cross-posted from: lemmy.sdf.org/post/42302795

Archived

China’s Salt Typhoon hacking campaign has taken on new urgency with revelations it may have compromised the data of millions of Australians. This demonstrates how cyber operations have evolved beyond merely gathering intelligence.

[...]

The campaign by the Salt Typhoon group was assessed as a targeted espionage effort against US and allied government systems. It involved stealthy intrusions, selective data theft and probing of networks in a handful of countries. At the time, the effect was thought to be limited and largely confined to government targets.

But August 2025 disclosures have shown just how broad the campaign truly has been. The Australian Signals Directorate, working with 20 foreign partners, has publicly attributed the operation to Beijing’s Ministry of State Security and People’s Liberation Army. The US Federal Bureau of Investigation now assesses that Salt Typhoon has struck dozens of countries, sweeping up telecommunications, transport, lodging and civilian data on a massive scale.These operations may have reached virtually every Australian household and millions more across partner nations.

Cyber operations now function as tools for coercion and competition, influencing the balance of power across the Indo-Pacific. They are central to rivalry. Even as governments invest in resilience and attempt to set boundaries, the persistent tension between the United States and China ensures that new vulnerabilities and threats will continue to emerge.

The Indo-Pacific is the epicentre of 21st-century competition. China and the US vie for influence, while South Korea, India, Japan and Southeast Asian countries all face mounting digital vulnerabilities. With the digital economy of Southeast Asian nations expected to surpass US$1 trillion by 2030, growth is driving their prosperity but also compounding risk.

Chinese-sponsored hackers have been targeting critical infrastructure for a long time. Suspected Chinese hackers disrupted India’s port logistics in 2020, and repeated intrusions have targeted Japanese, South Korean and Australian energy grids, telecom systems and government networks. Cyber operations are applied to traditional hotspots—such as the South China Sea and the Taiwan Strait—by threatening disruption without any shots being fired.

[...]

Chinese cyber skirmishes in the Indo-Pacific show emerging patterns of conflict | The Strategist

China’s Salt Typhoon hacking campaign has taken on new urgency with revelations it may have compromised the data of millions of Australians. This demonstrates how cyber operations have evolved beyond merely gathering intelligence. When first ...

^{Gil Baram (The Strategist)}

cross-posted from: lemmy.sdf.org/post/42302635

Archived

Suspected Chinese hackers impersonated the chair of the House China Select Committee in emails to people involved in ongoing U.S.-China trade policy negotiations as part of a spying campaign, a House panel said Monday.

Why it matters: The fraudulent emails were sent to a wide range of individuals, including those at U.S. government agencies, business groups, D.C. law firms and think tanks and at least one foreign government.

[...]

• Hackers sent emails purportedly from Rep. John Moolenaar (R-Mich.) to key leaders ahead of a meeting between U.S. and Chinese officials in Sweden this summer asking for input on draft legislation.
• However, the attached document, which was sent from a nongovernmental email address, was instead laced with spyware that would infect a victim's computer, according the Journal.
• The FBI and Capitol Police are both investigating the emails, and the malware in the emails has been traced back to a hacking group tied to Beijing's Ministry of State Security, per WSJ.

[...]

Chinese cyber spies impersonated key U.S. lawmaker

Hackers sent emails purportedly from Rep. Moolenaar to key leaders ahead of U.S.-China trade talks.

^{Sam Sabin (Axios)}

cross-posted from: lemmy.sdf.org/post/42302635

Archived

Suspected Chinese hackers impersonated the chair of the House China Select Committee in emails to people involved in ongoing U.S.-China trade policy negotiations as part of a spying campaign, a House panel said Monday.

Why it matters: The fraudulent emails were sent to a wide range of individuals, including those at U.S. government agencies, business groups, D.C. law firms and think tanks and at least one foreign government.

[...]

• Hackers sent emails purportedly from Rep. John Moolenaar (R-Mich.) to key leaders ahead of a meeting between U.S. and Chinese officials in Sweden this summer asking for input on draft legislation.
• However, the attached document, which was sent from a nongovernmental email address, was instead laced with spyware that would infect a victim's computer, according the Journal.
• The FBI and Capitol Police are both investigating the emails, and the malware in the emails has been traced back to a hacking group tied to Beijing's Ministry of State Security, per WSJ.

[...]

Chinese cyber spies impersonated key U.S. lawmaker

Hackers sent emails purportedly from Rep. Moolenaar to key leaders ahead of U.S.-China trade talks.

^{Sam Sabin (Axios)}

A developer repurposed discarded disposable vapes into functioning web servers by utilizing their built-in PUYA microcontrollers¹. The project runs on a 24MHz Cortex M0+ chip with 24KiB flash storage and 3KiB RAM, found inside modern rechargeable "disposable" vapes².

The web server implementation uses uIP for TCP/IP networking and communicates via SLIP protocol through semihosting. After optimizing the data transfer with ring buffers, the server achieves 20ms ping times and 160ms page load speeds².

The project demonstrates creative e-waste reuse at a time when disposable vapes face increasing restrictions, with recent bans enacted in Rhode Island³ and other jurisdictions. The developer notes the irony of "disposable" devices containing USB-C ports and rechargeable batteries².

