📡 FCC Bans All Foreign-Made Routers
The Federal Communications Commission has expanded its Covered List to include all consumer routers manufactured outside the United States, effectively banning the sale of new models domestically. The measure targets hardware at the network edge — the point where consumer infrastructure interfaces with broader telecommunications systems.
The FCC's Covered List functions as a procurement exclusion mechanism, previously applied to specific vendors such as Huawei and ZTE. Extending it to all foreign-manufactured consumer routers marks a structural shift from vendor-specific restriction to origin-based hardware exclusion across an entire device category.
🛰️ Open sources - closed narratives
@sitreports
The Federal Communications Commission has expanded its Covered List to include all consumer routers manufactured outside the United States, effectively banning the sale of new models domestically. The measure targets hardware at the network edge — the point where consumer infrastructure interfaces with broader telecommunications systems.
The FCC's Covered List functions as a procurement exclusion mechanism, previously applied to specific vendors such as Huawei and ZTE. Extending it to all foreign-manufactured consumer routers marks a structural shift from vendor-specific restriction to origin-based hardware exclusion across an entire device category.
🛰️ Open sources - closed narratives
@sitreports
🔍 LiteLLM PyPI Package Supply Chain Hit
The TeamPCP hacking group has compromised the LiteLLM Python package on PyPI, a widely used library for interfacing with large language model APIs. The group claims to have exfiltrated data from hundreds of thousands of devices via the compromised package.
This follows an established pattern of TeamPCP operations targeting high-dependency open-source packages to maximize downstream exposure. Targeting an LLM integration library indicates deliberate focus on AI development pipelines, where affected systems are likely to belong to developers, enterprises, and research institutions with elevated data value.
🛰️ Open sources - closed narratives
@sitreports
The TeamPCP hacking group has compromised the LiteLLM Python package on PyPI, a widely used library for interfacing with large language model APIs. The group claims to have exfiltrated data from hundreds of thousands of devices via the compromised package.
This follows an established pattern of TeamPCP operations targeting high-dependency open-source packages to maximize downstream exposure. Targeting an LLM integration library indicates deliberate focus on AI development pipelines, where affected systems are likely to belong to developers, enterprises, and research institutions with elevated data value.
🛰️ Open sources - closed narratives
@sitreports
💸 Dutch Finance Ministry Confirms Staff Breach
The Dutch Ministry of Finance disclosed a staff data breach resulting from a cyberattack, with an investigation currently underway. The scope of compromised data has not been specified publicly.
Attacks targeting government financial ministries follow a documented pattern of adversaries prioritizing personnel data — staff records carry operational value for follow-on targeting, credential exploitation, and social engineering at institutional level.
🛰️ Open sources - closed narratives
@sitreports
The Dutch Ministry of Finance disclosed a staff data breach resulting from a cyberattack, with an investigation currently underway. The scope of compromised data has not been specified publicly.
Attacks targeting government financial ministries follow a documented pattern of adversaries prioritizing personnel data — staff records carry operational value for follow-on targeting, credential exploitation, and social engineering at institutional level.
🛰️ Open sources - closed narratives
@sitreports
📷 India Probes Pakistan-Linked CCTV Network
Indian authorities have opened an investigation into a suspected espionage operation involving CCTV cameras positioned to surveil critical infrastructure, with links alleged to Pakistani intelligence interest. Police identified camera placements oriented toward infrastructure sites rather than their stated civilian purposes.
The operation fits a documented pattern of using commercially deployed surveillance hardware as passive collection nodes. Cameras installed under civilian or commercial cover require minimal active maintenance and generate persistent, low-signature intelligence on facility access, traffic patterns, and physical security posture.
🛰️ Open sources - closed narratives
@sitreports
Indian authorities have opened an investigation into a suspected espionage operation involving CCTV cameras positioned to surveil critical infrastructure, with links alleged to Pakistani intelligence interest. Police identified camera placements oriented toward infrastructure sites rather than their stated civilian purposes.
The operation fits a documented pattern of using commercially deployed surveillance hardware as passive collection nodes. Cameras installed under civilian or commercial cover require minimal active maintenance and generate persistent, low-signature intelligence on facility access, traffic patterns, and physical security posture.
