RSnake Report 20250421

Hello, and thanks for reading! Also, happy Easter! 🥚 I hope you managed to spend some time hunting eggs with the kids and enjoying good food with family and close friends, like I did. We’re really blessed, and so it is always lovely to see those around you in such a good mood. A few too many carbs hit my lips, but I am fairly sure I’ll be able to keep them off my hips. I hope it was a nice one for you and yours!

Starting with the Russia-Ukraine conflict, the Ukrainian 56th Motorized Brigade recently showcased its "Shablya," a remote-controlled robotic turret. This feels a little like an alpha version of the robot from Robocop, if you remember. But this is more or less what I have been saying needs to exist for a very long time. Remotely controlled sniper positions. This makes it nearly impossible to take a position without losses, and all the adversary gains if they win… is a gun. Not the kind of thing that improves morale for the adversary, and allows people thousands of miles away to be combat effective with little more than a power source and an Internet connection of some kind, if you can do that without getting the Internet connection detected.

Meanwhile, the introduction of the Alligator-9 unmanned naval drone adds another layer to Ukraine's maritime capacity. This waterborne drone could house anything from laser complexes like the Trident 90 to smaller drones like the Alligator 5 ToD, operating as kamikaze units or torpedoes. Its low radar observability is notable, as this is the first time I have seen stealth tech of any kind used seriously and openly in this conflict. Either way, I could see a large water kamikaze drone armed with smaller kamikaze drones could easily overwhelm ship defenses.

On the psychological front, Ukrainian POW surveys have given some context to what weapons appear to be working and which aren’t. The short of it is that MRLS, mortars, and aircraft attack so infrequently as to be not an issue for Ukrainian front line forces. The only thing that appears to matter to them is Russia’s drones. This means to me that the front line is a lot more evenly matched in terms of drone tech than has been reported, and that drones are even more of a future challenge to Western troops than perhaps we even gave them credit for. At perportedly north of 50% and probably more like 80% of the kills, that’s pretty notable. But if properly prepared, it might account for even more in a future war.

Germany is stepping up its support for Ukraine as well, with a commitment to supply long-range Taurus missiles with a range of 500 km. This move should have Russia shaking in their boots, as Friedrich Merz, the likely next German chancellor, emphasized the need to arm Ukraine with the tools necessary to turn the tide of this prolonged conflict. It’s in part a reminder that while drones steal headlines, long-range precision munitions may yet have a more significant strategic impact.

Czech-Ukrainian collaboration is also noteworthy this week, with the unveiling of the UNEX UGV, a larger unmanned ground vehicle capable of navigating bumpy terrains more effectively than its predecessors. I really like these much larger designs for handling rougher terrain. It’s like those scooters people race around on - those wheels are so small, even the tiniest crack in the pavement can send a drunken frat guy flying. Bicycles don’t have that problem because they can roll over the cracks. This is similar. For uneven terrain, you want big knobby wide tires and high ground clearance. Right now, these things look more like transport, but I could see the chassis being repurposed.

Perhaps the most alarming report this week involves youth in Ukraine. Children as young as ten are being trained in secret military boot camps. Now, half of me thinks… good, these kids likely will be exposed to a lot of weapons, and they should be demystified. But the other half of me thinks child soldier. For now, it is only the former, and we have not seen recruitment earlier than 18 years old, but if that changes, so will my opinion of the situation.

Meanwhile, on the Russian side of the ledger, I saw the fab process for the "Mini-FAB 2500" drone munition, a 2.5 kg device that packs a punch with its fragmentation pattern formed by a 3 mm thick steel pipe cut through a laser. I really liked this video because it gives a lot of insight into how modern machining work can create really effective fragmentation from a single chunk of metal. This wouldn’t have been possible 40 years ago, or at least not in anywhere near the precision or speed.

Across the pond in Europe, the legal and political landscape is stirring up quite the conversation, particularly in the United Kingdom. The UK Supreme Court has made a significant ruling, reaffirming that "sex" in equality law refers to biological sex at birth. This firm stance is increasingly putting Britain at odds with broader European norms and has sparked a dialogue about the boundaries of gender identity in legislation. Dr. Frederick Attenborough from the Free Speech Union implied that while it may resonate with some, it also risks alienating the UK from progressive trends across the continent.

Meanwhile, it's hard to ignore the shocking news of the passing of Pope Francis. As his legacy is contemplated, the world waits with bated breath to see who will step into such an influential role in the Catholic Church. The transition of power in such a significant institution will inevitably stir emotions and reactions from millions of people. He fittingly died on Easter. I think the Church has an interesting chance to reflect on how it discusses a lot of geopolitical issues. So we shall see what happens.

