positioned as a key site for U.S. efforts to advance artificial intelligence and nuclear technology.

• The U.S. is focused on maintaining a lead over China's rapidly developing digital warfare capabilities.

[RSnake: I am really thinking that these ultra large models are a dead end. We need to be focused on memory and learning, and less on indexing large amounts of dubiously scraped Internet data of extremely questionable origins. I suspect not only will it be cheaper due to less power, but it will work better.]

Source: https://www.dailywire.com/news/manhattan-project-2-0-inside-the-once-secret-city-now-powering-americas-ai-fight-against-china

A former DEA official with a security clearance has been appointed as deputy chief of the Office of Financial Operations and allegedly laundered over $12 million for a Mexican cartel by converting cash into cryptocurrency, his home was raided by federal agents on Thursday.

• The former DEA official laundered over $12 million for a Mexican cartel using cryptocurrency.

• He allegedly discussed using drones packed with explosives to blow up a target location for the cartel.

[RSnake: One of my very good friends has said that a huge number of former DEA agents are working for the cartels now, or have moved to ‘legitimate’ operations protecting dispensaries, and grows, etc. which are also owned by the cartels.]

Source: https://www.zerohedge.com/political/top-obama-dea-official-charged-laundering-money-mexican-drug-cartel

Tensions remain high in the Middle East as Israel continues military actions in Gaza and Syria, leading to casualties. Israeli Prime Minister Netanyahu's ongoing legal battles have prompted discussions about a potential presidential pardon from President Trump, amid a backdrop of escalating violence and bombing campaigns.

• Israel is conducting military operations in Gaza, leading to high civilian casualties.

• Netanyahu seeks a presidential pardon from Trump to continue his leadership during ongoing conflicts.

[RSnake: What a weird thing to have to ask a pardon for, but I suppose it is within Trump’s remit to allow it. Generally, pardons are a dangerous thing because there is almost never an upside and almost always a downside politically. Better to stay out of it if you can.]

Source: https://www.zerohedge.com/geopolitical/netanyahu-pleads-more-support-trump-secure-pardon-corruption-case

UN Secretary-General Antonio Guterres has condemned Israel's military actions in Gaza, stating there are strong reasons to believe that Israeli forces may have committed war crimes during the conflict. The ongoing violence has resulted in significant civilian casualties and a humanitarian crisis, with more than 70,000 deaths reported in Gaza since the escalation began over two years ago. Despite a fragile ceasefire brokered by the United States, Israeli forces have violated the truce numerous times, leading to further casualties.

• Guterres criticized Israel's military operations in Gaza, suggesting potential war crimes.

• The conflict has led to over 70,000 deaths in Gaza and violations of a fragile ceasefire.

• Humanitarian aid access has improved due to US pressure, but aid restrictions remain a concern.

[RSnake: The UN gains nothing by this action, aside from alienating the US and Israelis, and aligning themselves with the Muslim population.]

Source: https://www.aljazeera.com/news/2025/12/4/uns-guterres-says-israels-conduct-of-war-in-gaza-fundamentally-wrong?traffic_source=rss

The US Supreme Court is set to review a case concerning birthright citizenship, which could have implications for immigration policy and constitutional rights. This follows the Trump administration's attempt to impose restrictions on automatic citizenship for children born to undocumented immigrants or temporary visa holders, an effort that has faced numerous legal challenges and blockades by lower courts.

• The Supreme Court will hear a case regarding the constitutionality of banning birthright citizenship for children of undocumented immigrants.

• The Trump administration's executive order on birthright citizenship has been blocked by federal judges, citing violations of the 14th Amendment.

[RSnake: I do think birthright is one of the foundations of citizenship, and if the parents are here legally, it should stand to reason that their kids may be become citizens. It is, however, abused, so that abuse may need to be looked at.]

Source: https://www.aljazeera.com/news/2025/12/5/us-supreme-court-to-consider-trumps-bid-to-end-birthright-citizenship?traffic_source=rss

Mongolia's economy is heavily reliant on Russia, making it vulnerable to sanctions and geopolitical tensions, while the country's government signs a free trade deal with Russia's economic bloc, potentially threatening its independence.

