-
China’s National Computer Network Emergency Response Technical Team (CNCERT) has issued a warning about the security stemming from the use of OpenClaw (formerly Clawdbot and Moltbot), an open-source and self-hosted autonomous artificial intelligence (AI) agent. In a post shared on WeChat, CNCERT noted that the platform’s “inherently weak default security configurations,” coupled with its
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have flagged a new iteration of the GlassWorm campaign that they say represents a “significant escalation” in how it propagates through the Open VSX registry. “Instead of requiring every malicious listing to embed the loader directly, the threat actor is now abusing extensionPack and extensionDependencies to turn initially standalone-looking extensions into transitive
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ShinyHunters claims it stole up to 1 petabyte of data from Telus Digital, including support recordings, code, and employee records after a breach.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The GlassWorm malware campaign has evolved, significantly escalating its attacks on software developers. Instead of embedding malware directly into initial releases, the threat actors are now using transitive dependencies to sneak malicious code into developer environments. This stealthy approach allows a seemingly safe package to pull in a separate, infected extension only after establishing trust. […]
The post GlassWorm Spreads via 72 Malicious Open VSX Extensions Hidden in Transitive Dependencies appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
An unprecedented international law enforcement effort has successfully dismantled a massive cybercrime network. Coordinated by INTERPOL, the initiative targeted critical infrastructure used in phishing, malware, and ransomware campaigns worldwide. Operation Synergia III Dubbed “Operation Synergia III,” the global crackdown took place between July 18, 2025, and January 31, 2026. The operation brought together law enforcement […]
The post Global Authorities Take Down 45,000 Malicious IPs Used in Ransomware Campaigns appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Trump administration’s “narrowly tailored, short-term” lifting of sanctions on Russian oil may produce a longer-term boost to Moscow’s war on Ukraine.
Treasury Department Secretary Scott Bessent insisted that wasn’t so as he announced on Thursday that countries would be allowed to purchase any Russian oil in ships at sea as of March 12.
The move “will not provide significant financial benefit to the Russian government,” Bessent wrote on X.
But experts, European allies, and Democratic Party lawmakers said Russia would indeed gain from Trump officials’ attempt to buffer Americans and global markets from the effects of their war on Iran.
The windfall could reach $10 billion a month, estimated Isaac Levi, an analyst with the Centre for Research on Energy and Clean Air.
Six members of the European Group of Seven condemned the move because “Russia is benefiting from that,” German Chancellor Friedrich Merz said on Friday.
Two members of the U.S. Congress wrote Bessent to “demand the immediate reversal” of his decision.
Earlier in March, Trump made the decision to ease oil sanctions specifically for India, a preview of the larger expansion in sanctions reversal. “Even more troubling than the rise of oil prices is the lifeline the United States has given to Russia just as U.S. officials confirmed Russia is providing Iranian forces with the locations of American military assets, including warships and aircraft. By providing this waiver, you have signaled that the United States will reward attacks on our troops, not deter them,” Rep. Sam Liccardo, D-Calif., and Sen. Ruben Gallego, D-Ariz., wrote in a March 9 letter about the sanctions reversal specifically for India.
“Short term”
Sanctions are “hard to put back on once taken off,” wrote Mike Pompeo, who as Secretary of State in the first Trump administration withdrew from a deal that was limiting Iranian nuclear development. Dropping sanctions also removes “leverage,” Pompeo wrote in a 2023 book.
Doing so before the punished country changes its behavior returns a situation to “factory settings,” diminishing pressure without getting much in return, Washington Institute analysts wrote of Iran four years ago.
The relief won’t likely enable Moscow to open new fronts in the Ukraine war immediately, Elina Ribakova, a senior fellow at the Peterson Institute for International Economics, told the Wall Street Journal, but: “I would worry that if it were to hold for half a year that Russia would gain more appetite to do so.”
The move also weakens European allies politically. The EU has banned 90 percent of Russian oil sales, and those sanctions are likely to remain despite the fact that energy prices in Europe are higher than they are in the United States. The White House move counteracts the effect of those sanctions while keeping prices higher in Europe (as they maintain their own sanctions.)
Sanctions are only being lifted on oil “loaded on vessels” by March 12, the Treasury Department notice said. But that will be difficult to enforce because of Russia’s widespread use of illicit “shadow fleet” tankers that mask their identification numbers, ports of origin, and cargo.