In Southeast Asia, the economic landscape is buzzing with some provocative insights surrounding tariffs and manufacturing. A compelling argument is emerging that suggests it may be more advantageous for U.S. consumers to bypass traditional retail routes and buy directly from Chinese manufacturers, despite the pesky tariffs. As Bill Clinton opened the floodgates for U.S.-China trade, perhaps it’s time for corporations to reconsider their model and give American manufacturing a shot in the arm. This would not only mitigate the risks of intellectual property theft and supply chain disruptions but could also fuel job creation domestically. But it does show an increasing rhetoric of panic from Chinese manufacturers who really want the US business. Even if the tariffs are 100% higher, it’s still cheaper than buying it with the brand name attached. The question is, does the American buyer care about brand, care about US loyalty, or neither?

For instance, let’s talk about luxury brands. A recent Chinese propaganda exposé revealed that a $38,000 Birkin bag only costs a fraction of that to produce. Do people want quality? Well, then why not eat the tariff and buy directly? Of course, they may even do a different deal where they say it isn’t worth anything to reduce tariffs. These Chinese retailers aren’t worried about lying to the US government.

Then there's the avalanche of TikTok videos featuring luxury brands purportedly made in China. This marketing blitz aims to preserve China’s manufacturing reputation amidst criticisms of quality and origin. However, if consumers start to see Louis Vuitton and Dior as mere rebrands of Shenzhen products, the illusion of luxury may be shattered. I keep saying that China isn’t a market for western goods, and if now they are seeing that by even giving China the blueprint for their goods, they can make perfect knock-offs, that might further dissuade the western luxury brands at minimum from wanting to work with China. We shall see, but this does feel like desperation.

Turning to military developments, U.S. Defense Secretary Pete Hegseth raised the alarm over China's military prowess, emphasizing that their hypersonic weapons could reportedly sink all U.S. aircraft carriers in just 20 minutes. Such statements don’t just reflect a growing concern over U.S. naval capabilities, but they also stir debates about the shifting balance of power in the Asia-Pacific region. This is technically an old statement he made that is resurfacing, but I don’t think it’s crazy to think that the US needs a lot more counter-missile defense that can handle these Mach 5+ ballistic and hypersonic weapons.

Changes in shipping dynamics could significantly bog down the U.S.-China trade line. The announcement that half of U.S.-Chinese shipping routes will be canceled due to a backlog of containers at Chinese ports paints a grim picture for anyone reliant on these logistics. Most importantly, it signals to me that the situation is much worse for China than the 10-20% of products at risk due to the US being such a small part of their economy. If the ports close, all trade closes, so that a minor disruption turns into a major one quite quickly.

And if that's not enough to stir the pot, a Chinese official’s recent comments dismissing Americans as "peasants" and warning them about the backfire of Trump's tariffs offer a pointed reminder of the ongoing tensions. Xia Baolong’s assertion that these tariffs will have a much broader implication for U.S.-China relations is an understatement, but hurling insults is a new low for the CCP. It is also the prelude to a fight if I know anything about prison etiquette.

In the Middle East, the Houthi civil war in Yemen intensifies as the Yemeni Presidential Leadership Council (PLC) is reportedly marshaling a staggering 80,000 troops for a significant offensive to reclaim the port city of Hodeidah. This move, poised to be the largest offensive in the ongoing conflict, could decisively shift the power dynamics in favor of the globally recognized government, which is supported by the United States, Saudi Arabia, and other Gulf nations. As military assets are mobilized, the long-anticipated recapture of Hodeidah could pave the way for a broader strategy aimed at retaking the Houthis' bastion in Sana’a. This will not be an easy fight, even if everything goes well. The Houthis are dug in, well financed, and have had years to prepare.

In the United Arab Emirates, environmental concerns are surfacing amid reports of a Russian fuel oil spill, with locals lamenting the pungent stench that allegedly travels five kilometers from the affected beaches. I wrote about this in my other infrequent newsletter, Counterfactual Geopolitics. Russia’s lax stance on these ships may be one of the things that is most likely to galvanize the wealthy against the Oligarchs and Russia writ large.

Meanwhile, a significantly underreported yet potentially pivotal development is Saudi Arabia's decision to pay off Syria's World Bank debt. This move foreshadows a significant geopolitical realignment in the region. By alleviating Syria's financial burdens, Saudi Arabia may be strategically positioning itself to facilitate the transit of the planned trans-Arabian pipeline through Syrian territory… that is my guess anyway. The new Syrian government is a lot more pliable than Assad’s regime was, and that makes them relatively good business partners for everyone around them who wants to see progress in the region. Keep in mind, though, they were former ISIS, so… keep those fingers crossed they don’t take up that mantel again. 🤞 

The domestic landscape is buzzing with developments that carry weight across the political spectrum, particularly in the realm of lawfare aimed at former President Donald Trump. Representative Laura Friedman from California has pulled back the curtain, revealing that House Democrats are engaging in weekly meetings with left-leaning attorneys general to devise legal strategies against Trump’s agenda. So if you are wondering if there isn’t active dissent, look no further. Some of it could actually be reasonable legal battles, and others, just halting progress. I do think it is funny that “progressives” want to stop the progress of this administration - the irony. Make no mistake, good or bad, this administration is innovative in a way Biden’s administration wasn’t. At some point, I’ll talk more about the economic side of what is happening when things get a little further along, but there are some interesting plans afoot for the sovereign wealth fund and repatriation of overseas capital.

