-
Apple has been fined €98.6 million ($116 million) by Italy’s antitrust authority after finding that the company’s App Tracking Transparency (ATT) privacy framework restricted App Store competition. The Italian Competition Authority (Autorità Garante della Concorrenza e del Mercato, or AGCM) said the company’s “absolute dominant position” in app distribution allowed it to “unilaterally impose”
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new and sophisticated defensive evasion tool dubbed “NtKiller” has surfaced on underground cybercrime forums, marketed by a threat actor known as “AlphaGhoul.” The utility is being aggressively promoted as a high-end solution for stealthily terminating antivirus (AV) and Endpoint Detection and Response (EDR) agents, potentially lowering the barrier for ransomware operators and initial access brokers to bypass […]
The post NtKiller Malware Advertised on Dark Web With Claims of Antivirus and EDR Bypass appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated credential-stealing campaign named “Operation PCPcat” has compromised over 59,000 Next.js servers worldwide, exploiting critical vulnerabilities in the popular React framework to harvest sensitive authentication data at industrial scale. Security researchers discovered the campaign through honeypot monitoring and gained direct access to the attackers’ command-and-control infrastructure, revealing alarming operational metrics. The campaign maintains a […]
The post Operation PCPcat Exploits Next.js and React, Impacting 59,000+ Servers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Among the eye-opening details of President Trump’s plans for an eponymous class of giant warships is one that appears to contravene an earlier policy position: these “battleships” are to be armed with a new nuclear-armed cruise missile.
Back in February, however, the president told reporters: “There’s no reason for us to be building brand-new nuclear weapons. We already have so many.” I agreed with President Trump then on this point, and I still do.
We have history to learn from regarding nuclear-armed, sea-launched cruise missiles, known as SLCM-N. In 1991, President George H.W. Bush ordered all nuclear-armed Tomahawk cruise missiles removed from our Navy surface ships and submarines. He deemed forward deployment of this small, “tactical” nuclear weapon uniquely destabilizing, and opted to put them into storage. Twenty years later President Obama, with prodding from U.S. Navy leaders, had them removed from storage and permanently dismantled.
This limiting of the Navy’s nuclear mission to strategic missiles on certain submarines has long been seen as a stabilizing strategy—one that recognized the clear conventional advantages of the U.S. Navy and the unique risks posed by a reliance on tactical nuclear weapons.
Then came a surprise. In 2018, President Trump’s defense secretary, James Mattis, and Joint Chiefs chairman, Gen. Mark Milley signed off on a Nuclear Posture Review that called for developing a new SLCM-N. President Biden rightly cancelled this nascent program in 2021 but did not drive the issue actively enough to prevent Congress from overruling this decision and continuing to fund the project. Rarely, if ever, in our history has the Congress forced the executive branch to start a new nuclear weapon program.
Having served for five and a half years as Assistant Secretary of Defense for Nuclear, Chemical, and Biological Defense Programs, I strongly support modernization of our triad of strategic nuclear weapons. The “tactical” SLCM-N, however, is different. In addition to agreeing with President Trump that we don’t need additional new nuclear weapons, I oppose this specific one for three reasons.
I don’t want our adversaries to think that if they use a “small, tactical nuclear weapon,” as President Putin has recklessly threatened, that our response would be to retaliate with a similarly small one. I’d rather our adversaries fear an overwhelming retaliation, and building our strategic deterrent to maximize that mission also shifts the parameters of any imagined battle onto our clear conventional advantages. The United States already has weapons that fit this need, and the current nuclear modernization program is bolstering that.
Second, I’m concerned that such types of nuclear weapons are more likely to be used in a regional conflict, or a so-called limited nuclear war. Once the nuclear threshold is crossed, escalation to an all-out nuclear exchange becomes chillingly likely.
Third, such weapons increase the potential for miscalculation or accidental nuclear war. This is because the same weapons exist in commonly used conventional, or non-nuclear variants. In a contested environment with degraded intelligence and sensing capabilities, an adversary would have no way of knowing if any given weapon flying towards its territory were armed with a nuclear or conventional warhead, and may well decide to reach for its own nuclear weapons rather than risk losing them.
