🔫 U.S. Plans Hypersonic Interceptor Demo by 2027
The Missile Defense Agency will conduct a flight test of Project Maverick along the U.S. east coast in fiscal 2027, aiming to demonstrate tracking and defeat capabilities against hypersonic missiles. The test will integrate multi-phenomenology sensor data with tactical battle management systems to direct an interceptor toward a hypersonic target, according to MDA budget documents.
The demonstration represents an interim solution while the agency's Glide Phase Interceptor program progresses toward 2031 deployment. MDA Director Lt. Gen. Heath Collins emphasized that current terminal defenses only engage threats in the endgame phase, whereas future systems will provide layered intercept opportunities against maneuvering hypersonic weapons traveling at Mach 5 or faster.
🛰️ Open sources - closed narratives
@sitreports
The Missile Defense Agency will conduct a flight test of Project Maverick along the U.S. east coast in fiscal 2027, aiming to demonstrate tracking and defeat capabilities against hypersonic missiles. The test will integrate multi-phenomenology sensor data with tactical battle management systems to direct an interceptor toward a hypersonic target, according to MDA budget documents.
The demonstration represents an interim solution while the agency's Glide Phase Interceptor program progresses toward 2031 deployment. MDA Director Lt. Gen. Heath Collins emphasized that current terminal defenses only engage threats in the endgame phase, whereas future systems will provide layered intercept opportunities against maneuvering hypersonic weapons traveling at Mach 5 or faster.
🛰️ Open sources - closed narratives
@sitreports
🔍 Pentagon's Strategic Capabilities Office details $1.7B operational priorities
SCO Director Jay Dryer outlined the classified office's three core portfolios at the AI+ Expo: long-range fires, autonomy and AI, and special enabling capabilities spanning cyber, electronic warfare, space and special operations. Eight focus areas include precision fires, contested logistics, collaborative systems, deception, advanced kill webs, countering adversary kill chains, extended reach survivability, and cost-effective air defense.
According to Dryer's briefing, project selection derives from combatant command requirements rather than internal preference, with built-in flexibility to adapt to testing outcomes and adversary evolution.
🛰️ Open sources - closed narratives
@sitreports
SCO Director Jay Dryer outlined the classified office's three core portfolios at the AI+ Expo: long-range fires, autonomy and AI, and special enabling capabilities spanning cyber, electronic warfare, space and special operations. Eight focus areas include precision fires, contested logistics, collaborative systems, deception, advanced kill webs, countering adversary kill chains, extended reach survivability, and cost-effective air defense.
According to Dryer's briefing, project selection derives from combatant command requirements rather than internal preference, with built-in flexibility to adapt to testing outcomes and adversary evolution.
🛰️ Open sources - closed narratives
@sitreports
📄 US Congress Demands Instructure Testimony on Canvas Breach
The House Committee on Homeland Security has summoned Instructure CEO Steve Daly to testify on two cyberattacks by ShinyHunters that compromised Canvas learning management systems, exposing data from 280 million records across 8,809 educational institutions. The breach, detected April 29, exposed student names, email addresses, and internal messages, while a second attack defaced login portals using XSS vulnerabilities during final exams.
The committee's May 12 letter questions Instructure's incident response after the company reached an undisclosed "agreement" with ShinyHunters to halt data leaks—a move that typically indicates ransom payment. Schools across 11 states reported disruptions, with briefing requested by May 21.
🛰️ Open sources - closed narratives
@sitreports
The House Committee on Homeland Security has summoned Instructure CEO Steve Daly to testify on two cyberattacks by ShinyHunters that compromised Canvas learning management systems, exposing data from 280 million records across 8,809 educational institutions. The breach, detected April 29, exposed student names, email addresses, and internal messages, while a second attack defaced login portals using XSS vulnerabilities during final exams.
The committee's May 12 letter questions Instructure's incident response after the company reached an undisclosed "agreement" with ShinyHunters to halt data leaks—a move that typically indicates ransom payment. Schools across 11 states reported disruptions, with briefing requested by May 21.
