🛡️ NORTHCOM Jams Drones Near Strategic Base
A U.S. Northern Command counter-drone system activated its jamming protocol against potential drone incursions at a strategic military installation, according to a NORTHCOM spokesperson. The disclosure confirms that RF-based interdiction is now an operational response layer at high-value domestic sites, not solely a deployed-theater capability.
The acknowledgment is notable for its specificity: NORTHCOM confirming active jamming engagement at a named installation signals a shift toward greater transparency on counter-UAS posture, likely intended to deter further incursion attempts through disclosure rather than silence.
🛰️ Open sources - closed narratives
@sitreports
A U.S. Northern Command counter-drone system activated its jamming protocol against potential drone incursions at a strategic military installation, according to a NORTHCOM spokesperson. The disclosure confirms that RF-based interdiction is now an operational response layer at high-value domestic sites, not solely a deployed-theater capability.
The acknowledgment is notable for its specificity: NORTHCOM confirming active jamming engagement at a named installation signals a shift toward greater transparency on counter-UAS posture, likely intended to deter further incursion attempts through disclosure rather than silence.
🛰️ Open sources - closed narratives
@sitreports
⚡ 300 U.S. Troops Wounded, Iran Operation
Nearly 300 U.S. personnel have been wounded during Operation Epic Fury, the ongoing military campaign against Iran, with drone and missile attacks accounting for the bulk of casualties. The figures indicate a sustained attrition rate rather than isolated engagement losses.
The casualty pattern reflects structural deficiencies in U.S. force protection against low-cost aerial threats. Drone saturation tactics have consistently exposed gaps in close-in defense coverage across multiple theaters, and Operation Epic Fury appears to confirm that gap at operational scale.
🛰️ Open sources - closed narratives
@sitreports
Nearly 300 U.S. personnel have been wounded during Operation Epic Fury, the ongoing military campaign against Iran, with drone and missile attacks accounting for the bulk of casualties. The figures indicate a sustained attrition rate rather than isolated engagement losses.
The casualty pattern reflects structural deficiencies in U.S. force protection against low-cost aerial threats. Drone saturation tactics have consistently exposed gaps in close-in defense coverage across multiple theaters, and Operation Epic Fury appears to confirm that gap at operational scale.
🛰️ Open sources - closed narratives
@sitreports
🔍 82nd Airborne Command Deploys to Middle East
Leadership of the 82nd Airborne Division has been ordered to the Middle East, according to government sources citing the deployment amid deliberations over a potential ground operation against Iran.
Forward positioning of divisional command elements — ahead of enlisted formations — is consistent with preparatory staging: establishing command infrastructure before force flow begins. The 82nd Airborne functions as a rapid deployment force, capable of brigade-level insertion within 18 hours of notification.
🛰️ Open sources - closed narratives
@sitreports
Leadership of the 82nd Airborne Division has been ordered to the Middle East, according to government sources citing the deployment amid deliberations over a potential ground operation against Iran.
Forward positioning of divisional command elements — ahead of enlisted formations — is consistent with preparatory staging: establishing command infrastructure before force flow begins. The 82nd Airborne functions as a rapid deployment force, capable of brigade-level insertion within 18 hours of notification.
🛰️ Open sources - closed narratives
@sitreports
🔍 Army Launches Amazon-Built Drone Marketplace
The U.S. Army has launched a UAS Marketplace developed in partnership with Amazon, enabling military users to compare drone system specifications, submit direct feedback, and place procurement orders through a single platform.
The structure mirrors commercial e-commerce acquisition models applied to defense procurement. Consolidating vendor comparison and ordering into one interface reduces friction in the acquisition cycle and positions the Army to accelerate UAS fielding without routing each purchase through legacy contracting channels.
🛰️ Open sources - closed narratives
@sitreports
The U.S. Army has launched a UAS Marketplace developed in partnership with Amazon, enabling military users to compare drone system specifications, submit direct feedback, and place procurement orders through a single platform.
The structure mirrors commercial e-commerce acquisition models applied to defense procurement. Consolidating vendor comparison and ordering into one interface reduces friction in the acquisition cycle and positions the Army to accelerate UAS fielding without routing each purchase through legacy contracting channels.
🛰️ Open sources - closed narratives
@sitreports
📡 FCC Bans All Foreign-Made Routers
The Federal Communications Commission has expanded its Covered List to include all consumer routers manufactured outside the United States, effectively banning the sale of new models domestically. The measure targets hardware at the network edge — the point where consumer infrastructure interfaces with broader telecommunications systems.
