Tag: hacking

Congressional Budget Office Plagued by ‘Ongoing’ Cybersecurity Breach

When the agency that crunches Washington’s numbers can’t even secure its own, it’s hard not to see a metaphor in the math.

The Congressional Budget Office confirmed this week that it’s battling an “ongoing” cybersecurity incident — one that, by all accounts, has stretched on for days and remains unresolved.

Politico first reported the breach, noting that CBO officials are still assessing the full scope of the intrusion and what data, if any, may have been compromised.

The nonpartisan agency, which provides cost estimates and fiscal analyses to Congress, said it has added new monitoring systems and security controls while a full investigation continues.

The CBO has not said whether sensitive information was stolen or who might be behind the attack, the Associated Press reported. Officials also declined to specify how long the agency’s systems have been affected.

Reuters added that Senate offices were warned by the chamber’s Sergeant at Arms that email communications with the CBO might have been exposed, potentially giving hackers a chance to spoof messages or launch phishing attempts.

That advisory urged congressional staff to treat any CBO-related email traffic with extra caution until the incident is fully contained.

While the agency insists its work for lawmakers continues uninterrupted, the breach’s duration has sparked questions about whether the CBO’s analytical models and data pipelines could have been tampered with.

Experts told the Associated Press that a breach described as “ongoing” suggests investigators are still chasing active threats within the network rather than cleaning up a finished intrusion.

The incident comes at a sensitive time for Congress, with fiscal debates, spending fights, and shutdown negotiations all relying on the CBO’s projections to guide votes and policy.

Reuters noted that the longer such breaches persist, the greater the risk that attackers can map internal systems, gather intelligence, or establish backdoors for later use.

The Washington Post reported that early assessments point to a possible foreign actor, though officials have not publicly attributed the breach to any specific nation or group.

In a statement, the CBO said it “continually monitors” for cyber threats and had taken “immediate action” to safeguard its systems once the incident was detected.

Still, the episode has renewed scrutiny of cybersecurity readiness across federal agencies — particularly those, like the CBO, that don’t handle classified data but remain critical to day-to-day government operations.

Keep reading

Hollywood Producer Buys Israeli NSO Spyware Maker, Hires David Friedman to Sell Hacking Tools to U.S.

Hollywood producer Robert Simonds has purchased the Israeli spyware maker NSO Group to bring it under “American” control and hired Trump’s former Ambassador to Israel, David Friedman, to lobby the president to remove sanctions on the firm so they can sell their hacking tools to US law enforcement.

Though the company was sold to a consortium of alleged “Americans” led by Simonds, the NSO Group “said Sunday that it would continue to operate from Israel under the full regulatory authority of the Defense Ministry, as it expands its global footprint and seeks to resume operations in the US,” the Times of Israel reports.

From The Wall Street Journal, “Israeli Spyware Maker NSO Gets New Owners, Leadership and Seeks to Mend Reputation”:

TEL AVIV—NSO Group, the Israeli company behind Pegasus spyware, says a group of investors led by Hollywood producer Robert Simonds has acquired a controlling stake in the firm, which has named a former Trump official to lead an effort to restore its battered reputation.

The company, which has faced lawsuits and U.S. government sanctions since revelations that its technology was used to spy on political dissidents, human-rights advocates, journalists and American officials, declined to disclose the purchase price.

NSO’s new executive chairman, David Friedman, a former U.S. ambassador to Israel and onetime bankruptcy lawyer for President Trump, said he wants to use his ties to the Trump administration to help rebuild the company’s spyware business in the U.S.

“If the administration, as I expect they’ll be, is receptive to considering any opportunity that might keep Americans safer, it will consider us,” said Friedman, who splits his time between Florida and Israel.

This is naked influence peddling.

Keep reading

CISA Orders Federal Agencies to Patch F5 Devices After Nation-State Hack

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive compelling federal agencies to address major security flaws in software management devices made by F5, a technology company. The order follows a security breach where nation-state-affiliated hackers reportedly accessed F5’s internal systems, stealing source code and customer data.

