🔥 Chinese Hackers Pose Major Threat

Good Morning. The deliberate sabotage of an AT&T internet cable at Sacramento International Airport led to significant operational disruptions, particularly affecting flight schedules.

Both Southwest and Delta airlines experienced delays due to the severed internet connection, which compromised their ability to process passengers and manage flights efficiently. The airport reported delays lasting over two hours for departures, and arrivals were similarly affected.

Repair efforts were promptly initiated and service was restored by mid-morning, but the incident comes amidst the FBI highlighting the ongoing threat posed by Chinese hackers to US critical infrastructure

— 🐈‍⬛ Acoustic Kitty

THE BOTTOM LINE UP FRONT

FBI Issues Warning Against China’s Preparations for ‘Disruptive Attacks’

FBI Director Christopher Wray highlighted the escalating threat from Chinese hacking groups like Volt Typhoon, which are reportedly preparing to potentially disrupt U.S. critical infrastructure by 2027. In a speech at Vanderbilt University, Wray detailed ongoing cyber espionage activities targeting American oil pipelines, and more recently, sectors including water, energy, and telecommunications—efforts that U.S. officials interpret as strategic positioning for future disruptive attacks.

Escalation of Cyber Threats

Since 2011, China has been actively involved in cyber operations against the U.S., initially focusing on oil pipeline data related to control systems rather than financial information. Recently, the activities of Chinese hacking group Volt Typhoon have expanded to include a broader range of critical infrastructure sectors, signaling a shift towards potential large-scale disruption.

Strategic Pre-Positioning

The recent cyber espionage efforts by Volt Typhoon are seen by U.S. officials as "pre-positioning" for attacks that could incapacitate essential services. According to Dragos, a private threat intelligence firm, these operations are part of a larger strategy to enable Beijing to "physically wreak havoc" on the U.S. infrastructure "at a time of its choosing," pointing to a significant escalation in the stakes of global cyber warfare.

INTERNATIONAL SECURITY & DIPLOMACY

Counterterrorism

• Police in Central Sulawesi, Indonesia, arrested eight suspects in anti-extremism raids across three cities, seizing electronics and jihadi materials, officials announced Thursday. The operations, informed by intelligence from previously detained militants, targeted individuals involved in military-style training and fundraising for terror activities, according to National Police spokesperson Trunoyudo Wisnu Andiko.

• Gunmen attacked a checkpoint in Dera Ismail Khan, Khyber Pakhtunkhwa province, killing two Pakistani customs officials and wounding three others, police reported Sunday. The incident, which occurred late Saturday, follows a similar attack last Thursday in the same district that left four customs officials dead.

• An explosion from a sticky bomb in Kabul's Kot-e-Sangi neighborhood killed one person and injured three others, targeting a minibus in a predominantly Shiite Hazara area, according to Afghan police. The Islamic State group claimed responsibility for the attack, alleging it occurred near a Taliban checkpoint and affected approximately 10 people.

Military & Defense

• The United States has agreed to begin planning the withdrawal of its troops from Niger, a decision reached during discussions between U.S. Deputy Secretary of State Kurt Campbell and Niger's Prime Minister Ali Lamine Zeine, U.S. officials announced Saturday.

• Ukraine conducted overnight drone strikes on eight Russian regions, targeting energy infrastructure and killing two civilians, with Russia claiming to have intercepted 50 drones, according to Moscow's Defense Ministry and reports by Associated Press and Reuters.

• Taiwan's military announced plans to discuss with the United States the use of funds allocated to Taipei in a $95 billion aid package primarily aimed at supporting Ukraine and Israel, as the island faces ongoing military provocations from Chinese warplanes.

• Two Japanese navy helicopters potentially collided and crashed into the Pacific Ocean during a night-time antisubmarine exercise, resulting in the death of one crew member and seven others missing, according to Defense Minister Minoru Kihara. The incident occurred near Torishima in the Izu island group, with ongoing rescue operations and flight recorder analysis suggesting a high likelihood of a mid-air collision.

Cybersecurity

• The United Nations Development Programme (UNDP) suffered a cyberattack in late March, leading to the theft of sensitive data including human resources and procurement information, with the IT infrastructure of Copenhagen also affected. The UNDP has taken steps to contain the breach and identify the affected data and individuals, while the ransomware gang 8Base has claimed responsibility for the attack, listing the UNDP among its victims.

• CrushFTP has issued a warning about an actively exploited zero-day vulnerability that allows unauthenticated attackers to access and download system files, recommending immediate updates to newly released versions. The company notes that users with a DMZ perimeter network are shielded from attacks stemming from this security flaw.

Counterintelligence & Espionage

• Bavarian state police have detained two German-Russian individuals, Dieter S and Alexander J, on charges of conspiring to bomb industrial and military sites supporting Ukraine, as part of an alleged espionage operation for Russia.

• Hackers linked to the group UAC-0184 are increasingly targeting messaging apps used by the Ukrainian armed forces to deploy data-stealing malware, including tools like HijackLoader and Remcos. CERT-UA warns that seemingly innocuous actions, such as servicemen posting photos in uniform, can help attackers identify and target them for cyber and physical attacks.

• A Ukrainian man was sentenced for high treason after creating over 60 pro-Russian propaganda posts on social media, funded by Russian intelligence, according to Ukraine's security service (SBU). The man faces 15 years in prison.