🛰️ Open sources - closed narratives
@sitreports
🎯 DOD Accelerates PrSM Missile Output
The Department of Defense has signed an agreement with Lockheed Martin directed at increasing production capacity for the Precision Strike Missile (PrSM), a ground-launched system designed to engage targets at ranges exceeding 500 kilometers.
The move follows a broader pattern of DoD production acceleration agreements across long-range fires, reflecting industrial base expansion as a stated force readiness priority. PrSM is the designated replacement for the Army Tactical Missile System and is central to the Army's long-range precision fires modernization program.
🛰️ Open sources - closed narratives
@sitreports
The Department of Defense has signed an agreement with Lockheed Martin directed at increasing production capacity for the Precision Strike Missile (PrSM), a ground-launched system designed to engage targets at ranges exceeding 500 kilometers.
The move follows a broader pattern of DoD production acceleration agreements across long-range fires, reflecting industrial base expansion as a stated force readiness priority. PrSM is the designated replacement for the Army Tactical Missile System and is central to the Army's long-range precision fires modernization program.
🛰️ Open sources - closed narratives
@sitreports
🔍 GitHub Reverses AI Training Opt-Out
GitHub has announced that beginning April 24, user data will be used to train its AI systems by default, requiring users to manually opt out to prevent their data from being included. The policy change reverses a prior position and shifts the default consent model from opt-in to opt-out, according to the policy update.
This follows a established pattern among major platform operators of reclassifying user-generated content as training material through default-on data collection, with opt-out mechanisms placing the compliance burden on individual users rather than the platform. GitHub's position as the dominant code hosting service gives the policy broad structural reach across open-source and commercial software development.
🛰️ Open sources - closed narratives
@sitreports
GitHub has announced that beginning April 24, user data will be used to train its AI systems by default, requiring users to manually opt out to prevent their data from being included. The policy change reverses a prior position and shifts the default consent model from opt-in to opt-out, according to the policy update.
This follows a established pattern among major platform operators of reclassifying user-generated content as training material through default-on data collection, with opt-out mechanisms placing the compliance burden on individual users rather than the platform. GitHub's position as the dominant code hosting service gives the policy broad structural reach across open-source and commercial software development.
🛰️ Open sources - closed narratives
@sitreports
📷 Smartglasses: Third-Party Surveillance Access
Smartglasses with embedded cameras and microphones have reached mainstream consumer adoption. According to EFF's analysis, visual and audio data captured by these devices is not always accessible only to the device owner — third-party access represents a structural feature of current implementations, not an edge case.
The pattern fits a broader trajectory in which consumer hardware functions simultaneously as personal technology and passive collection infrastructure. Embedded sensors in wearables extend ambient data capture to environments previously outside the reach of fixed surveillance systems.
Smartglasses with embedded cameras and microphones have reached mainstream consumer adoption. According to EFF's analysis, visual and audio data captured by these devices is not always accessible only to the device owner — third-party access represents a structural feature of current implementations, not an edge case.
The pattern fits a broader trajectory in which consumer hardware functions simultaneously as personal technology and passive collection infrastructure. Embedded sensors in wearables extend ambient data capture to environments previously outside the reach of fixed surveillance systems.
Forwarded from Rybar in English
on Turkey's dilemma due to the Middle East crisis
Dark times have come for Turkey's economy. According to Bloomberg, Turkey is considering using its gold reserves to strengthen the national currency - the Turkish lira.
🔻 What do they have in reserves?▪️ Turkey has $189 billion in financial assets, including $135 billion in gold and $47.8 billion in foreign currency.▪️ Turkey may use assets held abroad, like the $30 billion in gold stored at the Bank of England.
Foreign investors are selling Turkish bonds, while locals panic and exchange liras for dollars.
#UK #Iran #Turkey
Please open Telegram to view this post
VIEW IN TELEGRAM
🔍 Iran School Strike: Two Waves Confirmed
Open-source video analysis indicates at least two distinct waves of strikes were carried out in the area surrounding an IRGC complex in Iran, with an adjacent girls' school struck in the process. The multi-wave pattern suggests deliberate sequencing rather than a single targeting event.