In the directive released on October 15, CISA warned that a foreign government-affiliated group compromised F5’s networks and exfiltrated sensitive files. This stolen data included parts of the source code for BIG-IP, F5’s flagship product, along with information about known vulnerabilities.

CISA stated that this access gives the hackers a significant advantage, allowing them to analyze the code for undiscovered flaws, or “zero-day vulnerabilities,” and develop targeted attacks against F5 devices and software.

Imminent Threat to Federal Networks

According to the directive, this cyber threat actor poses an “imminent threat” to all federal networks that use F5 products. If hackers successfully exploit the vulnerabilities, they could gain access to embedded login details and API keys, which would allow them to move undetected within a network, steal data, and establish long-term access. CISA warns this could lead to a “full compromise” of an organization’s information systems.

Due to what it calls an “unacceptable risk,” CISA has mandated immediate action for agencies using a range of F5 products.

Affected F5 Products:

The directive applies to the following hardware and software:

  • Hardware: BIG-IP iSeries, rSeries, and any other F5 devices that are no longer supported by the company.
  • Software: All devices running BIG-IP (F5OS and TMOS), Virtual Edition (VE), BIG-IP Next, BIG-IQ, and BIG-IP Next for Kubernetes (BNK)/Cloud-Native Network Functions (CNF).

The directive’s requirements are designed to address the immediate risk and help agencies defend against anticipated attacks targeting these systems.

Keep reading

China accuses US of major cyber-attack

China has accused the US National Security Agency (NSA) of waging a “major” multi-year cyberattack on the Chinese agency responsible for keeping national time.

In a statement posted on its official social media account on Sunday, the Ministry of State Security (MSS) said it had “obtained irrefutable evidence” that the NSA infiltrated the National Time Service Center. The covert operation allegedly began in March 2022, aiming to steal state secrets and conduct acts of cyber sabotage.

The center serves as China’s official time authority, issuing and broadcasting ‘Beijing Time’ to key sectors including finance, energy, transport, and defense. A disruption to this critical piece of infrastructure could have caused widespread instability in financial markets, logistics and power supply, according to the MSS.

According to the MSS, the NSA first exploited a vulnerability in the foreign-made mobile phones of several staff members at the center, gaining access to sensitive data.

Keep reading

Microsoft: Sharp Increase in Ai-Aided Cyberattacks From Russia, China

Foreign adversaries are increasingly using artificial intelligence (AI) in their cyber influence campaigns, with operations picking up “aggressively” this year, Microsoft said on Oct. 16.

In July, Microsoft identified more than 200 instances of AI-generated content from nation-state adversaries, more than four times the number in July 2024, and more than 10 times the number in July 2023, the company’s annual Digital Defense Report shows.

AI can create increasingly convincing emails and generate digital clones of senior government officials or news anchors, according to the report. The sophistication of AI tools has made the operations “easier to scale, more effective, and harder to trace,” and it is becoming increasingly difficult to differentiate state- and non-state actors, the report stated.

For scammers, AI is making it easier to quickly create more convincing websites, profiles, emails, and IDs, the report said. Microsoft said it blocked 1.6 million fake account creation attempts per hour on the company’s platforms.

“Everyone—from industry to government—must be proactive to keep pace with increasingly sophisticated attackers and to ensure that defenders keep ahead of adversaries,” said Amy Hogan-Burney, Microsoft’s vice president for customer security and trust, who oversaw the report.

Keep reading

China Escalates Cyberattacks That Are Increasingly Hard To Detect

AChinese hacking group is reportedly behind a significant espionage campaign targeting U.S. technology firms and legal services, highlighting a worrisome escalation in China’s cyber “Cold War” with the United States.

Since March 2025, Google’s Threat Intelligence Group and its cybersecurity subsidiary, Mandiant, have tracked suspicious activities, delivered over a backdoor malware known as “BRICKSTORM.” This sophisticated campaign is targeting a variety of sectors, including law firms, software-as-a-service providers, and other technology companies. Following extensive monitoring and analysis, Google has linked these hacking efforts to UNC5221, a long-suspected Chinese Advanced Persistent Threat (APT) actor, alongside other “threat clusters” associated with China.