🛰️ Open sources - closed narratives
@sitreports
🔍 Foxconn Confirms Breach After Nitrogen Ransomware Claims Apple, Nvidia Data Theft
Foxconn has acknowledged a cyberattack on its manufacturing facilities following claims by the Nitrogen ransomware group of exfiltrating sensitive data allegedly belonging to Apple and Nvidia. The company states affected factories have resumed operations, though according to reporting, the scope of compromised information remains unconfirmed.
The incident highlights supply chain vulnerabilities in electronics manufacturing, where a single contractor breach can potentially expose multiple tier-one technology clients. Nitrogen's targeting of high-value manufacturing infrastructure suggests continued adversary focus on indirect access to proprietary design and production data.
🛰️ Open sources - closed narratives
@sitreports
Foxconn has acknowledged a cyberattack on its manufacturing facilities following claims by the Nitrogen ransomware group of exfiltrating sensitive data allegedly belonging to Apple and Nvidia. The company states affected factories have resumed operations, though according to reporting, the scope of compromised information remains unconfirmed.
The incident highlights supply chain vulnerabilities in electronics manufacturing, where a single contractor breach can potentially expose multiple tier-one technology clients. Nitrogen's targeting of high-value manufacturing infrastructure suggests continued adversary focus on indirect access to proprietary design and production data.
🛰️ Open sources - closed narratives
@sitreports
📄 UK Regulator Fines Water Company £963,900 Over Multi-Year Breach
The Information Commissioner's Office penalized South Staffordshire Water Plc after a cyberattack beginning September 2020 exposed personal data of 663,887 customers and employees. The breach went undetected for 20 months following a phishing attack that installed malware, with domain administrator access achieved by mid-2022. Leaked data included names, addresses, bank details, and National Insurance numbers.
The investigation revealed critical security failures including monitoring covering only 5% of IT infrastructure, use of Windows Server 2003, and poor vulnerability management. The fine was reduced 40% due to early liability admission and regulatory cooperation.
🛰️ Open sources - closed narratives
@sitreports
The Information Commissioner's Office penalized South Staffordshire Water Plc after a cyberattack beginning September 2020 exposed personal data of 663,887 customers and employees. The breach went undetected for 20 months following a phishing attack that installed malware, with domain administrator access achieved by mid-2022. Leaked data included names, addresses, bank details, and National Insurance numbers.
The investigation revealed critical security failures including monitoring covering only 5% of IT infrastructure, use of Windows Server 2003, and poor vulnerability management. The fine was reduced 40% due to early liability admission and regulatory cooperation.
🛰️ Open sources - closed narratives
@sitreports
🤖 OpenAI Grants European Firms Access to GPT-5.5-Cyber Model
U.S. AI developer OpenAI has provided Deutsche Telekom, BBVA, and dozens of European companies access to its latest models, including GPT-5.5-Cyber, specifically according to Reuters reporting. The initiative aims to strengthen corporate defenses against system vulnerabilities through advanced AI capabilities.
The deployment signals OpenAI's strategic pivot toward embedding specialized security-focused models within critical European infrastructure sectors. Access to GPT-5.5-Cyber suggests the model includes enhanced threat detection and resilience features tailored for enterprise cybersecurity operations.
🛰️ Open sources - closed narratives
@sitreports
U.S. AI developer OpenAI has provided Deutsche Telekom, BBVA, and dozens of European companies access to its latest models, including GPT-5.5-Cyber, specifically according to Reuters reporting. The initiative aims to strengthen corporate defenses against system vulnerabilities through advanced AI capabilities.
The deployment signals OpenAI's strategic pivot toward embedding specialized security-focused models within critical European infrastructure sectors. Access to GPT-5.5-Cyber suggests the model includes enhanced threat detection and resilience features tailored for enterprise cybersecurity operations.
🛰️ Open sources - closed narratives
@sitreports
📡 FCC Extends Authorization Window for Chinese IoT Equipment Updates
The U.S. Federal Communications Commission announced Tuesday it will permit Chinese-manufactured drones and consumer routers already sold domestically to receive critical software updates through at least December 2028, according to Reuters reporting. The authorization applies to devices currently deployed despite broader security restrictions on Chinese communications equipment.