1. Hosting a WebSite on a Disposable Vape | Lobsters ↩︎
2. Hosting a WebSite on a Disposable Vape ↩︎ ↩︎ ↩︎
3. New year, new laws: RI to put host of new laws on the books | ABC6 ↩︎

New year, new laws: RI to put host of new laws on the books | ABC6

The Rhode Island General Assembly is turning out a bevy of new laws for 2025.

^{Christopher Boardman (ABC6)}

Geneva (AFP) – Cluster munitions have killed or injured more than 1,200 civilians in Ukraine since Russia's full-scale invasion began, a monitor said Monday, decrying "troubling setbacks" in global efforts to eradicate the weapons.

Since Russia expanded the invasion of its western neighbour in February 2022, Ukraine has registered the highest number of recorded annual cluster munition casualties worldwide, the Cluster Munition Coalition (CMC) said in its annual report.

Russia has used the widely-banned weapons "extensively" since the first day of the war, it said, adding that Ukraine too had used the weapons, and faces Russian accusations of deploying them inside of Russia.

At least 193 cluster munition casualties were recorded in Ukraine in 2024, out of 314 globally, the report said.

In total, more than 1,200 such casualties have been registered in Ukraine since the start of the war, most of them in 2022.

But the report stressed that the figure was surely a dramatic underestimate, pointing out that last year alone, Ukraine suffered around 40 cluster munition attacks where casualty numbers were not given.

Cluster munitions can be dropped from planes or fired from artillery before exploding in mid-air and scattering bomblets over a wide area.

They pose a lasting threat since many fail to explode on impact, effectively acting as landmines that can explode years later.

Neither Russia nor Ukraine are among the 112 states that are party to the 2008 Convention on Cluster Munitions, which prohibits the use, transfer, production and storage of cluster bombs.

The only other two countries where cluster munition attacks were registered last year -- Myanmar and Syria -- have not joined the convention either.

The United States, also not a party to the treaty, sparked outcry with its 2023 decision to transfer cluster munitions to Kyiv.

It has since transferred the weapons to Ukraine in at least seven separate shipments, CMC said.

Submunitions with Korean language markings have meanwhile been found in Ukrainian-controlled territory this year, but the report said it remained unclear if they had been used by the North Korean forces fighting alongside Russians in the war, or if they had simply been acquired from North Korea by Russia for Russian use.

At a global level, CMC also warned of "troubling setbacks" threatening efforts to establish new international norms stigmatising the use of cluster munitions.

Lithuania in March this year became the first ever country to withdraw from the treaty, six months after it announced it was leaving, citing regional security concerns.

Following that move, Lithuania, along with Poland, Latvia, Estonia and Finland, also said they would quit a treaty banning anti-personnel landmines amid concerns over "Russia's aggression".

Tamar Gabelnick, head of the Cluster Munition Coalition, decried Lithuania's departure, warning that it "undermines the norm created by the convention, with catastrophic implications for the rule of international law protecting civilians".

"We have already seen the impact this decision has had on the Mine Ban Treaty, and states should be extremely wary of a wider domino effect."

Cluster bombs kill, wound over 1,200 in Ukraine since 2022: monitor

^RFI

The Cuban community, which voted massively for the president in the November elections, is confronting a longstanding tradition of supporting conservative policies

United States Citizenship and Immigration Services (USCIS), the agency in charge of processing immigration applications, goes around asking coworkers and neighbors whether someone is eligible for U.S. citizenship or not, in the style of the Cuban Committees for the Defense of the Revolution (CDR).

The American government attacks the LGBTQ+ community… just like the Cuban government did in the 1960s.

Donald Trump has flirted with staying longer in the White House, in the same way in which Fidel Castro — having tasted so much power during his lifetime — decided to lead Cuba for nearly half a century. The former has already devoted efforts toward attacking opposing ideologies and freedom of expression, concepts that the latter completely nullified.

Florida’s Cubans are now divided on Trump: ‘He acts like Fidel’ 

^{Carla Gloria Colomé (Ediciones EL PAÍS S.L.)}

The Polish foreign ministry has revealed that Google has rejected complaints over a series of YouTube videos in Polish published by the Israeli embassy that Poland says are spreading “disinformation” about the situation in Gaza by casting doubt on reports of starvation there.

In late July and early August, the embassy posted six videos claiming that [Israel is providing large amounts of humanitarian aid](Israel is providing large amounts of humanitarian aid) to the people of Gaza, that uncritically shared by international media, and that it is the UN which is blocking aid trucks from entering.

“Google responded that the promoted materials were consistent with its policies and values”,

The next AI visitors won't look like bots

Today's AI browsers and devtools, from Perplexity Comet to Firecrawl to Browserless, look human in site logs— showing up as Chrome while loading pages, ads, and solving CAPTCHAs.

🔻9.4%

decrease in human visits

Human traffic trended downward as AI traffic volume continued to increase. This quarter, human visits decreased 9.4% across all sites on TollBit.

🔺4x

increase in AI's share of website visits

AI visits rise as human visits fall. At the start of Q1, 1 out of every 200 visitors was AI. Now it is 1 in every 50, reflecting a 4x increase in the relative volume of AI visitors.

🔺4x

increase in bots ignoring robots.txt

AI bots are continuing to ignore robots.txt directives this year. In Q2, 13.3% of AI bot visits bypassed robots.txt directives.

🔺360%

increase in AI bot visits blocked

AI bot redirects to the TollBit Bot/Agent Paywall, have increased 360% from Q1 to Q2 2025 as websites have increasingly taken active measures to charge AI traffic.