“Data on how much, and most importantly whose oil a tanker is carrying, is much more sensitive for the owners and practically unverifiable,” Dmitry Nekrasov, an economist with the Center for Analysis and Strategies in Europe, has noted.
Satellites and AI have made it somewhat easier to track shadow fleet vessels, but the Trump administration has fewer people around to do so.
Within weeks of taking office last year, the administration disbanded a Biden-era task force that was central to enforcing sanctions against Russia. The administration also froze and restricted hiring for federal jobs, including at Treasury offices that monitor sanctions. Last April, Senate Democrats reported that the team “has been unable to keep pace with the attrition caused by numerous staff departures.
“The Trump Administration let pressure dissipate despite the growing number of Russian circumvention efforts, and it has stood by as evaders in the PRC [China] and other countries have profited from their support to the Kremlin’s war machine,” their report said.
One official who is welcoming the break from sanctions is Russia’s Kirill Alexandrovich Dmitriev, an envoy of Vladimir Putin and the head of the country’s sovereign-wealth fund.
“Russian energy is indispensable to easing the world’s largest energy crisis. EU bureaucrats will soon be forced to recognize this reality, acknowledge their strategic blunders, and atone,” Dmitriev wrote on X, about a day after he met in Florida with White House special envoy and real-estate mogul Steve Witkoff and the president’s son-in-law, Jared Kushner.
]]>¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Defense Department is planning more multiyear deals and expects they’ll help smooth kinks in fragile supply chains. But the way prime contractors manage their suppliers, and the potential for bottlenecks, could stall progress.
Quadrupling munitions production “takes leadership—and I think we've got that in the [defense] secretary and the deputy. I think it takes money. I think it takes commitment,” Michael Duffey, the Pentagon's acquisitions and sustainment chief, said Thursday during the Ronald Reagan Institute’s national security summit.
Duffey said multi-year procurement deals, such as recent ones with Lockheed Martin and RTX, have helped create “a trust level with industry because of that frequent engagement.” The hope is that conditions set in those deals will flow down the prime contractor’s supply chain.
“One of the key components of the deal is that all the conditions that are a part of the prime contractor will flow down. So the longevity of the deal will benefit all the suppliers, all the way down the supply chain, which hopefully then incentivizes a flywheel of investment in the key components, in the raw materials that we need,” Duffey said, noting that high engagement with industry has helped foster conditions for these types of deals.
While the Pentagon is happy with progress so far, Duffey said “not every program will be a perfect candidate” for long-term production deals. Those that would be a good candidate share a few things, including long-term need, lack of an emerging competitor, and “ramp time” needed to build a supply chain and intellectual property.
“That all, kind of, creates the incentive for a long-term deal here. And putting that contract in place, not only to incentivize the contractor to make the investment, but it's putting real penalties in to ensure that we're able to stick to the present and the secretary's priority, which is speed and volume,” Duffey said.
In its annual report card analyzing the defense industrial base, the Reagan Institute found the Pentagon has gotten better at telling industry what its modernization plans are compared to a year ago—jumping from a D-plus to a B-minus—but still struggles to make those plans a reality.
Roger Zakheim, who leads the Ronald Reagan Institute in Washington, said the second Trump administration’s moves thus far have been positive “building blocks” for substantive change, but there is still a long way to go.
“There are great aspirations for what has to happen within our innovation base and the impact it should have on our national defense. And we haven't seen sufficient, in our judgment, movement there. The production, the modernization is sort of not revealing itself across the force like we think it should,” Zakheim told reporters at a Defense Writers’ Group event ahead of the summit. “But at the same time, we have seen some significant movements, particularly this year, in the customer clarity,” due to policy shifts, among other things that “could ultimately drive this defense modernization.”
Defense modernization has received a grade of ‘D’ on the institute’s report card since 2024.
Some of the positive signs the report mentioned: acquisition reform and reorganization efforts, talks of $1.5 trillion defense budgets, and procurement contracts spanning several years—which have clarified the Pentagon’s intentions with industry.
But supply chain risks persist and likely need more attention.One of the barriers to increased production and defense modernization is supply chain management, which the Pentagon has typically left up to prime contractors, said Frank Futcher, the former director of NavalX.