• The war in Ukraine has closed Mongolia’s path to Western markets and handed Moscow new leverage over the country.

• Mongolia imports 95% of its petroleum from Russia, making it vulnerable to energy dependence and sanctions.

[RSnake: It really sucks to be in the shadow of Russia. Really.]

Source: https://euromaidanpress.com/?p=378707

Venezuelan President Nicolás Maduro faces challenges to his power, as a U.S. carrier strike group has been deployed near Venezuela ostensibly to combat drug trafficking. The opposition, led by María Corina Machado, is preparing for a potential transition, proposing extensive reforms aimed at revitalizing the economy and restoring democracy if Maduro is removed from power. The current humanitarian crisis and regional instability continue to be exacerbated by Maduro's regime, prompting calls for democratic change and support for the opposition.

• Venezuelan President Nicolás Maduro is facing increased pressure with U.S. military assets deployed in the region.

• Opposition leader María Corina Machado has a plan for Venezuela's transition to democracy and economic revitalization.

• The ongoing humanitarian crisis in Venezuela remains critical, impacting millions and creating regional instability.

[RSnake: I am surprised things haven’t escalated, but for now, things still seem calm, other than perhaps some clandestine forward operating forces on the ground and a NOTAM over the Venezuelan airspace.]

Source: https://www.atlanticcouncil.org/?p=891958

Tensions in the Indo-Pacific region are rising as Taiwan reports that China has deployed a significant number of warships for military operations extending across various seas. Taiwan has significantly increased its defense spending in response to these developments and is preparing for potential military scenarios amid rising concerns over China's ambitions towards Taiwan.

• Taiwan has accused China of deploying numerous warships for military operations in the Indo-Pacific.

• Taiwan plans to increase defense spending by $40 billion over the next eight years to deter potential aggression from China.

[RSnake: They’ve also been doing laps around Australia as well, getting used to the journey and straying very close to Australia as a power move.]

Source: https://www.eurasiantimes.com/?p=258810

Multiple threat actors linked to China are exploiting a critical vulnerability (CVE-2025-55182) in React and Next.js frameworks, allowing for remote code execution without authentication. Following the public disclosure of this flaw, various attacks have been observed against multiple sectors, including finance and government, which heightens the importance of addressing the vulnerability swiftly.

• React2Shell vulnerability allows for unauthorized code execution on affected servers.

• Chinese threat actors are actively exploiting this vulnerability soon after its disclosure.

• The vulnerability impacts a large number of cloud environments, increasing the risk for many organizations.

[RSnake: Make sure you patch up if you run these on your server!]

Source: https://www.bleepingcomputer.com/news/security/react2shell-critical-flaw-actively-exploited-in-china-linked-attacks/

A startup in the AI image generation sector left a database exposed, containing over 1 million images, many of which featured explicit content and involved the nonconsensual use of images of both adults and minors. The incident has raised alarms over the security of AI-generated imagery and its potential for misuse, particularly regarding harassment and exploitation.

• A database containing over 1 million images was found exposed to the internet, including explicit and nonconsensual content.

• The incident highlights ongoing challenges in securing AI-generated content and preventing the exploitation of individuals.

[RSnake: Gross, but fully expected. A lot of CSAM was in this database, as well as ‘nudified’ real images of real people.]

Source: https://www.wired.com/story/huge-trove-of-nude-images-leaked-by-ai-image-generator-startups-exposed-database/

Tesla CEO Elon Musk says drivers can text while driving with the company's Full Self-Driving software enabled, despite texting being illegal in nearly all 50 states, and safety experts disagree that this feature is safe.

• Tesla’s FSD rollout has hit snags, with the U.S. Department of Transportation alleging its software violated traffic laws and led to six crashes.

• The NHTSA cited data from 18 complaints by Tesla users claiming the FSD-equipped cars ran red lights or swerved into other lanes, including into oncoming traffic.