The FCC's Covered List functions as a procurement exclusion mechanism, previously applied to specific vendors such as Huawei and ZTE. Extending it to all foreign-manufactured consumer routers marks a structural shift from vendor-specific restriction to origin-based hardware exclusion across an entire device category.
🛰️ Open sources - closed narratives
@sitreports
The Federal Communications Commission has expanded its Covered List to include all consumer routers manufactured outside the United States, effectively banning the sale of new models domestically. The measure targets hardware at the network edge — the point where consumer infrastructure interfaces with broader telecommunications systems.
The FCC's Covered List functions as a procurement exclusion mechanism, previously applied to specific vendors such as Huawei and ZTE. Extending it to all foreign-manufactured consumer routers marks a structural shift from vendor-specific restriction to origin-based hardware exclusion across an entire device category.
🛰️ Open sources - closed narratives
@sitreports
🔍 LiteLLM PyPI Package Supply Chain Hit
The TeamPCP hacking group has compromised the LiteLLM Python package on PyPI, a widely used library for interfacing with large language model APIs. The group claims to have exfiltrated data from hundreds of thousands of devices via the compromised package.
This follows an established pattern of TeamPCP operations targeting high-dependency open-source packages to maximize downstream exposure. Targeting an LLM integration library indicates deliberate focus on AI development pipelines, where affected systems are likely to belong to developers, enterprises, and research institutions with elevated data value.
🛰️ Open sources - closed narratives
@sitreports
The TeamPCP hacking group has compromised the LiteLLM Python package on PyPI, a widely used library for interfacing with large language model APIs. The group claims to have exfiltrated data from hundreds of thousands of devices via the compromised package.
This follows an established pattern of TeamPCP operations targeting high-dependency open-source packages to maximize downstream exposure. Targeting an LLM integration library indicates deliberate focus on AI development pipelines, where affected systems are likely to belong to developers, enterprises, and research institutions with elevated data value.
🛰️ Open sources - closed narratives
@sitreports
💸 Dutch Finance Ministry Confirms Staff Breach
The Dutch Ministry of Finance disclosed a staff data breach resulting from a cyberattack, with an investigation currently underway. The scope of compromised data has not been specified publicly.
Attacks targeting government financial ministries follow a documented pattern of adversaries prioritizing personnel data — staff records carry operational value for follow-on targeting, credential exploitation, and social engineering at institutional level.
🛰️ Open sources - closed narratives
@sitreports
The Dutch Ministry of Finance disclosed a staff data breach resulting from a cyberattack, with an investigation currently underway. The scope of compromised data has not been specified publicly.
Attacks targeting government financial ministries follow a documented pattern of adversaries prioritizing personnel data — staff records carry operational value for follow-on targeting, credential exploitation, and social engineering at institutional level.
🛰️ Open sources - closed narratives
@sitreports
📷 India Probes Pakistan-Linked CCTV Network
Indian authorities have opened an investigation into a suspected espionage operation involving CCTV cameras positioned to surveil critical infrastructure, with links alleged to Pakistani intelligence interest. Police identified camera placements oriented toward infrastructure sites rather than their stated civilian purposes.
The operation fits a documented pattern of using commercially deployed surveillance hardware as passive collection nodes. Cameras installed under civilian or commercial cover require minimal active maintenance and generate persistent, low-signature intelligence on facility access, traffic patterns, and physical security posture.
🛰️ Open sources - closed narratives
@sitreports
Indian authorities have opened an investigation into a suspected espionage operation involving CCTV cameras positioned to surveil critical infrastructure, with links alleged to Pakistani intelligence interest. Police identified camera placements oriented toward infrastructure sites rather than their stated civilian purposes.
The operation fits a documented pattern of using commercially deployed surveillance hardware as passive collection nodes. Cameras installed under civilian or commercial cover require minimal active maintenance and generate persistent, low-signature intelligence on facility access, traffic patterns, and physical security posture.
🛰️ Open sources - closed narratives
@sitreports
🎯 DOD Accelerates PrSM Missile Output
The Department of Defense has signed an agreement with Lockheed Martin directed at increasing production capacity for the Precision Strike Missile (PrSM), a ground-launched system designed to engage targets at ranges exceeding 500 kilometers.