So let’s not undermine our formidable strategic weapons triad with pursuit of this small, “tactical” nuclear weapon. In his effort to drive a new battleship program, President Trump has an opportunity to also stick to his past statements and make America stronger and safer by investing in capabilities that are more important than building this new nuclear weapon.
Andrew C. Weber, a Senior Fellow at the Council on Strategic Risks, previously served as U.S. Assistant Secretary of Defense for Nuclear, Chemical and Biological Defense Programs.
]]>¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity specialists from the Solar 4RAYS cyberthreat research center, a division of the Solar Group, have uncovered a dangerous new malware strain dubbed “Webrat.” This sophisticated threat has been identified as a multi-functional remote access tool (RAT) and information stealer that aggressively targets victims through deceptive social engineering campaigns involving popular code repositories and video […]
The post WebRAT Malware Campaign Leveraging GitHub-Hosted Proof-of-Concept Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
MongoDB has disclosed a critical security vulnerability tracked as CVE-2025-14847 that could allow attackers to extract uninitialized heap memory from database servers without authentication. The flaw, affecting multiple MongoDB versions dating back to v3.6, stems from a client-side exploit in the server’s zlib compression implementation. Vulnerability Overview The security issue enables malicious actors to retrieve […]
The post Critical MongoDB Flaw Leaks Sensitive Data Through zlib Compression appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Left in the cold after the Air Force picked Anduril and General Atomics to develop prototype robot wingmen, Northrop Grumman responded with a secret, self-financed effort to get back in the game. On Monday, the Virginia-based defense giant reached its goal: service officials announced that its planned collaborative combat aircraft—unveiled just weeks ago as Project Talon—could compete for initial production contracts.
The Air Force also announced on Monday that nine unnamed companies would receive money to develop a second iteration of CCAs, intended to broaden their uses beyond protecting manned jets from attack.
The new contracts “represent a broad spectrum, ranging from more affordable, attritable concepts to higher-end, more exquisite designs,” an Air Force official told Defense One in an emailed statement on Monday, adding that the companies’ names “remain protected by enhanced security measures at this time.”
Meanwhile, the official said, “Northrop Grumman remains in a vendor pool that can compete for future efforts, including the Increment 1 production contract and subsequent increments.”
Northrop’s Project Talon CCA, whose first flight is planned for next year, also received an Air Force designator: YFQ-48A. The official said that marks the offering as a “strong contender” against Anduril’s YFQ-44A Fury and General Atomics’ YFQ-42A.
"We are encouraged by Northrop Grumman's continued investment in developing advanced semi-autonomous capabilities," Brig. Gen. Jason Voorheis, program executive officer for Fighters and Advanced Aircraft, said in a news release. "Their approach aligns with our strategy to foster competition, drive industry innovation, and deliver cutting-edge technology at speed and scale."
The Air Force has said that it intends to buy “more than 100” Increment 1 CCAs and have an operational CCA capability by 2030.
Anduril, General Atomics, and Northrop did not return a request for comment on Monday.
Defense business experts and analysts said Northrop’s designation is yet another example of how fast the Air Force is moving on the CCA contracts.
“It's unusual to get that designation in the stage of Increment Two that we understand, which is just this concept-refinement phase,” said Jon Hemler, an analyst with Forecast International, a sister brand of Defense One. “What I take away from it is that the Air Force is moving fast on this type of acquisition program.”
While the first iteration of the CCA program was focused on air-to-air combat, Northrop’s prototype was designed to handle a variety of missions. The aircraft took roughly 15 months to build; the number of parts and build time were kept low to reduce costs, Defense One has reported.
The Air Force is nearly doubling the number of companies it's looking at for the next round of the CCA competition. For Increment 1, five companies vied for development contracts, with Anduril and General Atomics initially outlasting Boeing, Northrop, and Lockheed Martin. Then-Air Force Secretary Frank Kendall said last year he’d like to have at least two or three competitors, adding that carrying three companies into development could be possible if industry would agree to certain cost-sharing initiatives.
“I think we could do three, and that would be our preference,” Kendall said in February.
Several companies have revealed CCA prototypes this year, including a multi-purpose drone from Lockheed Martin’s Skunk Works. Boeing also unveiled an Army-focused tiltrotar drone concept and has hit major milestones with its MQ-28 Ghost Bat CCA in use with the Australian Air Force in recent weeks.
