RSnake Report
Posts
RSnake Report 20260314

RSnake Report 20260314

Terrorist in the US, Oil prices rising, etc

Robert RSnake Hansen
March 14, 2026

What's In the News

Hello, and thanks for reading! It was a fairly quiet week on the home front and at work. It looks like I'll be out at RSA. I am getting calls from worried people about whether they should attend, given that it is the largest security conference and a prime target. My standard answer is that I think this work is too important to stop, and we can't let them win by forcing us to shut down our society. That is literally how terrorism wins.

In Russian/Ukrainian news, Ukrainian air defenses intercepted all 25 Kalibr cruise missiles, all 24 Kh-101 cruise missiles, and 402 of 430 drones during a large-scale Russian missile and drone attack. They also downed one of two Zircon anti-ship missiles, seven of 13 Iskander-M and S-400 ballistic missiles, and one of four Kh-59/69 guided air missiles. What is pretty amazing about this is that there were zero cruise missiles that landed. Zero. Granted, there were a lot more drones fired, but I am still impressed. Cruise missiles are fast, they fly low, and therefore don't have much in the way of radar cross sections, so it's pretty impressive how far Ukraine has come. Even for the rest of the incoming munitions, that was really impressive.

Russian footage showed Ukrainian forces using laser beams to over suspected areas where fiber optic is laying, to ostensibly disable fiber optic connections. If you look at the image below, you see a bright square on the ground on the left coming from the drone above. Those bright lights may overload the sensors on the drone and cause it to crash. So, the defense to stop this would be to optically shield fiber optic lines, which would cause a lot.

Russian forces have started discussing new strategies by Ukraine of using 300 to 400 drones for air strikes up to 20 kilometers deep in narrow sectors, such as the Dnipropetrovsk-Zaporizhzhia junction. These swarms conduct fire preparation before mobile groups advance, followed by securing units and repeated drone support, effectively replacing traditional air power and limiting armored vehicles and artillery near the line of battle. So drones first, then people fill in the gaps, then drones go ahead, and people secure those gaps... rinse and repeat.

In European news, Swedish authorities intercepted a suspected false-flagged oil tanker from Russia's shadow fleet on Thursday night, preventing it from entering Swedish waters. It is nice to see NATO countries doing these interdictions and enforcing sanctions.

In very gross news, NATO has developed AI-powered cyborg cockroaches for reconnaissance, equipping the insects with electronic backpacks including AI hardware, radios, cameras, and microphones. Electrical signals steer the cockroaches through rubble, tunnels, and inaccessible spaces, transmitting data back; the system moved from concept to field use within a year, with customers including the German military. Gross.

Belgium's FN Herstal and Thales integrated 70mm rockets with the DeFNder remote weapon system to enhance force protection capabilities. This is a very portable little solution that I could see on vehicles and smaller fixed positions like outposts. Granted, it doesn't have much capacity, so we're talking lone drones or a very tiny swarm.

In South East Asian news, Pakistani F-16 jets used laser-guided high-precision bombs to destroy a fuel depot of Afghanistan's private Kam Air airline near Kandahar Airport. This is likely in support of counter-Taliban activity in the area.

In Middle East news, Israeli Air Force footage shows drones and jets targeting Basij checkpoints around Tehran, supported by tips from Iranian citizens, in operations backing a potential revolution against the regime, lacking air defenses.

U.S. Air Force jets continued to destroy Iranian ballistic missile launchers during preparation for launch using precision-guided glide bombs and struck combat aircraft in hangars. I am fairly enamored with these videos because it also shows that the overflight of targeting planes is completely unmolested. Air defenses are extremely poor over Iran at the moment.

Israeli strikes destroyed more than 60 IRGC bulldozers intended to rebuild missile storage sites. This is a really smart tactic, as it makes it incredibly difficult to begin the reconstruction effort of underground facilities. I suspect this will continue as long as those dozers have to pop back up to solid ground to clear out debris.

IDF operations in Iran included 7,600 strikes, with 2,000 against terror headquarters and 4,700 targeting missile programs. Thousands of Iranian operatives were eliminated, with hundreds... over 380 in Iranian airspace.

A senior Israeli Air Force official reported over 10,000 Iranian security forces killed or wounded, joint U.S.-Israel destruction of 160 to 190 missile launchers, and disablement of 200 more, with 150 remaining operational. Iranian crews face desertions, and operations now focus on command centers, military industry, and nuclear sites, aiming to weaken the regime toward economic blockade, isolation, and revolution.

A U.S. Navy helicopter sank an Iranian vessel approaching the USS Abraham Lincoln with a Hellfire missile after U.S. destroyers missed with multiple attempts at hitting it with Mk-45 gunfire. That's not great, because it means the Mk-45 may not be well-suited for close-quarters naval support, yet it is one of the primary guns in use on warships.

Strikes demolished the IRGC headquarters in Abdanan, exposing helmets and military gear in the rubble. These facilities are falling fast, meaning that the operatives will have to find new facilities, yes, but much of the equipment and personnel are also destroyed/killed.

The Israeli Air Force struck Iran's primary space research center (photo of the destruction here), used for military satellites, intelligence, and targeting across the Middle East, plus aerial defense system production factories.