The decision balances operational security with practical necessity—abruptly terminating updates would create vulnerabilities exceeding risks from controlled channels. Timeline suggests a regulatory transition period allowing gradual market substitution while maintaining baseline security for deployed assets.
🛰️ Open sources - closed narratives
@sitreports
The U.S. Federal Communications Commission announced Tuesday it will permit Chinese-manufactured drones and consumer routers already sold domestically to receive critical software updates through at least December 2028, according to Reuters reporting. The authorization applies to devices currently deployed despite broader security restrictions on Chinese communications equipment.
The decision balances operational security with practical necessity—abruptly terminating updates would create vulnerabilities exceeding risks from controlled channels. Timeline suggests a regulatory transition period allowing gradual market substitution while maintaining baseline security for deployed assets.
🛰️ Open sources - closed narratives
@sitreports
🔍 Signal Deploys Anti-Phishing Protections Against Account Takeover
Signal has rolled out new in-app warnings and friction points to counter social engineering attacks targeting high-profile users. The protections include "Name not verified" labels for new direct message contacts, mandatory acceptance confirmations reminding users never to share registration codes or PINs, and enriched safety tips. The move follows multiple incidents attributed to Russian state actors exploiting the Linked Device feature via fraudulent QR codes.
The updates address a documented attack vector where threat actors impersonate Signal Support to hijack accounts and access chat histories. Users should audit linked devices in settings and remove unrecognized entries.
🛰️ Open sources - closed narratives
@sitreports
Signal has rolled out new in-app warnings and friction points to counter social engineering attacks targeting high-profile users. The protections include "Name not verified" labels for new direct message contacts, mandatory acceptance confirmations reminding users never to share registration codes or PINs, and enriched safety tips. The move follows multiple incidents attributed to Russian state actors exploiting the Linked Device feature via fraudulent QR codes.
The updates address a documented attack vector where threat actors impersonate Signal Support to hijack accounts and access chat histories. Users should audit linked devices in settings and remove unrecognized entries.
🛰️ Open sources - closed narratives
@sitreports
🔫 cPanel CVE-2026-41940 Exploited for Filemanager Backdoor Deployment
Threat actors are actively exploiting authentication bypass vulnerability CVE-2026-41940 (CVSS 9.3) in cPanel and WHM versions after 11.40 to deploy a Go-based backdoor called Filemanager. The campaign, as reported by Security Affairs, has been linked to Mr_Rot13 threat group, with over 2,000 malicious IPs targeting the flaw since its April 28 disclosure. Southeast Asian government and military institutions have been affected.
The Filemanager malware installs SSH keys, deploys PHP webshells, injects malicious JavaScript into login pages, and exfiltrates credentials via Telegram. QiAnXin XLab traces Mr_Rot13 activity back to 2020, with consistently low detection rates across security products.
🛰️ Open sources - closed narratives
@sitreports
Threat actors are actively exploiting authentication bypass vulnerability CVE-2026-41940 (CVSS 9.3) in cPanel and WHM versions after 11.40 to deploy a Go-based backdoor called Filemanager. The campaign, as reported by Security Affairs, has been linked to Mr_Rot13 threat group, with over 2,000 malicious IPs targeting the flaw since its April 28 disclosure. Southeast Asian government and military institutions have been affected.
The Filemanager malware installs SSH keys, deploys PHP webshells, injects malicious JavaScript into login pages, and exfiltrates credentials via Telegram. QiAnXin XLab traces Mr_Rot13 activity back to 2020, with consistently low detection rates across security products.
🛰️ Open sources - closed narratives
@sitreports
🔫 Fortinet patches critical RCE flaws in FortiSandbox and FortiAuthenticator
Fortinet released security updates addressing two critical vulnerabilities enabling unauthenticated remote code execution. CVE-2026-44277 affects FortiAuthenticator due to improper access control, while CVE-2026-26083 impacts FortiSandbox through missing authorization checks. Both allow attackers to execute unauthorized commands via crafted HTTP requests, according to Fortinet advisories published Tuesday.
While no active exploitation confirmed, CISA has cataloged 24 actively exploited Fortinet vulnerabilities in recent years, indicating rapid weaponization risk for enterprise IAM and sandboxing infrastructure.