Paranoia is mounting over the proliferating number of Chinese transformers within the U.S. electrical grid. Concerns are swirling about potential remote backdoors that could compromise national security. We apparently were about to stop buying them and even replace them, but the Biden administration halted that order, and now we have even more of them - somewhere north of 400 in total. Fantastic.

Adding to the urgency, U.S. military initiatives are ramping up as General Randy George has directed a swift acceleration of the Abrams tank development process. I have heard a number of times that the most effective battlefield armor has been the M1A1 in Ukraine; it is just that there are so precious few of them that they can’t make a meaningful change to the battle space. But that signals that these will be extremely useful in times to come.

Meanwhile, the defense sector is also exploring the integration of drone technology to improve early warning and detection systems. This technological pivot reflects an understanding of the changing nature of modern warfare, where intelligence and rapid response can determine victory or defeat.

Another notable story brewing relates to the aftermath of a recent explosion at a Northrop Grumman missile plant. Details are still emerging. There doesn’t seem to be a lot of casualties, other than to our ongoing effort to re-modernize and re-stock our depleted resources that went to Ukraine.

4chan was pretty badly hacked this week due to an outdated PostScript library. Honestly, I don’t think the adversaries were all that good because they said that the email addresses were hashed, and therefore they couldn’t decloak people. Huh? Why not just buy a massive email list and hash that list and see which ones match? You may not get everyone, but you’d get a ton of users. There are some lists out there that are close to a billion email addresses. This isn’t that difficult to do a hash and compare test. So either they aren’t very good, like I said, or they are intentionally hiding their understanding. Either way, bad news for the anons who relied entirely on obfuscation.

In other hacking news, I spotted this very sophisticated phishing scheme using long OAUTH names that looks like a message to the user. Google claims things are working as expected, despite the fact that they are rendering OAUTH messages as emails from Google. Not great, but also very typical for Google.

NVIDIA has decided to open more production here in the US and will build the entire AI system for at least some of their supercomputers here in the United States. They are building a manufacturing plant in Texas. Yeehaw. 🤠 

In a different vein, the auto industry is facing its challenges, with recent statistics indicating that U.S. car loan applications are being rejected at the highest rate in over a decade. That is not a good sign for the economy. People are far less solvent, and they can’t get lines of credit, which is a bad combo.

Okay, onto the articles!

Israeli airstrikes have resulted in the deaths of 92 Palestinians and left at least 219 injured in Gaza over two days, as reported by the territory's Health Ministry. The conflict escalates as Israel enforces a blockade and demands that Hamas disarm, which the group has refused, insisting on a ceasefire instead.

• Israeli attacks have intensified, leading to significant civilian casualties and injuries in Gaza.

• There is an ongoing humanitarian crisis due to a blockade preventing aid, food, and fuel from entering Gaza.

[RSnake: I have seen some footage of ambushes by Hamas in the northern parts of Gaza. They are still very much there and fighting back in small pockets. Literally every last one of them has to be neutralized or removed for that region to be safe for Israelis or Westerners.]

Source: https://www.aljazeera.com/news/2025/4/19/israeli-bombardment-kills-92-in-two-days-gaza-government?traffic_source=rss

The US military conducted air strikes on the Ras Isa oil terminal in Yemen, resulting in at least 74 deaths and 171 injuries, targeting the Houthi movement's fuel supplies. This incident marks a significant escalation in the conflict as it follows intensified US military actions in response to Houthi attacks in the region, particularly those linked to the ongoing Israel-Gaza war. The Houthis claim the terminal was a civilian facility and that the strikes constitute a war crime, while Iran condemned the US actions as barbaric.

• US air strikes on a key oil terminal in Yemen killed at least 74 people.

• The strikes aim to cripple Houthi supplies amidst ongoing regional conflicts.

• Iran condemned the US military actions as barbaric and called for accountability.

[RSnake: I wouldn’t be surprised if the Houthis end up with no infrastructure at all. But something about that doesn’t mean much. These are people who live fairly meager lives to begin with.]

Source: https://www.bbc.com/news/articles/clywg335680o

Ukrainian President Volodymyr Zelenskyy expressed skepticism over Russian President Vladimir Putin's announcement of a temporary ceasefire during the Easter holiday, citing ongoing assaults and drone activity in Ukraine. Zelenskyy stated that Ukraine remains prepared to respond appropriately to Russia's actions and emphasized a 30-day truce proposal still under consideration. The conflict, ongoing for over three years, has led to significant casualties on both sides since the Russian invasion began in February 2022.

• Zelenskyy doubts Putin's ceasefire claims due to continued military operations.