“It initially was kind of debuted, that the first increment would be a low-cost, attritable, just get something, procured, built, and in the air. And Increment Two would be a refinement phase, Hemler said. “But what it's looking like now, is that Increment Two might be—certainly, more refined, but where I expect Increment Two to kind of see significant changes is international participation.”
The Air Force official said the second increment will be “structured similarly” to the first increment where more than one company may be selected to build a prototype.
“For CCA Increment 2, following concept refinement, the Air Force will proceed with prototyping, with plans for a future competitive award leading to production awards,” the official said. “The specific timeline for these milestones will depend on the results from Concept Refinement and the vendor’s performance during testing.”
]]>¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Jamf security experts have found a new version of MacSync Stealer. Disguised as a zk-call app, it uses official notarization to bypass security and steal your saved passwords.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
·
Plans to build a new class of giant surface combatants were announced Monday by President Trump, Defense Secretary Pete Hegseth, and Navy Secretary John Phelan at the president’s Florida mansion. Dubbed “battleships” in defiance of the usual meaning of the term and the “Trump class” in defiance of American tradition, the vessels are to displace some 35,000 tons, three times as much as today’s Arleigh Burke-class destroyers.Their armament is to include 128 Mk 41 vertical-launch missile tubes, which would be more than the 96 on the Navy’s latest Burkes but less than the 154 on its SSGN guided-missile submarines.
A fact sheet says the class will also include several weapons that don’t yet exist: a 32-megajoule railgun, two 300kW tactical lasers, and a dozen large tubes for the under-development Conventional Prompt Strike hypersonic missiles. The Associated Press notes that “the Navy has struggled to field some of the technologies Trump says will be aboard the new ship. The Navy spent hundreds of millions of dollars and more than 15 years trying to field a railgun aboard a ship before finally abandoning the effort in 2021.”
Phelan said parts of the ship will be built in all 50 states, hewing to the Navy’s two-century-old practice of spreading contracts to shore up political support. See coverage by the Wall Street Journal and USNI News.
Historian’s note: “The last battleship in history to be built was the HMS Vanguard, completed in 1946; the last battleship commissioned by the U.S. was the USS Missouri, which was decommissioned in the 1990s,” Heather Cox Richardson recounted following the president’s announcement.
Additional reading:
- “France to build first aircraft carrier in decades,” Semafor reported Monday, though current plans won’t have the carrier ready until 2038;
- But also from France, read “How U.S. Defense Industry Dodged a Rare-Earth Shortage After China’s Curbs,” via the New York Times reporting Monday on a cache of samarium nitrate found at a Belgium-owned chemical factory in Solvay, France (gift link).
Welcome to our final D Brief of 2025, brought to you by Ben Watson and Bradley Peniston. Amid our hectic daily lives, it remains more important than ever to stay informed. So we’d like to take an additional moment to thank you this year for reading. We welcome your tips and feedback here. And if you’re not already subscribed, you can do that here. On this day in 2002, the U.S. military lost its first drone in aerial combat when an MQ-1 Predator was shot down by an Iraqi MiG-25.
Around the Defense Department
The U.S. is now conducting surveillance flights over Nigeria after Trump threatened to send American troops there to halt violence against Christians, Reuters reported Monday.
The contracted flights have been taking place since late November, just weeks after Trump issued the threat, and they typically depart from Ghana before returning, according to flight tracking data. An expert from AEI told Reuters “the operation appeared to be running out of an airport in Accra, a known hub for the U.S. military's logistics network in Africa.” Pentagon officials declined to discuss the surveillance flights. Read more, here.
Following Monday’s new row between the White House and Denmark, the State Department approved a $951 million sale of 230+ AMRAAM-ER missiles to Copenhagen, the Pentagon’s Defense Security Cooperation Agency announced.
Additional reading:
- “Mass Recall of U.S. Ambassadors Leaves Unprecedented Global Vacancies,” the Wall Street Journal reported Monday;
- And “China likely loaded more than 100 ICBMs in silo fields, Pentagon report says,” Reuters reported Monday as well.
Etc.
Lastly this year, we’ve compiled a list of recent and semi-recent extended reading links following up on several top U.S. national-security themes from 2025. Topics include DOGE’s hype vs. its reality, Trump’s aggressive deportation campaign, billions in U.S. missile defense contracts, the National Guard’s numerous domestic deployments, Israel’s war with Iran, the Pentagon’s rush to adopt AI, and more.