The move follows a broader pattern of DoD production acceleration agreements across long-range fires, reflecting industrial base expansion as a stated force readiness priority. PrSM is the designated replacement for the Army Tactical Missile System and is central to the Army's long-range precision fires modernization program.
🛰️ Open sources - closed narratives
@sitreports
The Department of Defense has signed an agreement with Lockheed Martin directed at increasing production capacity for the Precision Strike Missile (PrSM), a ground-launched system designed to engage targets at ranges exceeding 500 kilometers.
The move follows a broader pattern of DoD production acceleration agreements across long-range fires, reflecting industrial base expansion as a stated force readiness priority. PrSM is the designated replacement for the Army Tactical Missile System and is central to the Army's long-range precision fires modernization program.
🛰️ Open sources - closed narratives
@sitreports
🔍 GitHub Reverses AI Training Opt-Out
GitHub has announced that beginning April 24, user data will be used to train its AI systems by default, requiring users to manually opt out to prevent their data from being included. The policy change reverses a prior position and shifts the default consent model from opt-in to opt-out, according to the policy update.
This follows a established pattern among major platform operators of reclassifying user-generated content as training material through default-on data collection, with opt-out mechanisms placing the compliance burden on individual users rather than the platform. GitHub's position as the dominant code hosting service gives the policy broad structural reach across open-source and commercial software development.
🛰️ Open sources - closed narratives
@sitreports
GitHub has announced that beginning April 24, user data will be used to train its AI systems by default, requiring users to manually opt out to prevent their data from being included. The policy change reverses a prior position and shifts the default consent model from opt-in to opt-out, according to the policy update.
This follows a established pattern among major platform operators of reclassifying user-generated content as training material through default-on data collection, with opt-out mechanisms placing the compliance burden on individual users rather than the platform. GitHub's position as the dominant code hosting service gives the policy broad structural reach across open-source and commercial software development.
🛰️ Open sources - closed narratives
@sitreports
📷 Smartglasses: Third-Party Surveillance Access
Smartglasses with embedded cameras and microphones have reached mainstream consumer adoption. According to EFF's analysis, visual and audio data captured by these devices is not always accessible only to the device owner — third-party access represents a structural feature of current implementations, not an edge case.
The pattern fits a broader trajectory in which consumer hardware functions simultaneously as personal technology and passive collection infrastructure. Embedded sensors in wearables extend ambient data capture to environments previously outside the reach of fixed surveillance systems.
Smartglasses with embedded cameras and microphones have reached mainstream consumer adoption. According to EFF's analysis, visual and audio data captured by these devices is not always accessible only to the device owner — third-party access represents a structural feature of current implementations, not an edge case.
The pattern fits a broader trajectory in which consumer hardware functions simultaneously as personal technology and passive collection infrastructure. Embedded sensors in wearables extend ambient data capture to environments previously outside the reach of fixed surveillance systems.
Forwarded from Rybar in English
on Turkey's dilemma due to the Middle East crisis
Dark times have come for Turkey's economy. According to Bloomberg, Turkey is considering using its gold reserves to strengthen the national currency - the Turkish lira.
🔻 What do they have in reserves?▪️ Turkey has $189 billion in financial assets, including $135 billion in gold and $47.8 billion in foreign currency.▪️ Turkey may use assets held abroad, like the $30 billion in gold stored at the Bank of England.
Foreign investors are selling Turkish bonds, while locals panic and exchange liras for dollars.
#UK #Iran #Turkey
Please open Telegram to view this post
VIEW IN TELEGRAM
🔍 Iran School Strike: Two Waves Confirmed
Open-source video analysis indicates at least two distinct waves of strikes were carried out in the area surrounding an IRGC complex in Iran, with an adjacent girls' school struck in the process. The multi-wave pattern suggests deliberate sequencing rather than a single targeting event.
Structurally, dual-wave strikes are consistent with a primary strike followed by a secondary strike timed to hit responders or assess damage — a tactic documented in other theater operations. The proximity of the school to the IRGC facility places it within the blast and fragmentation radius of a compound-targeted strike package.
🛰️ Open sources - closed narratives
@sitreports
Open-source video analysis indicates at least two distinct waves of strikes were carried out in the area surrounding an IRGC complex in Iran, with an adjacent girls' school struck in the process. The multi-wave pattern suggests deliberate sequencing rather than a single targeting event.