Structurally, dual-wave strikes are consistent with a primary strike followed by a secondary strike timed to hit responders or assess damage — a tactic documented in other theater operations. The proximity of the school to the IRGC facility places it within the blast and fragmentation radius of a compound-targeted strike package.
🛰️ Open sources - closed narratives
@sitreports
Open-source video analysis indicates at least two distinct waves of strikes were carried out in the area surrounding an IRGC complex in Iran, with an adjacent girls' school struck in the process. The multi-wave pattern suggests deliberate sequencing rather than a single targeting event.
Structurally, dual-wave strikes are consistent with a primary strike followed by a secondary strike timed to hit responders or assess damage — a tactic documented in other theater operations. The proximity of the school to the IRGC facility places it within the blast and fragmentation radius of a compound-targeted strike package.
🛰️ Open sources - closed narratives
@sitreports
Forwarded from Rybar in English
Media is too big
VIEW IN TELEGRAM
Drone dominance over the battlefield has become a harsh reality: it might even seem like it was always this way. But there was a moment that served as the starting point for such radical changes in military affairs?
Yes, there was. And while several episodes claim credit for it, one of the most striking is the repulsion of the AFU landing on the Kherson direction in autumn 2023, where the enemy listened to the British and decided to force a crossing of the Dnipro.
And at first, the enemy was even succeeding, aided by long-range artillery, fast boats and other factors. But everything changed when FPV drone crews with "Upyr" began operating in the sector.
About how unmanned aircraft managed to destroy Ukrainian logistics on the Dnipro and disrupt the AFU's plan — in our new video.
Please open Telegram to view this post
VIEW IN TELEGRAM
🔍 US, UK Seek AUV Counter-Drone Tech
US and UK forces have issued a joint tender for technology to counter autonomous underwater vehicles, with a submission deadline of April 3. The accelerated timeline indicates operational urgency rather than routine procurement.
The tender is a direct response to the proliferation of underwater attack drones observed during the Iran conflict. The compressed acquisition cycle suggests existing allied capabilities are assessed as insufficient against the threat profile currently in theater.
🛰️ Open sources - closed narratives
@sitreports
US and UK forces have issued a joint tender for technology to counter autonomous underwater vehicles, with a submission deadline of April 3. The accelerated timeline indicates operational urgency rather than routine procurement.
The tender is a direct response to the proliferation of underwater attack drones observed during the Iran conflict. The compressed acquisition cycle suggests existing allied capabilities are assessed as insufficient against the threat profile currently in theater.
🛰️ Open sources - closed narratives
@sitreports
🔍 Army Integrates C2 Into Squad Vehicles
The U.S. Army is soliciting industry to integrate command and control systems onto Infantry Squad Vehicles, pushing digital C2 capability down to the squad level.
The move reflects a structural shift in Army doctrine toward distributed command at lower echelons. Embedding C2 into light, mobile platforms reduces dependence on higher-echelon nodes and increases autonomous operational capacity at the small-unit level.
🛰️ Open sources - closed narratives
@sitreports
The U.S. Army is soliciting industry to integrate command and control systems onto Infantry Squad Vehicles, pushing digital C2 capability down to the squad level.
The move reflects a structural shift in Army doctrine toward distributed command at lower echelons. Embedding C2 into light, mobile platforms reduces dependence on higher-echelon nodes and increases autonomous operational capacity at the small-unit level.
🛰️ Open sources - closed narratives
@sitreports
📱 TA446 Weaponizes Leaked iOS Exploit
On March 26, threat actor TA446 deployed the DarkSword exploit kit against iOS devices through targeted spear-phishing operations. The kit, previously leaked, was adapted for active use, prompting Apple to issue threat notifications to affected users.
TA446's use of a leaked commercial toolkit indicates a shift in operational procurement — sourcing capabilities from secondary leak channels rather than direct development or licensed vendors. This lowers the barrier for deployment while complicating attribution through shared tooling across multiple actors.
The campaign extends the pattern of mobile-focused espionage operations, where iOS device integrity is treated as a primary attack surface rather than a hardened perimeter.
🛰️ Open sources - closed narratives
@sitreports
On March 26, threat actor TA446 deployed the DarkSword exploit kit against iOS devices through targeted spear-phishing operations. The kit, previously leaked, was adapted for active use, prompting Apple to issue threat notifications to affected users.