An Iranian drone attack caused material damage to a Bahrain desalination plant, the first such targeting of a Gulf facility in the ongoing war. I have heard that this did happen and that it didn't, but either way, I think water procurement is a very real issue and an awful but obvious target for the IRGC. I have also heard the UAE Air Force struck an Iranian desalination facility as a warning against escalation, too. So who knows!

Iran deployed loitering, self-targeting surface-to-air missiles to supposedly down 11 U.S. MQ-9 Reaper drones, valued at over $330 million.

Iran issued evacuation warnings for UAE ports Mina Jebel Ali, Khalifa Port, and Fujairah, signaling potential strikes on port infrastructure. This is to be expected, because they're going to want to control the Straight of Hormuz and limit shipping generally on their terms. Iranian kamikaze drones struck the Fujairah Oil Industry Zone in the UAE, producing two large plumes of fire.

An Iranian drone attack on the UAE consulate in Erbil wounded two Nepalese workers and caused smoke damage. These attacks are bad enough that there will be people fleeing the country. For instance, a good friend of mine over there fled, and it took several days to get out after the bombs dropped, even with a US passport.

The U.S. Army has supposedly deployed 10,000 Ukrainian-developed interceptor drones to the Middle East to counter Iranian attacks and preserve high-cost missile defenses. I have heard a few times that Ukraine is denying this, but it's not clear who is telling the truth here.

Iran's new Supreme Leader is reportedly in a coma and lost a leg from injuries in air strikes. Since you, like I, have no idea who this is, his name is Mojtaba Khamenei. So yes, Iran has a vegetable as a Supreme Leader at the moment. Joking aside, I guess Masoud Pezeshkian is the current president and probably the guy running things for the moment.

Iran allegedly struck a Thai ship attempting to pass through the Strait of Hormuz. This is the kind of thing that really ups shipping insurance.

As a result of this and other attacks, the Strait of Hormuz remains largely empty of traffic amid escalating tensions. Iran has struck at least 18 vessels since the U.S.-Iran conflict began two weeks ago, driving Brent crude above $100 per barrel for the first time since August 2022 and raising supply disruption fears. U.S. gas prices reached $3.68 per gallon, up 23% since the Iran war started on February 28; Brent futures rose 2.7% to $103.14 per barrel, and U.S. crude climbed 3.1% to $98.71.

That said, Iran also lives and dies on its ability to do shipping and of Iranian oil no less. So when Trump attacks Kharg Island, that island represents the bulk of oil exports for Iran, and the US military knows it. Though he has intentionally not hit the oil depots thus far, sticking only to military targets.

The Pentagon approved deploying a 2,500-Marine Expeditionary Unit to Iran, equipped with amphibious assault ships, attack helicopters, and artillery, as airstrikes failed to reopen the Strait of Hormuz, paralyzed since March 2. Iran's foreign minister stated they await a U.S. invasion. The Pentagon is considering more warships to escort oil tankers through the Strait of Hormuz once the threat level drops, potentially in a month.

A U.S. Air Force KC-135 Stratotanker crashed in western Iraq on March 12 during Operation Epic Fury due to a mid-air collision with another KC-135 in friendly airspace. The second tanker declared an emergency, with six crew members lost. By the look of the damage, what almost certainly happened was that the tanker below nosed up and slammed into the tail, clipping it and likely severely damaging the trailing tanker's nose, ultimately causing it to crash.

President Trump denied reports of five tanker planes destroyed at a Saudi airbase, stating four had minimal damage and returned to service, with the fifth sustaining minor damage but was soon operational. In all Operation Epic Fury, U.S. losses remain low despite threats from Iranian missiles and drones, thanks to strategic dispersion, Agile Combat Employment, and integrated defenses; during Desert Storm, the coalition lost over 50 fixed-wing aircraft, mostly to enemy action.

A U.S. Air Force B-1B Lancer departed England to strike Iran, part of a fleet of B-1s and B-52s forward-based in southern England. These are very fast-moving and extremely heavy bombers, typically used for saturation bombing in the case of B-52s and more for a broad spectrum of targeted attacks in the case of the B-1B.

The USS John Finn recorded a video of firing a salvo of 13 Tomahawk missiles at Iranian targets on Tuesday. These are pretty expensive munitions, but also extremely fast, precise, and able to follow tight terrain to increase lethality. This means to me the airspace is still at least somewhat contested to use these more expensive solutions.

President Trump announced the U.S. and allies will use military force to reopen the Strait of Hormuz, calling for warships from other countries while continuing bombardments of Iranian coastal and military targets. It makes sense that he would be calling for more support, because Iran has the home-field advantage with the support of the Houthis to harass shipping and do so plausibly enough to cause captains and insurance companies to pause.

The attacks aren't limited to Iran, of course. The IDF strikes have increased significantly against the Iranian proxy forces in Lebanon, where they hit over 1,100 Hezbollah targets, including 190 Radwan Force sites, 200 missile positions, 35 command centers, and 80 facilities, neutralizing over 380 operatives while maintaining forward defenses.

Ongoing strikes target Basij militia units across Iran, the regime's street enforcers, used for monitoring, protest suppression, and control. These bombs are targeting single vehicles and small buildings with just a handful of people sometimes. Clearly, this will embolden the citizens to report these people and will make it extremely demoralizing and dangerous to support the regime.