• Negotiations for a potential 30-day truce are still on the table.

• The conflict has resulted in substantial loss of life since 2022.

[RSnake: We shall see in the next few days how that holds up.]

Source: https://www.foxnews.com/world/ukraines-zelenskyy-skeptical-putins-easter-ceasefire-says-previous-truce-proposal-us-ignored

The Trump administration is deporting alleged MS-13 gang member Kilmar Abrego Garcia, a comparison was made to the tactics used by the Nazis during the Holocaust.

• The Trump administration is deporting an alleged MS-13 gang member from the U.S. using tactics that some are comparing to those of the Nazis during the Holocaust.

• The comparison between the Trump administration's deportation policies and Nazi tactics has been made by Chris Matthews on his podcast, citing historical examples of mass deportations and killings.

[RSnake: Deporting civilian citizens who have never committed a crime is a bit of a stretch to compare against returning gang-affiliated non-citizens to their own country of origin after being here illegally. Bit of a far cry, but if it was done legally is ’s another story.]

Source: https://www.foxnews.com/media/chris-matthews-says-trump-doing-same-thing-hitler-did-in-holocaust-abrego-garcia

The United States is actively securing access to critical minerals through various international agreements with countries like Ukraine, the DRC, Uzbekistan, and Peru in a strategic effort to reduce dependence on China's supply chains. This approach is part of a broader campaign to ensure a stable supply of these resources, crucial for advancing technology and energy independence, while also establishing political influence in key regions worldwide.

• The US is forming strategic partnerships to gain access to vital mineral resources critical for technology and defense.

• China currently dominates the global supply chain for critical minerals, prompting the US to aim for independence through diversification.

[RSnake: That and oceanic mining too. The problem is that it is a big exploration effort. But the good news is it is not that crazy expensive because you don’t have to go through so much rock to get to the minerals. The bad news is that it can wreak havoc on the sea life.]

Source: https://www.eurasiantimes.com/?p=236797

The US Department of Defense needs to focus on agility and innovation to outpace its adversaries in global power competitions, rather than just increasing spending.

• The US needs a whole-of-nation approach to national security that includes academia, research institutions, and the private sector.

• Industry must prioritize speed and agility over meeting static requirements documents and focus on delivering real-world results.

[RSnake: Some of this can come from that new Sovereign Wealth Fund. More to come on that.]

Source: https://www.realcleardefense.com/articles/2025/04/18/innovation_in_defense_is_interesting_but_agility_is_everything_1104891.html

A powerful 7.7 magnitude earthquake has struck central Myanmar, leading to significant destruction and a rising death toll, with at least 3,000 confirmed dead. In addition, South Korea's constitutional court has upheld the impeachment of President Yoon Suk Yeol following his declaration of martial law, further adding to the political turmoil in the country.

• A 7.7 magnitude earthquake in Myanmar has resulted in over 3,000 deaths and widespread destruction.

• South Korea's constitutional court has unanimously upheld the impeachment of President Yoon Suk Yeol.

[RSnake: Wow, that’s awful. That is a big number of people lost. Largely, that stems from bad building construction due to lax or non-existent building code quality on fault lines.]

Source: https://www.bbc.com/news/videos/ce8gz5vl2z1o

North Korea has become a significant supplier of artillery ammunition to Russia, providing approximately 50% of the ammunition used in the Ukraine conflict, which includes millions of rounds and various military equipment. This relationship appears to strengthen military cooperation between North Korea and Russia, with implications for global security dynamics as concerns grow over an emerging alignment with China.

• North Korea is supplying nearly half of the artillery ammunition used by Russian forces in Ukraine.

• The alliance between North Korea and Russia includes military technology transfer and possibly troop deployments to assist in combat operations.

[RSnake: Wow, that’s not a great thing for multiple reasons. It’s bad for Ukraine, but it is also making them more proficient. That means their own ability to wage war will increase. My only hope is that they run out of raw materials if this continues.]

Source: https://www.eurasiantimes.com/?p=236583

The Department of Homeland Security is building a comprehensive surveillance tool by integrating various immigration-related databases, including those from the Social Security Administration and the IRS, to monitor undocumented immigrants in the U.S. This centralization of sensitive data raises significant privacy concerns and could potentially enable the government to track individuals in real-time. There are allegations of misuse of data and insufficient oversight for the privacy and security of this information within the federal government.

• DHS is creating a master database to track undocumented immigrants by combining various government data sources.

• The centralization of sensitive data may violate privacy rights and could lead to unintended consequences for citizens and undocumented individuals alike.

[RSnake: The reaction I heard on this from the left is, “but then illegal aliens won’t pay their taxes”. To which I am more confused, not less confused by their argument. Are illegal aliens a big part of the income tax revenue for the US?]