[RSnake: It’s not clear if he means they technically can or legally can. Of course, I can technically do it while I am driving any car, but I probably should not. 😆  The joke goes, What’s the difference between a drunk driver and a driver who is texting? At least in the case where the driver is intoxicated, someone is driving.]

Source: https://fortune.com/2025/12/05/elon-musk-tesla-owners-texting-driving-full-self-driving-illegal/

A new SVG filter technique enables advanced forms of clickjacking, allowing attackers to create complex interactions within cross-origin iframes. This method includes the ability to read pixel data and execute logic, which transforms how clickjacking can be conducted, making it more sophisticated and harder to detect. Additionally, this technique opens possibilities for data exfiltration through phishing-like scenarios, such as convincing users to scan QR codes leading to malicious URLs.

• New SVG filter technique enhances clickjacking capabilities.

• Attackers can create advanced interactive scenarios using pixel reading and logic.

• Potential for complex phishing attacks through QR codes.

[RSnake: I read through this paper, and while it is novel and interesting, it is a little different than the original UI-Redressing attacks that Jeremiah Grossman and I came up with a decade ago. But it is cool to see that the state of the art is evolving. We did investigate some similar ideas that this person did, but at the time, it wasn’t possible. Glad to see people are still working on it.]

Source: https://lyra.horse/blog/2025/12/svg-clickjacking/

Researchers have found that Intellexa, a spyware maker under U.S. sanctions, allegedly provided its staff with direct access to the surveillance systems utilized by government clients, potentially exposing private data of various individuals under surveillance. This practice contradicts industry norms, where spyware companies typically maintain a distance from the data handled by their customers to mitigate legal liability. The leak raises significant implications regarding privacy and security for espionage targets across multiple countries.

• Intellexa's spyware allegedly allowed internal staff access to customer surveillance systems.

• The findings indicate significant risks to privacy and security for the individuals targeted by the spyware.

[RSnake: Yeah, I don’t love this, but it is to be expected that if there is a way to spy, people will use it. It’s inherent in people’s nature, I think.]

Source: https://techcrunch.com/?p=3072829

A novel GAN-based model detects AI deepfakes and fraudulent activities in online payments, achieving a detection rate above 95%. Traditional security systems struggle to identify these sophisticated forms of fraud. This approach significantly improves the robustness of payment systems against AI-driven fraud.

• The proposed model enhances online payment security by identifying subtle manipulations in payment images.

• The results demonstrate that the proposed model can accurately distinguish between legitimate transactions and deepfakes.

[RSnake: This is an arms race, but I do think it’s useful to have these tools available. At a minimum, it’ll work on older models, but that’s still sometimes useful.]

Source: https://arxiv.org/abs/2501.07033

The FBI's Internet Crime Complaint Center is warning consumers about account takeover scams where threat actors pretend to be from trusted financial institutions, and the consequences can be severe, including full control of accounts and money, with stolen credentials being used to wire funds to cryptocurrency wallets.

• The FBI warns consumers about account takeover scams where threat actors pretend to be from trusted financial institutions, and the consequences can be severe.

• Scammers may use social engineering tactics, such as phishing sites, to obtain login credentials and gain access to financial and personal data.

[RSnake: Yep, if you get one of these calls tell them you will call them back on the 1-800 number on the back of your card or from the website. Don’t discuss details on inbound calls.]

Source: https://lifehacker.com/money/bank-fraud-scam?utm_medium=RSS

Scientists have developed a system using telecom fiber-optic cables to detect earthquakes with greater detail than traditional seismic networks.

• The researchers used 15 kilometers of telecom fiber near Mendocino, Calif., to record the region’s biggest earthquake in five years and captured its details in fine detail.

• The system can improve earthquake early-warning systems, especially for coastal cities vulnerable to offshore quakes and tsunamis.

[RSnake: Very cool. This is similar to how LIGO works, only on a local level and using perturbations in the line vs stretching.]

Source: https://www.scientificamerican.com/article/telecom-fiber-optic-cables-measured-an-earthquake-in-incredible-detail/

Artificial Intelligence / Human Intelligence: Who Controls Whom? explores the challenges posed by AI decision-making, cognitive biases, and the need for regulation and digital literacy. AI reproduces and exploits human biases, shaping decisions and judgments. Education and regulation are key to addressing societal challenges raised by AI.