In South of the Border news, protesters in Morón, Cuba, set fire to the local Communist Party headquarters amid demonstrations over fuel shortages and widespread blackouts. This is a mix of pressure caused by a lack of fuel from Venezuela and a lack of support from the other communist party countries. Cuba's government is already on the edge.

In North American news, Kansas City International Airport evacuated all travelers and workers due to a credible bomb threat; the FBI responded, halting all flights and conducting sweeps while passengers waited on the tarmac. The threat was later confirmed to not be credible, and flight operations continued. A nothing-burger. 🤷

A Muslim individual shouted "Allahu Akbar" and threw a homemade bomb at anti-Islam protesters. New York's Mamdani later condemned white supremacy and racism without mentioning the attacker's motive or jihadist chant. What a great guy! 🤡

An individual drove a vehicle into Temple Israel synagogue and school in West Bloomfield, Michigan, then opened fire. The incident appears intentional, with the vehicle catching fire and authorities ordering shelter-in-place. Suspect Ayman Mohamad Ghazali lost family members in an Israeli strike in Lebanon, which means he was directly tied to Hezbollah, and therefore to Iran.

Reports indicate Ayman Ghazaleh, linked to Hezbollah through his brothers, attempted an attack on a Jewish synagogue in West Bloomfield, Michigan, in order to, it seems, specifically target Jewish kids. Other students intervened and stopped the attacker. Also, Mohamed Bailor Jalloh, 36, a former U.S. Army National Guard member convicted of supporting ISIS and released in 2024, opened fire in an Old Dominion University classroom in Virginia, killing a retired military ROTC instructor and wounding two others while shouting "Allahu Akbar"; students subdued him, and the FBI is investigating both incidents as terrorism. So it would seem that the cells that Iran was warning us about are beginning to activate.

Stryker Corporation's systems were hit by a suspected Iranian-linked cyberattack, compromising employee accounts, defacing login pages with the hacktivist group Handala, and disrupting global networks. Restoration efforts continue. This was not a sophisticated attack. It looks like we spend billions and still get hacked by credential stuffing. Pretty sad, actually.

Hedge funds shorted U.S. ETFs at the second-fastest pace ever recorded on Thursday. This could also be a lay-up to a massive short squeeze, so be careful out there if you're an investor!

In Tech news, Amazon laid off 30,000 engineers and tied surviving employees' bonuses to AI code usage, leading to faster AI-generated changes that caused multiple site outages, including the shopping app. Then the management held a mandatory meeting, blaming the engineers instead of addressing the rushed AI implementation. 🤣 I suspect that the layoffs of engineers will gradually come to a halt and even reverse as people become disillusioned with AI quality and realize they really need human reviewers.

Cloudflare introduced a /crawl endpoint that crawls an entire site in one API call, outputting content in HTML, Markdown, or JSON without scripts or browser management. After spending all this time trying to prevent robots, they're now specifically making it easier. Ironic, isn't it?

Perplexity launched Personal Computer, a local, always-on Mac mini-based system that merges with Perplexity's AI, securely processing files, apps, and sessions 24/7. It's not the Mac Mini itself. It's a compartmentalized solution that helps run an Openclaw-like instance for people without the hassle of setting it up themselves, I guess?

In other Perplexity news. Perplexity's cofounder and CTO announced a shift from multi-cloud providers to APIs and CLIs for internal operations. I think this makes a lot of sense. MCPs aren't that useful or predictable.

An open-source military radar, AERIS-10, tracks multiple targets up to 20 kilometers using electronic beam steering at 10.5GHz, pulse compression, Doppler processing, and real-time mapping. The DIY solution includes full GitHub schematics, PCB layouts, FPGA code, Python GUI, and Gerber files under MIT license, with versions for 3km (patch antenna) and 20km (slotted waveguide with GaN amplifiers), far cheaper than commercial equivalents starting at $250,000.

Okay, onto the articles!

Geopolitics

The U.S. has conducted a bombing raid on Iranian military targets in response to threats regarding the vital Strait of Hormuz, a crucial passage for global oil shipping. Tensions have escalated following Iran's declaration to block the waterway, impacting oil prices and maritime security in the region.

The U.S. bombing raid targeted Iranian military positions in response to threats against oil shipping routes.
Iran's actions have led to increased global oil prices and heightened concerns over maritime safety.

[RSnake: Those oil prices are going to continue for a while, I think. Speculators know there is no end in the near future. Trump threatening Kharg Island isn’t going to help.]

Source: https://www.defensenews.com/flashpoints/2026/03/14/us-bombs-key-iranian-island-amid-oil-concerns/

Israel is conducting precision airstrikes in Tehran targeting Iranian security forces and military infrastructure as the Iranian regime faces significant losses. Over 4,000 Iranian soldiers have been killed, and the conflict has drastically reduced Iran's missile and drone capabilities, while Tehran struggles with internal dissent and opposition calls for an uprising against the regime.

Israeli strikes in Tehran are targeting regime personnel and military sites amid the ongoing conflict.
Iran's military capabilities have significantly diminished, affecting missile and drone launch rates.
Internal opposition within Iran is increasing, with calls for unrest against the regime.

[RSnake: This says 4k, but I have heard >10k, so take all these numbers as estimates.]