TA446's use of a leaked commercial toolkit indicates a shift in operational procurement — sourcing capabilities from secondary leak channels rather than direct development or licensed vendors. This lowers the barrier for deployment while complicating attribution through shared tooling across multiple actors.
The campaign extends the pattern of mobile-focused espionage operations, where iOS device integrity is treated as a primary attack surface rather than a hardened perimeter.
🛰️ Open sources - closed narratives
@sitreports
🔍 EC Confirms AWS Infrastructure Breach
The European Commission confirmed a cyberattack on its cloud-based infrastructure after an AWS account compromise was identified. The intrusion vector — a single cloud account — provided access to Commission-hosted systems, indicating credential-level exposure rather than a perimeter failure.
Cloud account compromise is a recognized initial access method allowing lateral movement across shared infrastructure. A breach at credential level in a major institutional AWS environment carries wider access implications depending on account permissions and cross-service configurations.
🛰 Open sources - closed narratives
@sitreports
The European Commission confirmed a cyberattack on its cloud-based infrastructure after an AWS account compromise was identified. The intrusion vector — a single cloud account — provided access to Commission-hosted systems, indicating credential-level exposure rather than a perimeter failure.
Cloud account compromise is a recognized initial access method allowing lateral movement across shared infrastructure. A breach at credential level in a major institutional AWS environment carries wider access implications depending on account permissions and cross-service configurations.
🛰 Open sources - closed narratives
@sitreports
🤖 Iran Leads AI Propaganda Output
Iranian state-linked actors have expanded AI-generated content operations, producing volume-based influence material at a pace that outpaces Western countermeasures, according to this analysis. The operational model prioritizes quantity over production quality, flooding target audiences with low-fidelity but high-frequency messaging.
The approach reflects a structural asymmetry: AI generation tools lower the cost of content production to near zero, allowing smaller state actors to sustain information campaigns that previously required significant infrastructure. Cohesion within domestic and diaspora audiences appears to be the primary target metric, not external persuasion.
🛰️ Open sources - closed narratives
@sitreports
Iranian state-linked actors have expanded AI-generated content operations, producing volume-based influence material at a pace that outpaces Western countermeasures, according to this analysis. The operational model prioritizes quantity over production quality, flooding target audiences with low-fidelity but high-frequency messaging.
The approach reflects a structural asymmetry: AI generation tools lower the cost of content production to near zero, allowing smaller state actors to sustain information campaigns that previously required significant infrastructure. Cohesion within domestic and diaspora audiences appears to be the primary target metric, not external persuasion.
🛰️ Open sources - closed narratives
@sitreports
🔍 VoidLink Rootkit Targets Linux Via eBPF
VoidLink is a cloud-native Linux malware framework combining kernel modules with eBPF hooks to achieve persistent, low-visibility presence on compromised systems. The hybrid rootkit architecture allows it to intercept system calls and manipulate kernel-level telemetry, making standard detection methods ineffective against active infection.
The use of eBPF — a legitimate Linux kernel subsystem — as an evasion layer follows a documented shift in offensive tooling toward abusing trusted OS primitives. This approach reduces the rootkit's detectable footprint while maintaining deep system access, a pattern consistent with tooling designed for long-duration infrastructure implants rather than opportunistic compromise.
🛰️ Open sources - closed narratives
@sitreports
VoidLink is a cloud-native Linux malware framework combining kernel modules with eBPF hooks to achieve persistent, low-visibility presence on compromised systems. The hybrid rootkit architecture allows it to intercept system calls and manipulate kernel-level telemetry, making standard detection methods ineffective against active infection.
The use of eBPF — a legitimate Linux kernel subsystem — as an evasion layer follows a documented shift in offensive tooling toward abusing trusted OS primitives. This approach reduces the rootkit's detectable footprint while maintaining deep system access, a pattern consistent with tooling designed for long-duration infrastructure implants rather than opportunistic compromise.
🛰️ Open sources - closed narratives
@sitreports
🔍 Telnyx PyPI Package Backdoored, Steganography Used
The TeamPCP group compromised the official Telnyx package on the Python Package Index, uploading malicious versions that embed credential-stealing malware inside a WAV audio file. The supply chain attack uses steganography to conceal the payload, reducing detection probability at the network and static analysis layers.