Structurally, dual-wave strikes are consistent with a primary strike followed by a secondary strike timed to hit responders or assess damage — a tactic documented in other theater operations. The proximity of the school to the IRGC facility places it within the blast and fragmentation radius of a compound-targeted strike package.
🛰️ Open sources - closed narratives
@sitreports
Forwarded from Rybar in English
Media is too big
VIEW IN TELEGRAM
Drone dominance over the battlefield has become a harsh reality: it might even seem like it was always this way. But there was a moment that served as the starting point for such radical changes in military affairs?
Yes, there was. And while several episodes claim credit for it, one of the most striking is the repulsion of the AFU landing on the Kherson direction in autumn 2023, where the enemy listened to the British and decided to force a crossing of the Dnipro.
And at first, the enemy was even succeeding, aided by long-range artillery, fast boats and other factors. But everything changed when FPV drone crews with "Upyr" began operating in the sector.
About how unmanned aircraft managed to destroy Ukrainian logistics on the Dnipro and disrupt the AFU's plan — in our new video.
Please open Telegram to view this post
VIEW IN TELEGRAM
🔍 US, UK Seek AUV Counter-Drone Tech
US and UK forces have issued a joint tender for technology to counter autonomous underwater vehicles, with a submission deadline of April 3. The accelerated timeline indicates operational urgency rather than routine procurement.
The tender is a direct response to the proliferation of underwater attack drones observed during the Iran conflict. The compressed acquisition cycle suggests existing allied capabilities are assessed as insufficient against the threat profile currently in theater.
🛰️ Open sources - closed narratives
@sitreports
US and UK forces have issued a joint tender for technology to counter autonomous underwater vehicles, with a submission deadline of April 3. The accelerated timeline indicates operational urgency rather than routine procurement.
The tender is a direct response to the proliferation of underwater attack drones observed during the Iran conflict. The compressed acquisition cycle suggests existing allied capabilities are assessed as insufficient against the threat profile currently in theater.
🛰️ Open sources - closed narratives
@sitreports
🔍 Army Integrates C2 Into Squad Vehicles
The U.S. Army is soliciting industry to integrate command and control systems onto Infantry Squad Vehicles, pushing digital C2 capability down to the squad level.
The move reflects a structural shift in Army doctrine toward distributed command at lower echelons. Embedding C2 into light, mobile platforms reduces dependence on higher-echelon nodes and increases autonomous operational capacity at the small-unit level.
🛰️ Open sources - closed narratives
@sitreports
The U.S. Army is soliciting industry to integrate command and control systems onto Infantry Squad Vehicles, pushing digital C2 capability down to the squad level.
The move reflects a structural shift in Army doctrine toward distributed command at lower echelons. Embedding C2 into light, mobile platforms reduces dependence on higher-echelon nodes and increases autonomous operational capacity at the small-unit level.
🛰️ Open sources - closed narratives
@sitreports
📱 TA446 Weaponizes Leaked iOS Exploit
On March 26, threat actor TA446 deployed the DarkSword exploit kit against iOS devices through targeted spear-phishing operations. The kit, previously leaked, was adapted for active use, prompting Apple to issue threat notifications to affected users.
TA446's use of a leaked commercial toolkit indicates a shift in operational procurement — sourcing capabilities from secondary leak channels rather than direct development or licensed vendors. This lowers the barrier for deployment while complicating attribution through shared tooling across multiple actors.
The campaign extends the pattern of mobile-focused espionage operations, where iOS device integrity is treated as a primary attack surface rather than a hardened perimeter.
🛰️ Open sources - closed narratives
@sitreports
On March 26, threat actor TA446 deployed the DarkSword exploit kit against iOS devices through targeted spear-phishing operations. The kit, previously leaked, was adapted for active use, prompting Apple to issue threat notifications to affected users.
TA446's use of a leaked commercial toolkit indicates a shift in operational procurement — sourcing capabilities from secondary leak channels rather than direct development or licensed vendors. This lowers the barrier for deployment while complicating attribution through shared tooling across multiple actors.
The campaign extends the pattern of mobile-focused espionage operations, where iOS device integrity is treated as a primary attack surface rather than a hardened perimeter.
🛰️ Open sources - closed narratives
@sitreports
🔍 EC Confirms AWS Infrastructure Breach
The European Commission confirmed a cyberattack on its cloud-based infrastructure after an AWS account compromise was identified. The intrusion vector — a single cloud account — provided access to Commission-hosted systems, indicating credential-level exposure rather than a perimeter failure.