Think we missed something big or particularly impactful? Let us know, and have a great upcoming holiday. We’ll see you again in 2026!
- “How Did DOGE Disrupt So Much While Saving So Little?” the New York Times reported Tuesday in a wrap-up of DOGE reporting highlighting the hype and the actual returns to date;
- The Times also takes readers “Inside the Deportation Machine,” in a visually-stunning (and arguably terrifying) multimedia presentation published Monday;
- “How the US is preparing a military staging ground near Venezuela,” which is another illuminating visual presentation, this time from nearly a dozen Reuters reporters, writing last month;
- “Stephen Miller’s hard-line Mexico strategy morphed into deadly boat strikes,” via the Washington Post, reporting Thursday on how a border-security prerogative evolved into something quite different;
- “U.S. Boat Strike Campaign: Questions Congress Should Ask Executive Branch Officials,” via three veteran lawyers writing in early December for Just Security;
- “The International Law Obligation to Investigate the Boat Strikes,” also via Just Security, writing last Monday;
- “Russia Dismisses Reports of Progress in Ukraine Peace Talks,” the Times reported Sunday;
- “Gargantuan Golden Dome contract vehicle clears 1,000-plus firms to vie for slices of $151 billion,” via Defense One’s Tom Novelly, reporting in early November;
- “Another 1,000 defense companies chosen for $151B Golden Dome competition,” which is also from Novelly, reporting Friday in an update;
- “Build Your Own Golden Dome: A Framework for Understanding Costs, Choices, and Tradeoffs,” via Pentagon veteran Todd Harrison of the American Enterprise Institute, delivering a whopping 51-page report on the technology in September;
- Harrison also authored the much shorter analysis, “Golden Dome is a Trillion Dollar Gambit,” over at War on the Rocks a week later;
- Lawfare is maintaining a “Trump Administration Litigation Tracker,” which includes numerous cases involving the president’s National Guard deployments across nearly a half-dozen U.S. cities since June, several of which have been put on hold while others have been stayed pending appeal;
- Israeli “Army chief, hinting at potential new Iran war, says IDF will strike ‘wherever required,’” the Times of Israel reported Sunday;
- “Pentagon to Add xAI’s Grok to AI Service Early Next Year,” the Information reported Tuesday;
- See also “The Good, Bad, and Really Weird AI Provisions in the Annual Defense Policy Bill,” via the Brennan Center for Justice, writing last Monday;
- “Global investors turn to Chinese AI as Wall Street fears bubble,” Reuters reported Tuesday;
- And relatedly, “The Pentagon and A.I. Giants Have a Weakness. Both Need China’s Batteries, Badly,” the New York Times reported Tuesday.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The war in Ukraine has made one thing unmistakably clear: drones are no longer a support weapon on the battlefield. They are central to how modern wars will be fought. From reconnaissance and targeting to direct strikes, low-cost, fast-moving drones with powerful payloads are causing massive destruction and racking up kills against traditional armed forces. And that mastery of drone warfare is allowing a smaller country like Ukraine to hold its own on the front lines against a superpower, performing devastating strikes that keep the Russian Army on its back foot.
The world is taking notice. Other countries in the region are already planning to use drones in their defense should war come to their door, while also countering those of their potential enemies. The shift in military thinking was on display earlier this year as Estonia announced plans to build a so-called “drone wall” along its border, a layered defensive system designed to detect and counter unmanned aerial threats. As Estonian defense officials explained to Nextgov/FCW, their goal is not simply to buy more hardware, but to rethink how borders and battlespaces are protected in an era where inexpensive drones can have a large strategic impact.
But that same lesson is not theoretical in Ukraine, where drones have become one of the most decisive tools of the conflict. In Ukraine, small, fast and often expendable drones are now used for everything including reconnaissance, precision attacks in the midst of combat, electronic warfare, air defense interception and even strategic strikes far behind the frontlines. Most of the drones used by Ukraine are FPV, or first person view, models flown by operators who often receive only weeks of training before being sent to the front. In that environment, pilot skill matters a lot. And that is where simulation technology has quietly become just as important as the hardware.