Source: https://www.wired.com/story/doge-collecting-immigrant-data-surveil-track/

The United States has intensified its military operations against the Houthi rebels in Yemen, resulting in significant civilian casualties from airstrikes on an oil port. The strikes have been confirmed by U.S. Central Command, which links the Houthis to Iranian support and the illicit smuggling of fuel. In response, the Houthis condemned the attacks as violations of Yemeni sovereignty, claiming they specifically target civilian infrastructure.

• U.S. military operations targeting Houthi rebels have escalated, resulting in civilian casualties.

• The U.S. military links the Houthis' actions to Iranian support and ongoing illicit activities.

• The Houthis denounced the attacks, stating they are attacks on civilian facilities and Yemen's sovereignty.

[RSnake: This will be a long/difficult one. It is only even meaningful if we intend to keep shipping and logistics working in that region. Once Gaza is safe, it may not make sense to protect that region, since there will be other ways to ship over land through Israel and friendly states.]

Source: https://www.zerohedge.com/geopolitical/single-deadliest-yemen-strike-trump-presidency-destroys-vital-oil-port

US air strikes on Yemen's Ras Isa oil port resulted in at least 38 deaths and 102 injuries, marking one of the deadliest attacks by US forces in the region. The strikes aimed to disrupt the economic power of the Iran-backed Houthi group, which has been actively responding to the ongoing conflicts in the region, including missile attacks against Israel. The incident has drawn significant condemnation due to the high civilian casualty toll and the strategic importance of the targeted facility for Yemen's imports and humanitarian aid.

• US air strikes in Yemen killed at least 38 people and injured 102, targeting the Houthi group's fuel sources.

• The strikes have raised significant international condemnation due to the civilian casualties and the impact on humanitarian supplies.

[RSnake: There will be a lot more if this civil war reignites, like it looks like it will.]

Source: https://www.aljazeera.com/news/2025/4/18/more-than-30-killed-80-injured-in-us-air-strikes-on-yemen-report?traffic_source=rss

Haiti is experiencing a severe escalation in gang violence, with only 10 percent of Port-au-Prince under government control. The situation has led to widespread displacement, with over a million people affected and acute food insecurity impacting approximately 5.5 million residents.

• Gang violence has surged in Haiti since late last year, resulting in horrific abuses against the population.

• Political instability and ineffective responses from international and governmental forces have exacerbated the crisis.

[RSnake: Haiti is lost. The question is, do we want to do anything about it or let it sort itself out? Gangs tend to weed each other out and eventually become corrupt governments. Is that preferable to have in our backyard?]

Source: https://www.aljazeera.com/news/2025/4/17/haiti-in-free-fall-as-violence-escalates-rights-group-warns?traffic_source=rss

A deadly shooting occurred at Florida State University, resulting in the deaths of two people and injuring six others. The suspect, Phoenix Ikner, a 20-year-old student, was neutralized by authorities, and his mother is a sheriff's deputy. FSU has canceled all classes and athletic events through Friday.

• The incident highlights the ongoing issue of gun violence in the United States.

• It also raises concerns about campus safety and security measures.

[RSnake: Awful. He stole his mom’s gun, from what I saw. She must feel awful.]

Source: https://www.foxnews.com/sports/florida-state-sports-alumni-brooks-koepka-jared-verse-others-react-deadly-campus-shooting

Bangladesh has uncovered a series of secret jails used for the unlawful detention of political opponents, particularly near Dhaka International Airport. Investigations suggest that these facilities were operated by the Rapid Action Battalion under the direction of former Prime Minister Sheikh Hasina, who has since fled to India amidst ongoing anti-government protests. The revelation has raised profound issues regarding human rights abuses and the treatment of dissenters in Bangladesh.

• Investigators discovered secret jails where political opponents were unlawfully detained and tortured.

• Former Prime Minister Sheikh Hasina is accused of overseeing these abuses and fled the country after mass protests.

• Survivors recount severe psychological and physical torment during their detentions.

[RSnake: Interesting. I suspect just about every country has these, either operating on the government’s behest or on the behest of another government.]

Source: https://www.bbc.com/news/articles/cly6lp567r8o

A critical security vulnerability in the Erlang/OTP SSH framework, identified as CVE-2025-32433, has been publicly disclosed, allowing unauthenticated attackers to remotely execute code on affected devices. As public exploits are now available, there is an urgent need for users to update their systems to mitigate potential attacks, particularly in sectors like telecommunications where this protocol is widely used.

• A critical flaw exists in the Erlang/OTP SSH protocol that permits remote code execution by attackers.

• Public exploits are available, raising immediate risks for numerous devices, especially in critical infrastructure.

[RSnake: This isn’t that common, but it’s not a good thing. Pre-auth attacks against open public services are always horrible.]

Source: https://www.bleepingcomputer.com/news/security/public-exploits-released-for-critical-erlang-otp-ssh-flaw-patch-now/

Apple has disclosed two zero-day vulnerabilities in its iOS devices that were exploited in sophisticated attacks against specific targeted individuals, with the technology giant providing minimal details about the threats and their exploitation.