🛰️ Open sources - closed narratives
@sitreports
Fortinet released security updates addressing two critical vulnerabilities enabling unauthenticated remote code execution. CVE-2026-44277 affects FortiAuthenticator due to improper access control, while CVE-2026-26083 impacts FortiSandbox through missing authorization checks. Both allow attackers to execute unauthorized commands via crafted HTTP requests, according to Fortinet advisories published Tuesday.
While no active exploitation confirmed, CISA has cataloged 24 actively exploited Fortinet vulnerabilities in recent years, indicating rapid weaponization risk for enterprise IAM and sandboxing infrastructure.
🛰️ Open sources - closed narratives
@sitreports
⚡ Exim Mail Server Vulnerability Threatens GnuTLS Deployments
A critical vulnerability in the Exim mail transfer agent's BDAT command handling has been identified, specifically affecting builds compiled with GnuTLS support. The flaw potentially enables remote code execution on exposed systems, according to security reporting published May 12.
Exim remains widely deployed across internet-facing mail infrastructure. Organizations running GnuTLS-based builds should prioritize patch deployment, as exploitation could grant attackers direct system access through SMTP protocol interaction without authentication requirements.
🛰️ Open sources - closed narratives
@sitreports
A critical vulnerability in the Exim mail transfer agent's BDAT command handling has been identified, specifically affecting builds compiled with GnuTLS support. The flaw potentially enables remote code execution on exposed systems, according to security reporting published May 12.
Exim remains widely deployed across internet-facing mail infrastructure. Organizations running GnuTLS-based builds should prioritize patch deployment, as exploitation could grant attackers direct system access through SMTP protocol interaction without authentication requirements.
🛰️ Open sources - closed narratives
@sitreports
🔍 Vietnam Mandates Sovereign Cloud Infrastructure for Government Operations
Vietnam's government has outlined plans to develop domestic cloud infrastructure to replace foreign providers for state workloads by 2035. The initiative aims to establish data-driven decision-making based on real-time information while reducing dependency on overseas operators deemed security risks.
The move reflects broader regional trends toward digital sovereignty and signals potential market restrictions for Western cloud providers in Southeast Asia. Vietnam joins China and Russia in prioritizing state-controlled data infrastructure, with implications for cross-border data flows and foreign technology access.
🛰️ Open sources - closed narratives
@sitreports
Vietnam's government has outlined plans to develop domestic cloud infrastructure to replace foreign providers for state workloads by 2035. The initiative aims to establish data-driven decision-making based on real-time information while reducing dependency on overseas operators deemed security risks.
The move reflects broader regional trends toward digital sovereignty and signals potential market restrictions for Western cloud providers in Southeast Asia. Vietnam joins China and Russia in prioritizing state-controlled data infrastructure, with implications for cross-border data flows and foreign technology access.
🛰️ Open sources - closed narratives
@sitreports
🤖 AI-Driven Vulnerability Discovery Surges Across Major Vendors
Palo Alto Networks disclosed 75 vulnerabilities in May 2026, up from five per month, after scanning with frontier AI models including Anthropic's Mythos. Microsoft's MDASH identified 17 new flaws in the same period, while Mozilla fixed 423 Firefox bugs in April—nearly 20 times its 2025 average. All three participate in Anthropic's Project Glasswing testing program.
The surge strains defenders as triage and patching infrastructure wasn't built for this volume. Palo Alto estimates a three-to-five-month window before adversaries gain equivalent AI capabilities, making proactive scanning critical despite exponentially increased patch cycles.
🛰️ Open sources - closed narratives
@sitreports
Palo Alto Networks disclosed 75 vulnerabilities in May 2026, up from five per month, after scanning with frontier AI models including Anthropic's Mythos. Microsoft's MDASH identified 17 new flaws in the same period, while Mozilla fixed 423 Firefox bugs in April—nearly 20 times its 2025 average. All three participate in Anthropic's Project Glasswing testing program.
The surge strains defenders as triage and patching infrastructure wasn't built for this volume. Palo Alto estimates a three-to-five-month window before adversaries gain equivalent AI capabilities, making proactive scanning critical despite exponentially increased patch cycles.
🛰️ Open sources - closed narratives
@sitreports