Source: https://www.longwarjournal.org/?p=126858

China continues to experience a major anti-corruption campaign led by President Xi Jinping, with a significant number of high-ranking officials purged from the Communist Party. This campaign has been characterized by ongoing investigations, disciplinary actions, and a focus on loyalty as Xi consolidates power while the country faces economic and geopolitical challenges.

Xi Jinping's anti-corruption drive has resulted in the removal of numerous high-ranking officials from the Communist Party and the military.
The campaign aims to bolster loyalty within the party amidst increasing economic tension and competition, especially with the United States.

[RSnake: Corruption, or dissent? Ah, the CCP… known for its lack of corruption!]

Source: https://www.bbc.com/news/articles/c78xxyyqwe7o?at_medium=RSS&at_campaign=rss

Ayman Mohamad Ghazali drove a truck into Temple Israel in West Bloomfield Township, Michigan, and exchanged gunfire with security guards, resulting in his death and one guard being injured. This act of violence is being investigated as a targeted incident against the Jewish community, occurring shortly after a memorial service for victims of violence in Lebanon. Prior to the attack, Ghazali had been absent from his job at a local restaurant for several days.

Ayman Mohamad Ghazali conducted an attack at a synagogue, raising alarms about antisemitic violence.
The incident has connections to recent events in Lebanon and reflects broader geopolitical tensions.

[RSnake: Good riddance, but awful that people feel that they need to resort to killing kids. But this is why the gun-free zones are always going to be a soft target, or perceived that way at minimum.]

Source: https://www.nytimes.com/2026/03/13/us/michigan-synagogue-suspect-ghazali.html

A recent large-scale Russian attack on Ukraine involved ballistic and cruise missiles and drones, resulting in disruptions to public transport in Kyiv due to power outages. This attack caused casualties and damage to both residential and industrial areas, with the city and surrounding oblasts facing ongoing threats to safety and infrastructure.

Russia conducted a large-scale combined attack on Ukraine, impacting Kyiv and its surrounding regions.
Public transport services in Kyiv were temporarily suspended due to power outages caused by missile strikes.
Casualties included fatalities, and various districts experienced structural damage to accommodations and facilities.

[RSnake: Yes, but so very minor compared to what it could have been. These are swarms unlike the world has ever seen, and they’re barely causing any damage, thankfully.]

Source: https://www.pravda.com.ua/eng/news/2026/03/14/8025470/

Recent incidents of violence attributed to individuals supporting ISIS have raised security concerns across multiple locations in the United States. A bomb threat at the University of Virginia followed a shooting at Old Dominion University, where multiple people were attacked, resulting in one death. An additional violent act occurred at a synagogue in Michigan when a man rammed his vehicle into the building and opened fire, leading to further security apprehensions.

An ISIS-supporting terrorist killed one and injured two at Old Dominion University.
A bomb threat at the University of Virginia was investigated after the shooting incident.

[RSnake: These are the sleeper cells clicking on. I think, unlike what we originally may have thought, and while they likely still do exist, these lone wolf attackers were radicalized for years and self-determine when they act. So they’ll always be sporadic and difficult to predict down to the day.]

Source: https://www.dailywire.com/news/bomb-threat-forces-evacuations-at-university-of-virginia-day-after-old-dominion-terrorist-attack

Iran's Islamic Revolutionary Guards Corps has issued a warning of a potential severe crackdown on dissent if street protests resume, following a high death toll during recent protests. Concurrently, reports indicate escalating military actions in Iran, with localized attacks targeting checkpoints and security units amid an ongoing conflict linked to US-Israeli operations. Additionally, Iranian authorities are threatening severe legal repercussions against citizens abroad who show support for foreign adversaries during the current tensions.

The IRGC has warned of harsh penalties for dissenters, indicating a ruthless approach to suppress potential protests.
The conflict in Iran is increasingly affecting local security structures, suggesting a shift in military operations toward urban areas and local control.

[RSnake: We always knew that the IRGC would attack their own citizens, but I think most people thought it would be clandestine, not openly firing on people from rooftops.]

Source: https://www.iranintl.com/en/202603138813

Iran's new supreme leader announced plans to continue military actions against Gulf Arab nations, leveraging the strategic Strait of Hormuz amid ongoing conflict with the U.S. and Israel. The war has severely disrupted global energy supplies, resulting in rising oil prices and significant displacement of Iranian citizens. Escalating hostilities include attacks from Hezbollah and retaliatory strikes by Israel, with increased threats to regional stability and security.

Iran's new leadership intends to intensify its military actions in response to U.S. and Israeli operations.
The conflict has disrupted global oil supply, causing prices to soar and displacing millions.

[RSnake: Well, he did this before he went into a coma. Lol]

Source: https://www.military.com/daily-news/2026/03/12/irans-secretive-top-leader-vows-keep-attacks-his-first-statement-being-appointed.html

A mass shooting at a concert hall near Moscow resulted in 149 deaths and over 500 injuries, marking the deadliest attack in Russia in two decades. Nineteen individuals connected to the attack were sentenced to life in prison by a military court, while an affiliate of the Islamic State group claimed responsibility for the act. Russian authorities have accused Ukraine of involvement, a claim that has been strongly denied by Ukrainian officials amidst ongoing tensions between the two countries.