The operation follows an established pattern of targeting trusted open-source packages with high developer adoption rates. Compromising a communications library such as Telnyx increases the likelihood of deployment in production environments with access to credentials and API keys.
🛰️ Open sources - closed narratives
@sitreports
The TeamPCP group compromised the official Telnyx package on the Python Package Index, uploading malicious versions that embed credential-stealing malware inside a WAV audio file. The supply chain attack uses steganography to conceal the payload, reducing detection probability at the network and static analysis layers.
The operation follows an established pattern of targeting trusted open-source packages with high developer adoption rates. Compromising a communications library such as Telnyx increases the likelihood of deployment in production environments with access to credentials and API keys.
🛰️ Open sources - closed narratives
@sitreports
Forwarded from Two Majors - English Channel
We now have a channel on X
https://x.com/two_majors
✨ So that even Elon Musk knows what we think of him...
⚡️ Two Majors
https://x.com/two_majors
Please open Telegram to view this post
VIEW IN TELEGRAM
Recommending COMBATE | Uphold Reality for anyone following geopolitics beyond the CNN lens.
Unfiltered and ahead of the curve. The Iran war, West Asia, Latin America, and the broader geopolitical shift — with footage and analysis you're not getting from legacy media.
Subscribe
👉 t.me/uphold_reality
👉 x.com/upholdreality
Unfiltered and ahead of the curve. The Iran war, West Asia, Latin America, and the broader geopolitical shift — with footage and analysis you're not getting from legacy media.
Subscribe
👉 t.me/uphold_reality
👉 x.com/upholdreality
🔍 ShinyHunters Claims Commission Breach
ShinyHunters has claimed responsibility for a breach of the European Commission, with reported data dumps said to include content extracted from internal mail servers. The claim has not been independently verified by the Commission.
ShinyHunters is a persistent threat actor with a documented record of large-scale credential and data exfiltration operations across multiple sectors. Targeting institutional mail infrastructure indicates an intent to acquire correspondence, credentials, or metadata useful for follow-on operations rather than simple data resale.
🛰 Open sources - closed narratives
@sitreports
ShinyHunters has claimed responsibility for a breach of the European Commission, with reported data dumps said to include content extracted from internal mail servers. The claim has not been independently verified by the Commission.
ShinyHunters is a persistent threat actor with a documented record of large-scale credential and data exfiltration operations across multiple sectors. Targeting institutional mail infrastructure indicates an intent to acquire correspondence, credentials, or metadata useful for follow-on operations rather than simple data resale.
🛰 Open sources - closed narratives
@sitreports
🔍 Handala Breaches FBI Director's Email
Iran-linked Handala Hack group breached the personal email of the FBI Director and conducted a wiper attack against defense contractor Stryker, according to reporting on the intrusions. The operations occurred alongside U.S. seizures of Ministry of Intelligence and Security-linked domains.
The combination of personal account compromise and destructive payload deployment against a defense-sector target reflects a dual-track approach: intelligence collection paired with disruptive action. Wiper deployment against Stryker indicates escalation beyond reconnaissance into operational degradation.
Handala has previously targeted Israeli and Western entities with leak-and-destroy operations. The timing relative to the MOIS domain seizures suggests the intrusions function partly as retaliatory signaling at the infrastructure level.
🛰️ Open sources - closed narratives
@sitreports
Iran-linked Handala Hack group breached the personal email of the FBI Director and conducted a wiper attack against defense contractor Stryker, according to reporting on the intrusions. The operations occurred alongside U.S. seizures of Ministry of Intelligence and Security-linked domains.
The combination of personal account compromise and destructive payload deployment against a defense-sector target reflects a dual-track approach: intelligence collection paired with disruptive action. Wiper deployment against Stryker indicates escalation beyond reconnaissance into operational degradation.
Handala has previously targeted Israeli and Western entities with leak-and-destroy operations. The timing relative to the MOIS domain seizures suggests the intrusions function partly as retaliatory signaling at the infrastructure level.
🛰️ Open sources - closed narratives
@sitreports