• Two Apple zero-day vulnerabilities were discovered by Google's Threat Analysis Group (TAG), one affecting CoreAudio and the other Reconfigurable Processing Architecture Core (RPAC) in Apple chips.

• The vulnerabilities were exploited in attacks on iOS devices against specific targeted individuals, suggesting spyware or nation-state threat activity.

[RSnake: Time to patch up!]

Source: https://www.darkreading.com/vulnerabilities-threats/apple-zero-days-sophisticated-attacks

Threat actors are using social engineering tactics like ClickFix attacks to breach corporate networks, deploying file-encrypting malware, and exfiltrating sensitive data.

• Interlock ransomware gang uses ClickFix attacks to impersonate legitimate tools and trick victims into executing malicious PowerShell commands.

• Threat actors are adopting ClickFix tactics from other ransomware gangs and North Korean hackers, expanding the scope of these types of threats.

[RSnake: It’s a shame that we still have this problem decades into my career. It does feel like the web needs a top-down rethink.]

Source: https://www.bleepingcomputer.com/news/security/interlock-ransomware-gang-pushes-fake-it-tools-in-clickfix-attacks/

A Windows vulnerability (CVE-2025-24054) that exposes NTLM hashes using .library-ms files is being actively exploited in phishing campaigns targeting government entities and private companies, with minimal user interaction required.

• Check Point researchers have observed active exploitation activity for CVE-2025-24054 after patches became available, culminating between March 20 and 25, 2025.

• The exploit allows attackers to capture user'’ NTLM hashes, potentially leading to authentication bypass and privilege escalation.

[RSnake: This mostly affects companies once you have already been breached.]

Source: https://www.bleepingcomputer.com/news/security/windows-ntlm-hash-leak-flaw-exploited-in-phishing-attacks-on-governments/

Cybercrime is projected to cost the global economy $10.5 trillion annually by 2025, necessitating more advanced strategies for cybersecurity. With significant growth expected in global cloud spending, organizations must focus on protecting their data across various cloud environments and addressing regulatory and security challenges.

• Cybercrime is anticipated to reach an annual cost of $10.5 trillion by 2025.

• Growth in global cloud spending is making cloud security a top priority for organizations.

[RSnake: I really wonder how they come up with these numbers. But if the estimate that the industry goes to 2T in the next ten years, yeah, maybe it’s not too far off.]

Source: https://cybersecurityventures.com/?p=33443

Funding for the Common Vulnerabilities and Exposures (CVE) program, which supports cybersecurity infrastructure in the U.S., is at risk of being cut off, potentially leading to severe disruptions in tracking security vulnerabilities. Experts warn that the discontinuation of CVE services could leave the global cybersecurity community without a standardized method for managing vulnerabilities, ultimately jeopardizing national and international security efforts.

• Funding for the CVE program is set to expire, risking loss of critical cybersecurity infrastructure.

• Experts fear that without CVE, coordination on security vulnerabilities will break down, leading to a national security threat.

[RSnake: I’m going to refrain from talking too much about this due to how close I am to the issue, but I sincerely hope it is resolved soon.]

Source: https://www.bleepingcomputer.com/news/security/mitre-warns-that-funding-for-critical-cve-program-expires-today/

A whistleblower from the National Labor Relations Board (NLRB) has raised alarms about the Department of Government Efficiency (DOGE), claiming that its employees, connected to the Trump administration and led by Elon Musk, accessed sensitive labor data without proper oversight. Reports suggest that DOGE attempted to hide their activities by disabling monitoring tools and deleting access logs, resulting in potential data exfiltration that might violate various laws protecting employee rights and privacy.

• A whistleblower has disclosed that DOGE employees may have improperly accessed and exfiltrated sensitive labor data from the NLRB.

• Concerns have been raised about potential violations of privacy laws and the impact on labor rights due to unauthorized access to confidential information.

[RSnake: Matt Johansen broke this story to the infosec community, from this article. It is hard to say what happened here yet, but likely, creds were stolen and repurposed by Russian hackers, or someone/some organization used a hacked Russian IP. How they stole those creds in the first place is the real question, though. That points to a primary infection somewhere else - or an insider.]

Source: https://www.npr.org/2025/04/15/nx-s1-5355896/doge-nlrb-elon-musk-spacex-security

Over 16,000 Fortinet devices have been compromised due to a symlink backdoor, allowing threat actors to maintain read-only access to sensitive files even after vulnerabilities were patched. This ongoing issue stems from attacks that began in 2023 and highlights the importance of robust cybersecurity measures to prevent unauthorized access.

• More than 16,600 Fortinet devices are currently compromised.

• A symlink backdoor allows persistent read access to sensitive files on these devices.

[RSnake: I’m going to officially state it here. Suppose you’re still using Fortinet. Stop. Time for a forklift update. I’m going to start saying that more and more, but you don’t have to guess too hard which ones I’m going to say that about.]