A mass shooting in Krasnogorsk, Russia, resulted in significant casualties and is linked to an affiliate of the Islamic State.
Nineteen individuals were sentenced for their roles in the attack, with accusations made against Ukraine despite its denial of any involvement.

[RSnake: Incredible. We don’t hear of these things very often outside of the US. But more impressively, the casualty count was enormous. The shooting took place in 2024, but the convictions are happening now, and they are Islamic terrorists… 19 of them.]

Source: https://www.bbc.com/news/articles/c0j5lx75vg3o?at_medium=RSS&at_campaign=rss

The Gulf region is experiencing significant instability due to military actions and political choices by various state and non-state actors, which have global repercussions. The security of the Gulf is critical for global infrastructure, impacting energy supplies, food production, financial markets, and international transport systems. Without a comprehensive governance framework for its stability, the risks posed to this vital region threaten the living standards and economies worldwide.

The Gulf's stability directly affects global energy supplies, food production, and economic systems.
Inadequate governance structures exacerbate vulnerability to disruptions in the Gulf region.

[RSnake: While true, it’s also getting far clearer about its allyship and what it really thinks about Iran, Hezbollah, the Houthis, and the terrorists in Palestine. It has never been clearer that the Arab states want all of that gone.]

Source: https://www.atlanticcouncil.org/?p=912214

Cybersecurity

Stryker, a major medical technology company, has suffered a severe disruption due to a wiper malware attack linked to the Iranian hacktivist group Handala. The attack has resulted in the theft of 50 terabytes of data and the wiping of over 200,000 systems, leading to a global shutdown of Stryker's operations in 79 countries.

Stryker experienced a global disruption affecting its operations due to a cyberattack.
The attackers, linked to Iran, stole significant data and wiped many of Stryker's systems.

[RSnake: I suspect there will be more, but these Iranian hackers are not that sophisticated. That said, our defenses aren’t that good.]

Source: https://www.bleepingcomputer.com/news/security/medtech-giant-stryker-offline-after-iran-linked-wiper-malware-attack/

A landmark lawsuit is underway in Los Angeles where a jury is tasked with determining if social media companies Meta and Google are responsible for mental health issues experienced by a young user after extensive social media usage. This case is the first of over 2,000 similar lawsuits targeting social media firms for their potential role in harming young people's mental well-being, with significant implications for the future liability of these platforms.

A young user is suing Meta and Google, claiming that social media use led to serious mental health problems.
The trial could set a precedent affecting thousands of similar cases involving social media addiction.

[RSnake: Throw OpenAI in there, and you have a trifecta. That said, I do find it hard to blame platforms for mental health, in the same way I think video games didn’t turn my high school friends into terrorists. It takes a very specific mind, one that cannot draw easy boundaries around things and over-correlates that gets tricked into believing things, regardless of whether it comes from the radio like War of the Worlds in 1938 or the Internet now.]

Source: https://www.bbc.com/news/articles/c0mg3zd7xwpo?at_medium=RSS&at_campaign=rss

Telus Digital has experienced a significant security breach resulting in the alleged theft of close to 1 petabyte of data by the hacking group ShinyHunters. The breach may affect various customer support operations and other sensitive information across numerous companies that utilize Telus's services.

Telus Digital confirmed a data breach involving unauthorized access to its systems.
The hacking group ShinyHunters claims to have extorted Telus for $65 million after obtaining sensitive customer data.
The breach highlights vulnerabilities in business process outsourcing (BPO) providers that handle substantial amounts of customer data.

[RSnake: Ouch. They are getting pretty prolific. They were mentioned by name at the cyber insurance conference that I keynoted at last week.]

Source: https://www.bleepingcomputer.com/news/security/telus-digital-confirms-breach-after-hacker-claims-1-petabyte-data-theft/

A cybercriminal group known as Storm-2561 has launched a credential theft campaign utilizing SEO poisoning to distribute fake VPN clients. Users searching for legitimate VPN software are misled to download malware disguised as trusted applications, which harvests their credentials and sensitive information.

Storm-2561 exploits SEO tactics to redirect users to malicious sites masquerading as legitimate VPN downloads.
The malicious software, which is signed with a revoked certificate, captures user credentials and exfiltrates them to attacker-controlled servers.

[RSnake: I am less and less open to the idea of commercial VPN providers. They are often controlled by foreign adversaries, but also, they can be compromised. I am of the opinion that we need a solution to easily deploy them on existing International hosting providers like EC2/Oracle Cloud/Azure, and GCP, etc., who have a lot more to lose by messing with their customers. Sounds like a fun Claude project for one of my readers.]

Source: https://www.microsoft.com/en-us/security/blog/?p=145731

A global coalition of law enforcement agencies has dismantled a botnet known as SocksEscort, which included over 369,000 hacked routers and IoT devices across 163 countries. This botnet was responsible for various criminal activities, including hacking into bank accounts and facilitating ransomware attacks, resulting in millions of dollars in losses for victims, primarily in the United States and the United Kingdom.

SocksEscort was a large botnet that compromised routers and IoT devices, enabling a range of cybercrimes.
The takedown operation involved international law enforcement and targeted criminal activities, costing significant financial losses.

[RSnake: These are nasty. That’s not 368k routers/IoT devices, that’s 368k networks that were compromised!]