• The cognitive decision-making process is influenced by cognitive biases that affect our behavior and choices.

• AI not only reproduces these biases but can also exploit them, with the potential to shape our decisions and judgments.

[RSnake: Then there is a feedback loop where we write content on the Internet using LLMs and then the LLMs read it and feed off the data, and we see “the great middling” of content, stochastically.]

Source: https://arxiv.org/abs/2512.04131

As of December 2025, progress on the rePalm project has led to successful implementations of PalmOS on various hardware platforms, including the Pixter Color, STM32 boards, and even the Axim X3. Significant challenges have been addressed, such as developing custom drivers for audio, graphics, and memory management to ensure compatibility with legacy software and hardware limitations, particularly in terms of memory and processing power.

• The rePalm project is enabling legacy PalmOS applications to run on modern hardware, addressing various technical challenges.

• Development has included creating custom drivers and optimizations for audio, graphics, and memory management to facilitate smooth operation.

[RSnake: Lol, cool project, but also a little stupid. That said, perhaps it can bring new life into devices that have limited or no service support anymore.]

Source: https://dmitry.gr/?r=05.Projects&proj=27.%20rePalm#pixter

A new framework called Mind-to-Face has been developed, which decodes EEG signals into photorealistic facial expressions, enabling enhanced avatar systems. This technology leverages synchronized EEG and facial video to predict dynamic facial expressions, showcasing richer emotional and geometric information encoded in neural signals. It marks a significant advance in avatar interactions in immersive environments, paving the way for more personalized and emotion-aware communication.

• Mind-to-Face decodes EEG signals for facial expression synthesis.

• Technology improves avatar interactions by capturing emotions accurately.

[RSnake: Interesting. This has some weird implications for what is possible to do when you are creating virtual worlds, and you want hyper-realistic facial expressions based on what the actual user is feeling/doing, especially when they have big goggles on their face that make photography of their face a little less practical.]

Source: https://arxiv.org/abs/2512.04313

The Pickle Robot Company has developed autonomous robots capable of unloading trucks and transporting boxes within warehouses, addressing high turnover rates and injury risks associated with manual unloading tasks. These robots utilize generative AI, machine-learning algorithms, and advanced sensors to improve efficiency and performance in logistics. The company is scaling its technology deployments with several major customers, aiming to automate more processes in the supply chain.

• The Pickle Robot Company has created robots that can autonomously unload trailers and improve warehouse logistics.

• The robots incorporate generative AI and machine-learning techniques to adapt to new environments and tasks.

• The company aims to revolutionize supply chain automation while addressing labor challenges in warehouses.

[RSnake: Robotics are going to have a huge deflationary impact on GDP. We need to be thoughtful about what those people that we displace are going to be doing in the future, and in this context, immigration is even more dangerous, because we will need fewer people to do work.]

Source: https://news.mit.edu/2025/robots-spare-warehouse-workers-heavy-lifting-1205

Luana Lopes Lara, a 29-year-old entrepreneur, has become the youngest female self-made billionaire after her startup Kalshi reached an $11 billion valuation. The company is the first federally regulated prediction market platform in the U.S., allowing users to bet on the outcomes of various events.

• Luana Lopes Lara founded Kalshi, a prediction market startup.

• The company achieved an $11 billion valuation, making her the youngest female self-made billionaire.

[RSnake: Good for her! Very impressive.]

Source: https://fortune.com/2025/12/04/meet-luana-lopes-lara-the-29-year-old-ballerina-spent-college-summers-working-for-ray-dalio-worlds-youngest-female-self-made-billionaire-millennial-kalshi-wealth/

Netflix has announced a definitive agreement to acquire Warner Bros. for $83 billion, which includes its film and television studios as well as HBO Max and HBO. This acquisition marks a significant consolidation in the media and entertainment industry, likely impacting content distribution and production strategies across platforms.

• Netflix is acquiring Warner Bros. for $83 billion.