Source: https://www.bleepingcomputer.com/news/security/over-16-000-fortinet-devices-compromised-with-symlink-backdoor/

New Jersey is suing Discord for allegedly violating child safety laws, alleging the platform recklessly exposed children to harassment and abuse despite knowing its safety features were ineffective. The lawsuit makes it the first state to sue Discord, which has 200 million monthly active users, including a significant portion of children. Discord's safety features are alleged to be misleading and lax.

• Discord does not verify user age through any means other than requiring users to enter their date of birth when creating an account.

• The platform makes it simple for malicious actors to send children explicit content due to its default safety settings.

[RSnake: Not sure how Discord would solve that problem exactly. It’s not like it was ever really meant to be used by kids - they don’t vet their users at all. Maybe that’s their point?]

Source: https://www.fastcompany.com/91318972/new-jersey-is-suing-discord-for-allegedly-violating-child-safety-laws

Global electricity consumption for AI chipmaking has surged by 350% over the past year and is projected to grow significantly, leading to a 170-fold increase in demand by 2030. The production of AI chips is highly energy-intensive and primarily reliant on fossil fuels, which will contribute to a significant rise in emissions and environmental impact if current trends continue.

• Global electricity demand for AI chipmaking is expected to increase 170-fold by 2030.

• The production of AI chips has a significant environmental footprint, linked to fossil fuel-based energy sources.

[RSnake: Interesting, I could consider that second-order electrical usage increasing.]

Source: https://www.supplychainbrain.com/articles/41547-report-ais-power-problems-run-deeper-than-data-centers

The number of satellites in low Earth orbit has rapidly increased, reaching over 10,000, primarily due to projects like SpaceX's Starlink, which alone plans to launch tens of thousands more. This proliferation of satellites contributes to significant light pollution, impacting astronomical research and observations of celestial bodies. Concerns have been raised by astronomers and organizations advocating for the regulation of light pollution in the night sky.

• The launch of thousands of satellites is causing increased light pollution.

• Astronomers are advocating for regulation to protect the night sky.

[RSnake: Oh, interesting. Yeah, but the real long-term solution isn’t ground-based space telescopes anyway. It’s things like James Webb and ideally a swarm of them to act like parts of a giant mega-lens.]

Source: https://www.thisiscolossal.com/2025/04/a-stunning-image-of-the-australian-desert-illuminates-the-growing-problem-of-satellite-pollution/

Researchers at MIT have developed a new technique to improve the accuracy of AI-generated code, making it more aligned with the rules of various programming languages. This method enhances computational efficiency and allows smaller AI models to outperform larger models in code generation tasks, potentially benefiting non-expert users by simplifying complex queries in systems like SQL. The innovation has implications for programming assistants, data analysis, and scientific discovery tools.

• A new method improves AI code generation accuracy and efficiency.

• Smaller AI models can now outperform larger ones in generating structured outputs.

• The technique could make programming more accessible to non-experts.

[RSnake: That’ll be good. I don’t think cursor (for instance) has a hard time with rules of programming, but it wouldn’t hurt to get it better.]

Source: https://news.mit.edu/2025/making-ai-generated-code-more-accurate-0418

NASA's PUNCH mission, launched into low-Earth orbit, is focused on capturing images of the solar corona and solar wind to better understand these phenomena that impact Earth. The mission consists of four satellites that work together to provide real-time data on solar activity, which is crucial for protecting Earth's electronic infrastructure from solar storms. Scientists are currently commissioning the instruments, with full scientific observations set to begin in June 2025.

• NASA's PUNCH mission aims to monitor the solar corona and solar wind.

• The mission consists of four satellites designed to work together for observing solar activity.

[RSnake: Cool. Some of the new footage from the sun has been spectacular.]

Source: https://gizmodo.com/?p=2000591232

The U.S. government is pursuing legal action against Meta, alleging violations of competition laws related to its acquisitions of Instagram and WhatsApp. The Federal Trade Commission has presented evidence that suggests Meta's proactive strategies to mitigate the threat posed by Instagram, including potential plans to curtail its growth or acquire it to limit competition.

• The U.S. government is accusing Meta of violating competition laws.

• The FTC could force Meta to divest Instagram and WhatsApp if successful in court.

• Evidence shows Meta was concerned about Instagram's rapid growth and discussed strategies to manage its competition.

[RSnake: I am most of the way through the book Carless People, and I really think Meta is likely in trouble if and when Congress ever decides to prosecute contempt of Congress and lying to Congress.]

Source: https://techcrunch.com/?p=2995543

New York Attorney General Letitia James is accused of mortgage fraud, falsifying records to meet lending requirements and receive favorable loan terms.

• James appears to have engaged in the very sort of fraud which she alleged in her ludicrous case against Donald Trump.

• The documents show that James purchased a property with her father had both parties listed as husband and wife in 1983 and 2000.