Source: https://techcrunch.com/?p=3102046

Recent military actions by the US and Israel have led to retaliatory drone strikes by Iran on critical cloud infrastructure in the UAE and Bahrain. The convergence of cyber and kinetic warfare indicates a shift in how modern conflicts may be conducted, with cloud data centers becoming strategic targets in military operations.

Iran responded to military strikes with drone attacks on Amazon Web Services facilities in the UAE.
Cloud infrastructure is now recognized as a strategic target in modern warfare, merging physical and cyber warfare tactics.
Governments may need to rethink their data sovereignty strategies to protect critical data during crises.

[RSnake: Yep, war has come to the Middle East, and anyone is potentially at risk of being dragged in, either directly or because of proxy fighting.]

Source: https://www.darkreading.com/cyber-risk/middle-east-conflict-highlights-cloud-resilience-gaps

A Russian-speaking threat actor has targeted human resource departments for over a year using a sophisticated malware campaign known as BlackSanta, which employs advanced evasion techniques to compromise systems and steal sensitive information. This malware, delivered through spear-phishing emails, is capable of disabling endpoint security solutions and uses various techniques to gain low-level access to compromised systems.

The BlackSanta malware campaign has been ongoing for more than a year and targets HR departments.
The malware employs sophisticated techniques to evade detection and disable security tools.

[RSnake: Nasty, and expected. This is likely an APT team, and yes, likely out of Russia. They are pre-positioned in all kinds of companies if they need to use that.]

Source: https://www.bleepingcomputer.com/news/security/new-blacksanta-edr-killer-spotted-targeting-hr-departments/

A former DOGE employee allegedly stole sensitive Social Security data, including personal information of over 500 million Americans, and stored it on a thumb drive while working with the Social Security Administration. The Social Security Administration is under investigation by its inspector general, amid claims of a data breach linked to DOGE's involvement with the agency.

A DOGE software engineer reportedly obtained two sensitive databases containing personal information of U.S. citizens.
The Social Security Administration is investigating the data theft, which could impact over 500 million individuals.

[RSnake: Allegedly is probably true, but I think intent really does matter when it comes to what to do about it. I am not sure the intent was malicious in this particular case.]

Source: https://techcrunch.com/?p=3101157

A mass hacking campaign has targeted iPhone users, particularly in Ukraine and China, using tools believed to be developed by U.S. military contractor L3Harris. The hacking toolkit, named 'Coruna,' was initially created for government intelligence operations but has since fallen into the hands of hacking groups linked to Russian and Chinese cybercriminals, resulting in significant security breaches and the potential exploitation of millions of devices worldwide.

Coruna is a sophisticated iPhone-hacking toolkit believed to have been originally developed for U.S. intelligence use.
The toolkit has been exploited by Russian government hackers and Chinese cybercriminals, raising serious cybersecurity concerns.

[RSnake: Great. This is why dual-use tech is so dangerous, and why we cannot allow big companies to put backdoors. They are too easily used by the adversary because there is no easy way to shut them off when they breach containment.]

Source: https://techcrunch.com/?p=3100555

Technology

Autonomous laboratories utilizing AI technology are being developed to conduct biological research, significantly speeding up experimentation processes and enabling more efficient protein production. Companies like Ginkgo Bioworks are partnering with AI firms to create systems that can design and iterate experiments without human oversight, leading to breakthroughs in biomanufacturing techniques crucial for medicine and agriculture.

AI-driven autonomous labs can reduce the time and cost associated with biological experimentation.
The integration of AI in labs could accelerate the development of vital medical therapeutics.

[RSnake: I really hope this doesn’t cause a massive breakout of something awful. For my money, I would keep AI out of the lab, except for modeling. Running equipment? No, thank you. That said, why would I get into a self-driving car? Because it is really purpose-built for the task, unlike LLMs, which are general-purpose.]

Source: https://www.scientificamerican.com/article/openai-and-ginkgo-bioworks-show-how-ai-can-accelerate-scientific-discovery/

The development of the TrustBench framework aims to enhance the trustworthiness of autonomous agents by providing real-time verification of their actions before execution. It has shown a reduction in harmful actions by 87%, and domain-specific plugins have proven more effective than generic verification methods. This represents a crucial step in ensuring the safety and reliability of AI systems across various industries such as healthcare and finance.

TrustBench allows real-time verification of AI agents' actions before execution.
The framework significantly reduces harmful actions by implementing domain-specific safety requirements.

[RSnake: You can only be harmed in 13% of cases. Great! 😆 ]

Source: https://arxiv.org/abs/2603.09157

Broadcom's acquisition of VMware has prompted many customers to migrate to alternative hypervisor platforms due to technical and operational challenges. This migration brings risks associated with data integrity, backup processes, and operational continuity, particularly as organizations navigate between old and new systems while maintaining data accessibility and security.

Broadcom's acquisition of VMware is leading to significant migrations to alternative hypervisors.
Migrating workloads between hypervisors increases the risks and complexities associated with data integrity and operational downtime.

[RSnake: Congrats to the Broadcom team. VMware is likely going to get to be a lot more interesting in the age of compartmentalization of AI, as are things like Docker, and containers of any kind.]