• The deal includes Warner Bros. film and television studios, HBO Max, and HBO.

[RSnake: We shall see. The Directors Guild is opposing it because it degrades the academy and the movie theater experience.]

Source: https://abcnews.go.com/Entertainment/video/netflix-set-buy-warner-bros-deal-valued-83-128158039

A welfare fraud scandal in Minnesota has come to light, involving alleged fraudulent activities that cost taxpayers up to $1 billion. Numerous individuals, including elected officials, are implicated in the misuse of funds intended for Medicaid and federal child nutrition programs, raising questions about accountability within the state’s welfare systems.

• A fraudulent scheme exploiting Medicaid and child nutrition funds has led to multiple indictments in Minnesota.

• Elected officials, including Rep. Ilhan Omar, are under scrutiny for their connections to the fraud, prompting discussions on welfare program integrity.

[RSnake: Now the question is what impact will this have regarding payments made to Al Shabaab, which is a known terrorist organization, and if she was aware of any of that… well… off to jail she goes, presumably.]

Source: https://www.dailywire.com/news/what-did-ilhan-omar-know-and-when-did-she-know-it

Australia has implemented a world-first social media ban for children under 16, with fines for companies that fail to comply, as part of efforts to protect young users from online harms.

• The Australian government is banning social media platforms for kids under 16 due to concerns about online safety and the impact of social media on children.

• Companies that fail to comply with the ban may face fines of up to $49.5 million.

[RSnake: Probably not a bad idea for their mental health. But they’ll find a way around it for sure. Kids thrive in small groups anyway, so they’ll switch to signal groups or telegram groups or the like.]

Source: https://www.bbc.com/news/articles/cdxekqryn1jo?at_medium=RSS&at_campaign=rss

Fox News has outperformed its competitors in viewership metrics during November 2025, maintaining a strong lead over CBS and NBC. It also dominated the cable news market, outperforming CNN and MSNBC, which have experienced historic lows in their audience ratings.

• Fox News averaged 3.2 million weekday primetime viewers, making it the second-highest-rated network in all of television.

• During November, Fox News held 57% of the cable news share in total day and 58% in primetime.

[RSnake: That’s a little surprising that they made gains, given that the market tends to be moving off of traditional media in general.]

Source: https://www.foxnews.com/media/fox-news-extends-lead-over-cbs-nbc-key-category-through-november

The global adoption of lithium-ion batteries has surged as prices have significantly decreased, making them a vital component in enhancing the reliability of electric grids. These batteries store energy for later use, enabling better management of renewable energy sources like solar and wind. As a result, they reduce reliance on traditional power plants and contribute to a more stable electricity system worldwide.

• Lithium-ion batteries are now essential for stabilizing electric grids by providing energy storage.

• The cost of battery technology has fallen, promoting widespread global usage alongside renewable energy sources.

[RSnake: Let’s hope that the supply chain doesn’t get interrupted.]

Source: https://www.nytimes.com/2025/12/05/business/energy-environment/battery-prices-electric-grids.html

Procurement teams are turning corporate climate goals into measurable outcomes through smarter sourcing and deeper supplier partnerships. Confidence in procurement's ability to deliver results is increasing, with 91% of procurement leaders now feeling equipped to meet sustainability targets. Procurement is becoming a powerful lever for sustainability by providing real-time operational capabilities and identifying areas for reduction.

• Procurement teams are using digital supplier networks and product-level carbon tracking to connect purchasing decisions directly to carbon outcomes.

• Digitalization of supplier engagement is fostering inclusion across supplier tiers and enabling procurement leaders to move from reactive compliance to proactive collaboration.

[RSnake: This is all quite silly in the modern age, where we are racing to be the first in AI, robotics, military, and semiconductors. I don’t mean to be rude to those who care deeply about the environment, but we really have to get our priorities straight, because otherwise China will win, and they, my friends, do not give one shit about ecology or the well-being of the Western way of life.]

Source: https://www.supplychainbrain.com/blogs/1-think-tank/post/42934-procurements-climate-power-play-turning-strategy-into-measurable-impact