The BRICKSTORM campaign is especially disturbing for two primary reasons. Firstly, it was crafted to ensure “long-term stealthy access” by embedding backdoors into targeted systems, enabling hackers to dodge conventional detection and response methods. The stealth campaign has proven so adept that, on average, these intruders remain undetected in targeted systems for nearly 400 days, as revealed by a Google report.

Secondly, the motivations behind these cyberattacks transcend the theft of trade secrets and national security data. Google suspects that these hackers are also probing for “zero-day vulnerabilities targeting network appliances,” as well as “establishing pivot points for broader access” to additional victims. This indicates a strategy to gather intelligence that could be pivotal to the Chinese military should tensions escalate between the U.S. and China.

Xi Jinping, the leader of Communist China, has consistently expressed his ambition for the nation to become a “cyber superpower.” With this goal in mind, the Chinese government has invested significant resources in building a formidable cyber army.

The People’s Liberation Army (PLA) considers cyber warfare to be a crucial aspect of both its defensive and offensive strategies, alongside traditional military forces. Cyberattacks are viewed as a cost-effective means to undermine an opponent’s will to fight by targeting its economic, political, scientific, and technological systems.

Thus, the PLA reportedly employs as many as 60,000 cyber personnel, ten times larger than the U.S. Cyber Command’s Cyber Mission Force. Additionally, a higher proportion of the PLA’s cyber force is dedicated to offensive operations compared to the United States (18.2 percent versus 2.8 percent).

Alongside China’s official cyber force, the Ministry of State Security and the Ministry of Public Security have adopted a “pseudo-private” contractor model that allows them to hire civilian hackers to conduct cyber espionage abroad while obscuring the Chinese government’s involvement.

Over time, the Communist regime has also significantly advanced its cyber operation capabilities. Today, China’s cyber operations are increasingly sophisticated, utilizing advanced tactics, techniques, and procedures to infiltrate victim networks, according to a U.S. government report.

The BRICKSTORM attack is part of a long series of high-profile cyberattacks originating from China in recent years. Between 2023 and 2024, Salt Typhoon, a Chinese hacking group linked to the Ministry of State Security accessed U.S. wireless networks operated by companies such as AT&T and Verizon, “as well as systems used for court-appointed surveillance.” This breach resulted in the compromise of telecommunication data for over a million American users, including individuals involved in both Trump’s and then-Vice President Kamala Harris’s presidential campaigns.

Keep reading

John Bolton’s personal email account was hacked by foreign entity, FBI docs reveal

Former National Security Adviser John Bolton allegedly used a private email account that was at one point hacked by a “foreign entity,” an FBI search warrant affidavit released Friday revealed. 

The 41-page document –  used by federal investigators to justify the raid of Bolton’s Maryland home last month – suggests the hacking incident gave the FBI reason to believe the former Trump administration official mishandled classified records. 

The Post previously reported that Bolton allegedly used his personal email account to send “highly sensitive” documents to his family while working in the White House.

“Hack of Bolton AOL Account by Foreign Entity,” reads a section of the affidavit, where investigators explained the probable cause for the searches. 

The roughly 10 pages detailing the hacking incident are completely redacted. It’s unclear which foreign nation may have been responsible. 

Keep reading

Will County Democrat Jacqueline Traynere — Who Once Struck a Child With Her Car — Now CHARGED With Three Counts of Computer Tampering After Allegedly Hacking Fellow Board Members’ Emails

The scandals surrounding Will County Democrat Jacqueline Traynere keep piling up.

Traynere, a Democrat Will County Board member serving Bolingbrook, Illinois, is now officially charged with three counts of computer tampering, according to documents filed in Will County Circuit Court this week, Patch reported.

The charges stem from an incident in March 2024 when Traynere allegedly accessed the private email account of Republican Board Chair Judy Ogalla without authorization. Prosecutors say Traynere then forwarded Ogalla’s conversations to Democrat County Executive Jennifer Bertino-Tarrant in an apparent attempt to undermine her political opponents.

Computer tampering is a Class B misdemeanor in Illinois.

More from the Chicago Tribune:

Traynere, a Bolingbrook Democrat, allegedly accessed the email account of board member Judy Ogalla, a Monee Republican, in March 2024 without Ogalla’s authorization, according to the charges.