Source: https://www.bleepingcomputer.com/news/security/from-vmware-to-whats-next-protecting-data-during-hypervisor-migration/

Claude's Opus 4.6 and Sonnet 4.6 platforms now support a full 1 million tokens context without a long-context premium, enabling more complex workflow and higher quality interactions. This update allows users to handle larger data sets seamlessly, increasing efficiency across various applications including legal documentation and research synthesis.

The 1 million-token context is now generally available for Opus 4.6 and Sonnet 4.6 at standard pricing.
The update improves data retention, reducing context compaction events and enhancing overall workflow efficiency.
This functionality supports diverse applications, including legal review, scientific research, and large-scale production systems.

[RSnake: That’s good to see the frontier models embracing larger context windows, because context rot is both annoying and pretty dangerous if it starts forgetting important instructions. This can also happen when you compress context windows.]

Source: https://claude.com/blog/1m-context-ga

Google's generative AI search tools are increasingly directing users back to Google's own services instead of third-party websites, leading to complaints from publishers about declining web traffic. Currently, approximately 17% of citations in Google's AI search lead back to its own platforms, which may impact the viability of independent publishers. This trend reflects a broader shift towards reduced traffic from search engines to external sites.

Google's AI search tools prefer linking to its own services.
This trend negatively affects traffic for independent publishers.
The increase in self-citations may threaten the business model of online publishers.

[RSnake: This is grounds for another anti-trust suit, most likely.]

Source: https://www.wired.com/story/google-ai-searches-love-to-refer-you-back-to-google/

6G technology is set to be deployed globally by 2030, following the existing 5G networks. This new generation of mobile networks aims to enhance upload speeds, integrate AI more effectively, and include advanced sensing capabilities to detect objects and movements in real-time, potentially transforming various industries.

6G will focus on improving upload speeds and integrating AI into the network to create more efficient processes.
The technology may offer sensing capabilities, allowing real-time awareness of objects and movements, impacting safety and operational efficiency.

[RSnake: Faster upload/download speeds will make on-device AI less important, but I still think there is a big market for it. That said, battery life is still a nightmare on mobile devices.]

Source: https://www.wired.com/story/6g-is-coming/

Elon Musk's xAI is undergoing significant personnel changes, with only two of the original co-founders remaining as the company attempts to compete more effectively in the artificial intelligence space. The leadership shake-up comes amid challenges in developing competitive coding tools and pressures related to upcoming financial expectations linked to SpaceX's public offering.

xAI is restructuring its team to improve competitiveness in AI coding tools.
The company faces internal and external pressures to deliver results, especially with SpaceX's financial expectations.

[RSnake: It sounds like he’s cleaning out some bad ideas and bringing in some fresh blood. Probably wise to do from time to time, when you see stagnation.]

Source: https://techcrunch.com/?p=3102367

Uber has incorporated Motional's autonomous vehicles into its rideshare network in Las Vegas, allowing passengers to hail self-driving Ioniq 5s in designated areas. The service is being rolled out with a safety monitor for now, and plans for a fully driverless operation are set for the end of the year. Motional, which faced challenges in the past, has pivoted its approach to autonomous technology and is expanding its collaboration with multiple partners globally.

Uber introduces Motional's self-driving Ioniq 5 robotaxis in Las Vegas.
The service will initially include a safety monitor, with plans to achieve full driverless operation by year-end.
Motional has restructured and focused on AI advancements to enhance its autonomous vehicle technology.

[RSnake: This will be interesting to see this take off. I believe they did a demo at SXSW too.]

Source: https://techcrunch.com/?p=3102268

Business

Google has finalized a $32 billion acquisition of cybersecurity startup Wiz, marking the largest venture-backed acquisition in history, despite a previous offer being declined and an antitrust review. This deal reflects significant interest and investment in AI, cloud, and security sectors. Additionally, Meta has acquired a viral AI agent social network called Moltbook, which gained attention for its fake posts.

Google's acquisition of Wiz represents a major milestone in cybersecurity investments.
The deal signifies a strong market trend towards AI and cloud security solutions.

[RSnake: There will be a lot more money back into Cyber Security as a result of this. Expect the industry to be flush with particularly dumb investments in T minus 3… 2…]

Source: https://techcrunch.com/?post_type=tc_video&p=3102344

Medicare fraud in Los Angeles has reached alarming levels, with federal records showing that nearly $600 million was billed under the Medicare number of an 87-year-old doctor who denies knowledge of the fraud. Investigations reveal that the scope involves thousands of fraudulent claims and a network of home healthcare agencies exploiting loopholes to collect payments without delivering care.

Healthcare fraud in Los Angeles accounts for an estimated $3.5 billion in taxpayer losses.
A significant proportion of the country's home healthcare billing comes from Los Angeles County, raising federal scrutiny.

[RSnake: I think the Republicans will push these fraud and abuse cases heavily leading up to the midterms. That said, the public will be saturated with news about Iran if they’re not careful.]

Source: https://www.foxnews.com/us/la-medicare-fraud-doctor-provider-number-billing-probe

Qatar's helium production facility remains offline due to drone strikes, causing a significant reduction in global helium supply, which impacts the chip manufacturing industry, especially in South Korea. As a result, companies like SK hynix are forced to diversify their helium sources, and the South Korean government is investigating alternative materials. The blockage in the Strait of Hormuz further exacerbates potential shortages of key semiconductor materials.