Cloud account compromise is a recognized initial access method allowing lateral movement across shared infrastructure. A breach at credential level in a major institutional AWS environment carries wider access implications depending on account permissions and cross-service configurations.
🛰 Open sources - closed narratives
@sitreports
The European Commission confirmed a cyberattack on its cloud-based infrastructure after an AWS account compromise was identified. The intrusion vector — a single cloud account — provided access to Commission-hosted systems, indicating credential-level exposure rather than a perimeter failure.
Cloud account compromise is a recognized initial access method allowing lateral movement across shared infrastructure. A breach at credential level in a major institutional AWS environment carries wider access implications depending on account permissions and cross-service configurations.
🛰 Open sources - closed narratives
@sitreports
🤖 Iran Leads AI Propaganda Output
Iranian state-linked actors have expanded AI-generated content operations, producing volume-based influence material at a pace that outpaces Western countermeasures, according to this analysis. The operational model prioritizes quantity over production quality, flooding target audiences with low-fidelity but high-frequency messaging.
The approach reflects a structural asymmetry: AI generation tools lower the cost of content production to near zero, allowing smaller state actors to sustain information campaigns that previously required significant infrastructure. Cohesion within domestic and diaspora audiences appears to be the primary target metric, not external persuasion.
🛰️ Open sources - closed narratives
@sitreports
Iranian state-linked actors have expanded AI-generated content operations, producing volume-based influence material at a pace that outpaces Western countermeasures, according to this analysis. The operational model prioritizes quantity over production quality, flooding target audiences with low-fidelity but high-frequency messaging.
The approach reflects a structural asymmetry: AI generation tools lower the cost of content production to near zero, allowing smaller state actors to sustain information campaigns that previously required significant infrastructure. Cohesion within domestic and diaspora audiences appears to be the primary target metric, not external persuasion.
🛰️ Open sources - closed narratives
@sitreports
🔍 VoidLink Rootkit Targets Linux Via eBPF
VoidLink is a cloud-native Linux malware framework combining kernel modules with eBPF hooks to achieve persistent, low-visibility presence on compromised systems. The hybrid rootkit architecture allows it to intercept system calls and manipulate kernel-level telemetry, making standard detection methods ineffective against active infection.
The use of eBPF — a legitimate Linux kernel subsystem — as an evasion layer follows a documented shift in offensive tooling toward abusing trusted OS primitives. This approach reduces the rootkit's detectable footprint while maintaining deep system access, a pattern consistent with tooling designed for long-duration infrastructure implants rather than opportunistic compromise.
🛰️ Open sources - closed narratives
@sitreports
VoidLink is a cloud-native Linux malware framework combining kernel modules with eBPF hooks to achieve persistent, low-visibility presence on compromised systems. The hybrid rootkit architecture allows it to intercept system calls and manipulate kernel-level telemetry, making standard detection methods ineffective against active infection.
The use of eBPF — a legitimate Linux kernel subsystem — as an evasion layer follows a documented shift in offensive tooling toward abusing trusted OS primitives. This approach reduces the rootkit's detectable footprint while maintaining deep system access, a pattern consistent with tooling designed for long-duration infrastructure implants rather than opportunistic compromise.
🛰️ Open sources - closed narratives
@sitreports
🔍 Telnyx PyPI Package Backdoored, Steganography Used
The TeamPCP group compromised the official Telnyx package on the Python Package Index, uploading malicious versions that embed credential-stealing malware inside a WAV audio file. The supply chain attack uses steganography to conceal the payload, reducing detection probability at the network and static analysis layers.
The operation follows an established pattern of targeting trusted open-source packages with high developer adoption rates. Compromising a communications library such as Telnyx increases the likelihood of deployment in production environments with access to credentials and API keys.
🛰️ Open sources - closed narratives
@sitreports
The TeamPCP group compromised the official Telnyx package on the Python Package Index, uploading malicious versions that embed credential-stealing malware inside a WAV audio file. The supply chain attack uses steganography to conceal the payload, reducing detection probability at the network and static analysis layers.
The operation follows an established pattern of targeting trusted open-source packages with high developer adoption rates. Compromising a communications library such as Telnyx increases the likelihood of deployment in production environments with access to credentials and API keys.
🛰️ Open sources - closed narratives
@sitreports