[RSnake: We shall see if this sticks. Honestly, it feels gross. More lawfare. Let’s hope it is an iron-clad case.]

Source: https://www.foxnews.com/politics/trump-administration-refers-ny-ag-letitia-james-possible-prosecution-allegations-mortgage-fraud

A U.S. federal judge ruled that Google acted illegally to maintain a monopoly in online advertising technology, which could reshape the company's structure and influence in the $1.86 trillion market. The ruling found that Google violated the Sherman Antitrust Act by acquiring and maintaining monopoly power in key areas of online ad technology. Google plans to appeal the decision, which may have significant implications for the competitive landscape of digital advertising.

• Google was ruled to have illegally maintained a monopoly in online advertising technology by a federal judge.

• The ruling could lead to a major restructuring of the company and alter its market power.

[RSnake: Good - they are a criminal organization run by criminals. They’ve been found guilty of things like this many times in many places in the world. Time to break them up. It’ll take a while, though, surely.]

Source: https://www.nytimes.com/2025/04/17/technology/google-ad-tech-antitrust-ruling.html

Federal Reserve Chairman Jerome Powell's position is perceived as vulnerable under President Trump's leadership. Market strategists warn that Trump firing Powell could lead to severe consequences for financial markets and the broader economy.

• Trump's rhetoric indicates a potential threat to the Federal Reserve's leadership.

• Market strategists are concerned about the implications of a change in the Fed's chair post-election.

[RSnake: Perhaps, but I think he could replace him ultimately. I think the bigger issue is reducing the amount of currency production and ultimately destroying existing cash to deflate the dollar. It’s such a weird thing to state, but we just have too much free cash floating around if we’re going to also be bringing manufacturing home. We need to make our goods more attractive to foreign buyers by making our currency able to buy more.]

Source: https://www.marketwatch.com/story/if-trump-fires-powell-it-would-blindside-wall-street-and-rattle-financial-markets-4b21833c?mod=mw_rss_topstories

Elon Musk is establishing a corporate campus in Bastrop, Texas, bringing SpaceX, The Boring Company, and his social media platform X to the area. This development is part of a broader trend of tech companies moving from Silicon Valley to Texas, with local residents expressing mixed feelings about the rapid changes and potential urbanization. Additionally, the local government is enacting measures to manage growth and protect green spaces amidst shifting demographics and economic opportunities.

• Elon Musk is relocating major companies to Texas, creating a new tech hub.

• Local residents have mixed reactions to the rapid development and its impacts on the community.

[RSnake: Pretty cool - a hop, skip, and a jump from Austin!]

Source: https://www.bbc.com/news/articles/c9de28n71ldo

In California, Tesla's share of electric vehicle sales has dropped below 50% for the first time, while overall EV sales increased. The decline in Tesla's market share coincides with a rise in registrations for other brands, and the company has faced significant challenges including declining global sales and a falling stock price.

• Tesla's share of EV sales in California fell from 55.5% in Q1 2024 to 43.9% in Q1 2025.

• Overall EV sales in California rose 7.3%, with other brands increasing their market presence.

• Tesla is facing declining sales globally, including a 42.6% decrease in Europe and a 49.2% drop in China.

[RSnake: Tesla might be in real trouble due to the macro and also because the left seems to have fallen out of love with the environment in favor of politics.]

Source: https://www.fastcompany.com/91319627/tesla-once-made-up-a-majority-of-ev-sales-in-california-now-its-less-than-half

The U.S. has implemented unpredictable tariffs affecting construction materials from countries such as Canada, Mexico, and China, leading to supply chain disruptions and increased costs for contractors. General and trade contractors are urged to adapt their contracts and sourcing strategies to mitigate these impacts and maintain project timelines amidst growing regulatory uncertainty.

• Contractors face challenges due to rising material costs associated with U.S. tariffs.

• Flexibility in contracts is essential to navigate supply chain disruptions caused by tariffs.

[RSnake: …And bring them home, or re-home them in the US.]

Source: https://www.supplychainbrain.com/blogs/1-think-tank/post/41445-how-construction-contractors-can-mitigate-the-impact-of-tariffs

The Consumer Financial Protection Bureau (CFPB) has terminated 1,400 of its 1,700 employees in a significant organizational shakeup, deprioritizing issues like medical debt and student loans. This massive workforce reduction follows a federal judge's ruling allowing individual assessments for potential terminations, leaving the CFPB with only around 200 employees, which impacts its ability to regulate consumer financial practices.

• The CFPB has significantly reduced its workforce, impacting its regulatory capabilities.

• The agency will deprioritize medical debt and student loans, shifting focus to other consumer protection issues.

[RSnake: I hope this ultimately makes them more efficient, because largely they seem to do virtually nothing, and there does need to be a lot more protections put in place against ads that overpromise and underdeliver.]

Source: https://www.wired.com/story/cfpb-has-been-gutted/