• The U.S. Senate approved a two-year extension of Section 702 of the Foreign Intelligence Surveillance Act, a key intelligence tool according to National Security Adviser Jake Sullivan, despite concerns over privacy as it may incidentally collect communications of Americans. Critics, including Senate Majority Whip Dick Durbin, described the bill as "alarming" due to inadequate privacy safeguards and a controversial provision broadening the scope of organizations required to aid government surveillance.

Transnational Organized Crime

• Drug traffickers operating from a federal prison near Buenos Aires orchestrated the murder of a young father in Rosario, Argentina, employing a 15-year-old as the hitman, according to local authorities. The killing, captured by surveillance footage, was part of a violent spree attributed to gang conflicts, marking an alarming escalation in a country previously untouched by the levels of drug cartel violence seen in other parts of Latin America.

• Two mayoral candidates in Mexico were murdered on Friday, escalating the death toll to 17 in the violent run-up to the country's June 2 elections; Noé Ramos Ferretiz in Tamaulipas and Alberto García in Oaxaca were the latest victims. Ramos Ferretiz, seeking reelection in Ciudad Mante, was reportedly stabbed, while García was found beaten to death on an island in a reservoir, highlighting the severe impact of drug cartel violence on the electoral process.

SCIENCE & TECHNOLOGY

Elon Musk's brain-implant company Neuralink has begun testing its Telepathy device at the Barrow Neurological Institute in Phoenix, Arizona, marking a significant step in the development of brain-computer interfaces (BCIs). The initial participant, Noah Arbaugh, successfully received the implant in January and demonstrated the device's capabilities by using it to play chess and video games, showing promise for individuals with severe paralysis.

Study and Partnership

Neuralink chose the Barrow Neurological Institute for its inaugural study site due to the institute's extensive experience with complex neurological conditions. Barrow, boasting over 300 active clinical trials and approximately 6,000 neurosurgeries annually, has publicly expressed enthusiasm about the collaboration through a press release but declined further comments at this time.

Patient Experience and Future Potential

Noah Arbaugh, paralyzed from a diving accident, showcased his ability to control a computer using the Neuralink device during a livestream on the social media platform X. This demonstration not only highlights his personal achievements but also underscores Neuralink's broader ambition to enable people with paralysis to operate digital interfaces through thought alone.

In other news…

🐙 Scientists developed a new robotic suction cup capable of grasping rough, curved, and heavy stones, inspired by the adaptive suction abilities of octopus suckers. The research team, based at Bristol Robotics Laboratory, University of Bristol, studied octopus biological suckers to design the device, which mimics their capacity to anchor to rock surfaces.

💌 Scammers use advanced face-swapping technology to create a deepfake persona during video calls, to deceive and scam.This tactic is part of a broader trend among con artists known as Yahoo Boys, who reportedly defrauded victims of over $650 million last year through romance scams employing fake identities to build trust and solicit money.

DEALS & FUNDING

Lacework, a cloud security startup once valued at $8.3 billion, is in negotiations for acquisition by cybersecurity firm Wiz for a sharply reduced price of $150 million to $200 million. The two companies have signed a letter of intent, but the deal remains uncertain as it seeks to enhance Wiz's technological resources and customer base in its push for $1 billion in annual recurring revenue before its upcoming initial public offering (IPO).

Acquisition Strategy

The proposed acquisition by Wiz is part of its strategy to expand its technology and talent pool, aiming to solidify its market position before going public. The deal is particularly strategic as it attempts to reach a significant financial milestone in annual revenues.

Deal Uncertainty

Despite the agreement on a letter of intent, the acquisition of Lacework by Wiz is not guaranteed. The substantial discrepancy between Lacework's previous valuation and the current proposed purchase price highlights the volatility and rapid changes within the tech sector, especially in cloud security.

In other news…

🌱 BreachRx, a San Francisco-based company, has secured $6.5 million in seed-stage financing from SYN Ventures and Overline to develop technology aimed at improving corporate incident response systems and protecting cybersecurity executives from personal liability during data breaches. The technology is designed to automatically generate tailored response plans and ensure compliance with regulatory standards, while the company plans to use the new funding to expand its market presence and engineering capabilities.

🤑 VulnCheck, a exploit intelligence startup, has raised $8 million in a seed funding round led by Sorenson Ventures, to enhance technology for vulnerability prioritization and early-warning systems for software exploitation. The company, which emerged from stealth mode last February, integrates autonomous vulnerability analysis with exploit and threat intelligence, and is developing tools to address internet-connected device vulnerabilities and zero-day threats.

🔏 Langdock, a German startup, raised $3 million in seed funding to develop a chat interface that serves as an intermediary layer allowing companies to easily switch between various large language models (LLMs) without committing to a single provider. The interface, designed to support foundational, open-source, or company-hosted models, aims to offer flexibility and regulatory compliance, particularly appealing to European companies integrating LLM technology.

📲 Cape, a Washington, D.C.-based startup led by a former Palantir executive, has secured $61 million in funding to develop a privacy-focused technology that does not collect sensitive personal information like names or Social Security numbers, embodying a "privacy by design" approach. Despite its recent emergence from stealth mode and having no commercial service yet launched, Cape has initiated a pilot project with the U.S. government in Guam and plans a consumer launch in June.