Over the past two years, Ukrainian forces have relied heavily on high-fidelity drone simulators to train operators before they ever touch a real aircraft. According to Simtech Solutions, the developers of one of the main Ukrainian training tools, their platform alone has been used to get over 5,000 military pilots flight ready, capable and certified to perform even the most advanced and critical missions. And the results speak for themselves. The company says that pilots who trained with their simulator have successfully struck over 100,000 real-world targets.
That platform has now been released in a public-facing version called Ukrainian Fight Drone Simulator, which is available on the Steam platform. I was able to experiment with the new simulator, logging in over 100 hours of flight time and training. With real-world physics and battlefield conditions, it was not a walk in the park. I ended up crashing almost 200 drones before I even got through the training academy, much less get anywhere close to an enemy. But even while I was still learning how to fly drones in combat, it was clear how much this technology could dominate the battlefields of the future, perhaps even more so than any other conventional weapon.
Although it’s available on a gaming platform like Steam, calling Ukrainian Fight Drone Simulator a game understates its rich history on the frontlines and its commitment to realism. The developers describe it as a public adaptation of their ultra-realistic trainer, built directly from battlefield lessons. Everything from the physics of flight to the ruthlessness of battlefield opponents are intentionally unforgiving.
You can’t even use a game controller too effectively with it. For a true training experience, you need to have a real RC Controller, just like the pilots in Ukraine. I used my Radiomaster TX16S that controls my personal drone, but almost any other model works just fine. The developer recommends Radiomaster Pocket, Zorro, TX12, Boxer, TX16S or TBS Tango 2 RC controllers.
The simulator includes multiple classes of combat drones, as most of the ones being used in Ukraine are fairly modular in terms of their possible loadouts. You can set them up for bomb drops against infantry, although that technique can also be effective against light vehicles or rear supply areas. More powerful are the kamikaze drones that can lug around huge bombs or artillery shells in their undercarriages. Although this greatly complicates flight physics, direct hits from them can destroy armored vehicles — like fast-moving Russian BMPs — or hardened targets — like earthen bunkers. Even frontline tanks, once the kings of the battlefield, can be damaged or disabled by a hit from a drone in a critical spot, and then destroyed with follow-up strikes.
If you are up for a real challenge, air interceptor drones are also included. If you thought that hitting a moving vehicle or a group of running soldiers was difficult, try chasing down a helicopter or even an enemy drone. It takes a lot of skill and practice.
What really stood out to me during my time on the simulated frontline was how much Ukrainian Fight Drone Simulator emphasizes military elements beyond just flying drones. You actually have to plan your missions, taking into account things like time of day, lines of sight, potential exposure to enemy defenses and whether or not the enemy is operating electronic warfare in the area. I had to learn how to manage things like battery power too, because going around an area with dense anti-air defenses to get at juicy targets sitting behind them might be a great idea, but only if your heavily laden drone has enough juice to make the run and still give you a least a few minutes of time over your target.
Although I had a great experience with Ukrainian Fight Drone Simulator, it was not really about flying for fun. It was more about understanding how drones can be successfully used in modern conflicts. My success in the field really depended on training, discipline and repetition.
And that is where something like Ukrainian Fight Drone Simulator becomes relevant far beyond Ukraine. For defense agencies, allied militaries and even policymakers, tools like this provide insight into why drones are changing warfare so rapidly. They also help explain why training has become such a critical bottleneck. Hardware can be produced quickly. Skilled operators cannot.
What simulations like Ukrainian Fight Drone Simulator ultimately demonstrate is that the drone revolution is not theoretical. It’s operational, and it’s happening now. Armies that go into their next fight without an extremely capable drone wing and a cadre of qualified and experienced pilots are likely to be at a serious disadvantage.
As more agencies track drone developments and consider how to defend against or deploy them, simulations will play an increasingly important role too. They offer a safe way to understand a technology that is anything but safe on the battlefield. And for anyone trying to grasp how modern conflicts are evolving, stepping into a virtual cockpit like the ones that Ukrainian Fight Drone Simulator offers may be the most instructive place to start.
John Breeden II is an award-winning journalist and reviewer with over 20 years of experience covering technology. He is the CEO of the Tech Writers Bureau, a group that creates technological thought leadership content for organizations of all sizes. Twitter: @LabGuys
]]>¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