Qatar's helium supply has been severely disrupted, affecting the global semiconductor industry.
South Korean firms are diversifying helium supplies due to reliance on imports from Qatar.

[RSnake: There is a very small/finite supply of Helium and there’s been a growing concern in the scientific community about that fact. This will only hasten the concern about the global helium supply. Something to think about the next time you fill up some party balloons.]

Source: https://www.tomshardware.com/tech-industry/qatar-helium-shutdown-puts-chip-supply-chain-on-a-two-week-clock

Atlassian is laying off 1,600 employees, approximately 10% of its workforce, as part of a restructuring effort attributed to changes in the tech industry related to AI advancements. The company's shares have significantly declined, leading to a selloff across enterprise software stocks, and leading to scrutiny of the real reasons behind these job cuts. Atlassian's operational metrics remain strong, including an increase in revenue, despite the layoffs.

Atlassian is planning to cut 1,600 jobs to adapt to changes in the tech industry inspired by AI.
The layoffs come amid a broader selloff in enterprise software stocks, which has significantly impacted company valuations.

[RSnake: Wow, that’s one of the bigger layoffs due to AI that I’ve seen; that said, 10% is a fairly normal number, and AI may just be the scapegoat for a normal culling of the bottom non-performers.]

Source: https://thenextweb.com/news/atlassian-is-cutting-1600-jobs-and-replacing-its-cto

Bumble is launching a new dating feature called Bee that uses AI to match users based on personal conversations rather than traditional swiping. The company is undergoing a significant transformation, with a decline in user numbers and revenue prompting a shift towards more tailored user experiences while addressing privacy concerns and data usage. This new direction, referenced as Bumble 2.0, aims to improve engagement and is supported by positive investor sentiment following recent earnings reports.

Bumble is introducing an AI-driven matching feature called Bee that focuses on user compatibility.
The company is experiencing significant declines in revenue and users, prompting a restructuring and shift towards a more personalized approach.
Investors are optimistic about Bumble's new direction, leading to an increase in the company's stock valuations.

[RSnake: We shall see how that works out. Guys will really have to watch what they say about BIG BOOTY LATINAS because if they don’t, they won’t get BIG BOOTY LATINAS. 😆]

Source: https://thenextweb.com/news/bumble-bee-ai-assistant-dating-swipe

Tropic, a Norwich-based biotech company, has raised $105 million to scale its production of gene-edited bananas in response to a significant threat to the global banana industry from Panama Disease Tropical Race 4, which affects the Cavendish variety. This funding will aid in commercial expansion and the development of disease-resistant banana varieties as the demand for the new, innovative products exceeds current production capacity.

Tropic raised significant capital to scale production of new banana varieties in response to a global banana industry threat.
The company is utilizing gene-editing technology to develop disease-resistant banana plants and meet demand.

[RSnake: Interesting. I often think that there needs to be more research into finding ways to grow every crop in every major region to protect against supply chain disruption issues due to disease/weather/war, etc.]

Source: https://thenextweb.com/news/tropic-biosciences-series-c-gene-edited-bananas

A guitar used by David Gilmour of Pink Floyd was sold for a record $14.6 million, setting a new benchmark for the most expensive guitar ever sold at auction. Additionally, various other music memorabilia, including a piano owned by John Lennon, were sold for significant amounts, contributing to a total sale of $84 million from the auction.

David Gilmour's guitar was sold for $14.6 million, breaking the previous record for the most expensive guitar sold.
The auction included other high-profile items from music history, collectively generating $84 million.

[RSnake: Pretty insane what collectors will pay.]

Source: https://www.bbc.com/news/articles/cr45v7ey91eo?at_medium=RSS&at_campaign=rss

A Southwest Airlines customer faced alleged size discrimination when a gate agent suggested she purchase an extra seat due to her size. The airline has implemented a controversial policy requiring plus-size passengers to buy an additional seat if they encroach upon neighboring seats, attracting significant backlash on social media.

A Southwest Airlines customer claimed to have experienced discrimination related to her size.
The airline's new policy requires plus-size passengers to purchase extra seats if they encroach on neighboring seats.

[RSnake: I mean… If I need special assistance because I have a broken leg and need to put it up on another seat and have to pay for that, I get it. If I overeat, I expect to have to pay more, too. Life is all about choices.]

Source: https://timesofindia.indiatimes.com/world/us/are-you-saying-i-need-an-extra-seat-woman-slams-airline-over-size-comment/articleshow/129559598.cms

The U.S. government is investigating significant fraud in Minnesota, with estimates of at least $19 billion in fraudulent activities since the administration began targeting such cases. Vice President JD Vance suggested that California may be the next focus of similar investigations, amid criticisms of the state's fraud prevention measures.

Vice President JD Vance reported that fraud in Minnesota may total over $19 billion.
Investigations into California's fraud practices may soon be initiated as part of a broader federal effort.

[RSnake: Again, expect this to be the major Republican talking point unless some other big controversy breaks.]

Source: https://www.foxnews.com/politics/vance-reveals-19b-fraud-uncovered-minneapolis-hints-california-next-target

Got a useful tip? Looking to chat with me? Click here.

Full Disclosure: None of this is advice. This newsletter is strictly educational and my opinions. Please be careful, do your own research, and consult a professional before taking any action based on anything posted here.