“I think for too long, the Department of War has relied on the big primes to do all of that, like it was more of the hands off, laissez faire economy…We've now started to shift to more of an industrial policy,” said Futcher, who is now a consultant with Ernst & Young.
There's a misconception that major defense contractors “go deep down the supply chain…on a day-to-day basis” and can actually see where risks to production could be, he said.
“There could be a mom and pop shop. There could be long lead material that they don't realize that's going to prevent them from scaling,” Futcher said. “And I think the program offices, or now these new PAEs, these portfolio acquisition executives, have to make this a priority…they really need to be working together with industry in much more of an established sort of industrial policy as to how they're going to do this together.”
]]>¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Six crew members killed aboard a KC-135 that crashed in Iraq on Thursday—the most recent casualties of the war on Iran—likely had no parachutes, which were removed from the venerable tanker aircraft nearly two decades ago.
Two aircraft were involved in the deadly incident, one of which returned safely to base. They were supporting the two-week-old Operation Epic Fury, but the incident was not the result of “hostile fire or friendly fire,” U.S. Central Command said in a Friday news release.
The nature of the crashed KC-135’s mission was not immediately clear. The other plane was also a KC-135, according to a U.S. official who talked with the Associated Press on condition of anonymity.
A CENTCOM spokesperson did not immediately respond to questions asking if the crew had access to parachutes. An Air Force spokesperson confirmed to Defense One that KC-135s “do not have parachutes.”
Air Force leaders eliminated parachutes from the tankers nearly two decades ago to save time and money.
“Removing parachutes from military aircraft may sound peculiar, but KC-135s are not like other aircraft. They seldom have mishaps, and the likelihood a KC-135 crew member would ever need to use a parachute is extremely low,” an Air Force press release said in 2008. “However, a lot of time, manpower and money goes into buying, maintaining and training to use parachutes. With the Air Force hungry for cost-saving efficiency under its Air Force for Smart Operations in the 21st Century Program, commonly known as AFSO 21, the parachutes were deemed obsolete.”
Jessica Ruttenber, a former pilot and KC-135 instructor, recalled the decision.
“There was a point when we were concerned about additional weight and not being fuel-efficient,” Ruttenber said. “I think that brought it to the likelihood of us ever needing to use the parachutes versus the weight and the upkeep, [and] the cost.”
After the parachutes were removed, interior harnesses were installed for use when, say, a light indicates that a door is loose.
Ruttenber said that if the crew had parachutes, they’d be in the back of the aircraft where the boom operator is. Given their location, bailing out of a KC-135 would be a safe possibility only under a few scenarios.
“I think the situation that would warrant jumping out of the plane is a low-fuel situation, that you’re not going to be able to make it to a landable surface, or the aircraft no longer has the ability to land,” she said. “If you have an uncontrolled situation that’s rapidly occurring and it’s violent, you’re not going to have time as an option.”
The last deadly KC-135 mishap was in 2013, when a crew of three crashed in the Kyrgyz Republic after the flight control system malfunctioned during a combat aerial refueling mission.
Top Air Force officials have repeatedly called for modernizing the KC-135, the last of which was built more than 60 years ago. Last year, the Air Force weighed keeping the tanker in service past its originally planned 2050 retirement date.
In July, the Air Force cancelled a “bridge buy” for an interim tanker as the service pursued a new-generation refueler in a program called NGAS, which netted just $13 million in the 2026 budget request. Instead, the service decided to buy additional KC-46s, despite the program’s recurring headwinds and mishaps.
“The Air Force is investing in both tanker capacity and capability to enable the Joint Force now and into the future by ensuring an uninterrupted recapitalization of KC -135 aircraft with KC-46 aircraft,” a service spokesperson said.
The identities of the aircrew killed in Thursday’s crash have not yet been released by the Defense Department. In his Friday morning press conference at the Pentagon, the Joint Chiefs chairman asked people to remember the aircrew and those around them.
“Please keep these brave airmen, their families, friends, and units in your thoughts,” Caine said. “In the coming hours and days, our service members make an incredible sacrifice to go forward and do the things that the nation asks of them."
]]>¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
INTERPOL’s Operation Synergia III led to 94 arrests and the takedown of 45,000 malicious IPs in 72 countries targeting phishing, malware, and fraud networks.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Qualys uncovers ‘CrackArmor’ vulnerabilities in AppArmor that could expose 12.6M Linux systems to root access and container escapes.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