The misdemeanor charges filed by special prosecutor William Elward state Traynere forwarded emails from Ogalla’s account to herself and others.

Ogalla, who was the Will County Board chairman at the time, said that Traynere knowingly accessed her email and knew it was unethical.

Ogalla questioned whether Traynere had opened her email more than once. She said she doesn’t know what all Traynere saw.

“Was she in my email other times and I just didn’t know?” Ogalla said. “She shouldn’t have done it.”

An email exchanged between board member Steve Balich, a Homer Glen Republican, and Ogalla regarding the controversial 143rd Street road widening project had been forwarded to the county executive, who replied to the email, Balich said during a July 2024 news conference with other County Board Republicans.

This isn’t Traynere’s first brush with controversy. Earlier this year, she was involved in a disturbing incident where she struck a child riding a bicycle with her car.

Keep reading

The Next Phase Of Surveillance? Getting Under Your Skin

AI and transhumanism: Hackable animals

My friends, let me introduce you to Yuval Noah Harari, a man chock-full of big ideas. He explained during the COVID crisis:

“COVID is critical because this is what convinces people to accept, to legitimize, total biometric surveillance. If we want to stop this epidemic, we need not just to monitor people, we need to monitor what’s happening under their skin.”

In a 60 Minutes interview with Anderson Cooper, Harari repeated this idea: “What we have seen so far is corporations and governments collecting data about where we go, who we meet, what movies we watch.

The next phase is the surveillance going under our skin … He likewise told India Today, when commenting on changes accepted by the population during COVID-19:

“We now see mass surveillance systems established even in democratic countries which previously rejected them, and we also see a change in the nature of surveillance. Previously, surveillance was mainly above the skin; now we want it under the skin.

“Governments want to know not just where we go or who we meet. They want to know what’s happening under our skin: what is our body temperature; what is our blood pressure; what is our medical condition?”

Harari is clearly a man who wants to … get under your skin. He just might succeed.

Another recent interview finds him waxing philosophical:

“Now humans are developing even bigger powers than ever before. We are really acquiring divine powers of creation and destruction. We are really upgrading humans into gods. We are acquiring, for instance, the power to re-engineer human life.”

As Kierkegaard once said of Hegel when he talks about the Absolute, when Harari talks about the future, he sounds like he’s going up in a balloon.

Forgive me, but a few last nuggets from professor Harari will round out the picture of his philosophy, and his lofty hopes and dreams:

Humans are now hackable animals. You know, the whole idea that humans have this soul or spirit, and they have free will and nobody knows what’s happening inside me, so, whatever I choose, whether in the election or in the supermarket, that’s my free will — that’s over.”

Harari explains that to hack human being, you need a lot of computing power and a lot of biometric data, which was not possible until recently with the advent of AI.

Keep reading

Private Contact Info and Passwords of Trump’s Top Security Officials — Including Mike Waltz, Tulsi Gabbard, and Pete Hegseth — Reportedly Found Online via Hacked Data and Search Engines

The private contact information of key members of President Donald Trump’s top security circle — including Mike Waltz, Tulsi Gabbard, and Pete Hegseth — has reportedly been exposed online through hacked databases and commercial people search engines.

The bombshell report comes from Germany’s Der Spiegel, which confirmed that the personal phone numbers, email addresses, and even passwords of these high-level officials can now be accessed by virtually anyone — including foreign intelligence agencies.

According to the news outlet, “The reporters used commercial people search engines along with hacked customer data that has been published on the web.”

According to the report, National Security Adviser Mike Waltz, Director of National Intelligence Tulsi Gabbard, and Secretary of Defense Pete Hegseth were among those whose personal data was discovered in online leaks.

Spiegel journalists say they were able to link the exposed phone numbers to active WhatsApp and Signal accounts, raising serious concerns that foreign adversaries may have had — or still have — access to critical communications.

“Hostile intelligence services could use this publicly available data to hack the communications of those affected by installing spyware on their devices. It is thus conceivable that foreign agents were privy to the Signal chat group in which Gabbard, Waltz and Hegseth discussed a military strike,” according to the German news outlet.

Keep reading