Donbas Post, which operates in the Russian-controlled parts of Donetsk and Luhansk, said the incident affected its corporate network, web platform and email systems. The company had restricted access to several services to contain the breach and was working to restore operations.

From Nepal to Cuba, from Somalia to India, thousands of foreigners are dying for the Kremlin’s imperial ambitions. But the cruelest irony is that Russia is forcibly mobilizing Ukrainians from occupied territories. As of November 2025, Russia has recruited over 18,000 foreigners from 128 countries to fight against Ukraine. Among them, 3,388 have already died. 37 countries have their citizens held as prisoners in Ukraine. But the most cynical fact is that Russia doesn’t request the exchange of any foreigners, except North Koreans. For the Kremlin, these people are disposable soldiers. At the same time, 46,327 Ukrainians have been forcibly mobilized from Russian-occupied territories and Crimea. Moscow is turning victims of occupation into invaders of their country. Contents: * 128 countries in Putin’s army: scale of the phenomenon * Who and from where: geography and economics of mercenary work * How it works: the machine of recruitment and deception * What awaits on the front: the reality of war * Ukrainians against Ukraine: forced mobilization from occupied territories * World’s reaction: successes and failures * What it means: neocolonialism in action When Dmytro Usov, Ukraine’s Secretary of the Coordination Headquarters for the Treatment of Prisoners of War, announced on November 19, 2025, data on 18,000 foreigners from 128 countries, it confirmed the scale of the phenomenon. There are 3,388 dead individuals and citizens from 37 countries currently held in Ukrainian captivity. These are no longer isolated incidents; they represent a systematic issue. The dynamics are striking: in 2022, foreigners accounted for only 1% of all prisoners; by July 2025, it reached 49%. Almost half of all captured Russian military personnel in Ukraine are now foreigners. In 2023, Russia was recruiting hundreds of people per month; by 2024-2025, it became thousands. As noted by Andriy Yusov, representative of Ukraine’s Main Intelligence Directorate, “If a foreigner dies, there are no social payments and no responsibility. There are no relatives in Russia who would be dissatisfied with the war.” Russia doesn’t request the exchange of any foreigners, except North Koreans. When Ukraine captures a Nepali, an Indian, or a Cuban, Moscow simply forgets about them. The map of mercenary donor countries is a map of global poverty. Russia doesn’t recruit in Switzerland or Singapore. It looks like economic desperation makes people ready for anything. Nepal became one of the largest suppliers of mercenaries. Russian forces have officially confirmed 801 Nepalis; 31 have died and 10 remain in captivity. According to CNN (August 2024), the total number could reach 15,000 people. The average salary in Nepal is $150-200 per month. Russia promises $2,000, ten times more. For a Nepali family, this is an opportunity to escape poverty, give children education, and buy land. But this money comes at the cost of life. The positive aspect of the story is that, due to the actions of Nepal’s government, almost a thousand Nepalis signed contracts monthly in 2023-2024, compared to just one person in 2025. In January 2024, Nepal banned issuing work permits for Russia and demanded the return of its citizens. Cuba is on an even larger scale. According to the I Want to Live project, up to 20,000 Cubans may be fighting for Russia; Forbes mentions up to 25,000, Reuters, and the U.S. The State Department is more cautious with 1,000 to 5,000. Names of 1,028 Cubans for 2023-2024 are confirmed. The average salary in Cuba is $32-35 per month. $2,000 from Russia is almost two years’ earnings in one month. The island’s economic isolation makes it an ideal field for recruitment. Official Havana stays silent about the problem because economic dependence on Moscow doesn’t allow conflict. Africa provided 1,436 citizens from 36 countries, as stated by Ukraine’s Foreign Minister Andrii Sybiha in August 2025. Somalia, Burundi, Congo, Uganda, Rwanda, Cameroon, Zimbabwe, Senegal, South Africa, Sierra Leone, and Nigeria. The list reads like a geography textbook. Russia created a special unit within the Ministry of Defense for recruiting Africans. Two Cameroonians who were captured were promised jobs at a shampoo factory and a dental clinic. The contract promised 1.1 million rubles. Instead, they ended up in trenches near Kharkiv, used for assault attacks. Central Asia, Uzbekistan, Tajikistan, and Kazakhstan: exact numbers are unavailable, but experts speak of thousands. The region’s peculiarity: it’s not so much recruitment as forced mobilization of migrant workers. Millions of Central Asians work in Russia, many without proper documents. Russian military commissariats use this: either sign a contract or face 20 years in prison for illegal stay. This isn’t a choice; it’s an ultimatum. India lost at least 12 citizens; another 16 are missing. Among prisoners is 22-year-old Majhoti Sahil, who voluntarily surrendered to Ukraine’s 63rd Separate Mechanized Brigade. Average salary in India varies by region, but for rural areas $200-300 per month makes Russia’s $2,000 attractive. India’s government officially demands Russia return its citizens, but at the same time Moscow is negotiating with New Delhi about a labor mobility agreement that would create a legal corridor for recruitment. North Korea is a separate case. According to various data, from 10,000 to 14,000 North Korean military personnel are in Russia. According to South Korean intelligence, over 6,000 have already died. But these aren’t mercenaries in the classic sense; this is a military alliance between regimes. North Koreans perform auxiliary functions like demining and building fortifications. Unlike other foreigners, Russia requests their exchange because it has obligations to Pyongyang. Syria, Belarus, Armenia, Yemen, Iraq, Serbia, Colombia, Mexico, Sri Lanka, and Bangladesh. The list of countries continues. Russia has created a truly global network that exploits economic inequality as a military resource. Since 2023, Russia has built a systematic recruitment network operating on all continents. According to British intelligence, this network grew exponentially from hundreds of contracts per month to thousands. This isn’t a chaotic process but a well-organized special operation involving Russian intelligence services, diplomacy, and private military companies. PMC Redut plays a central role. Formally a private military company, in reality a cover for GRU operations. According to investigations by Radio Svoboda and InformNapalm, Redut coordinates recruitment in Africa, Asia, and Latin America. The scheme is simple: people are hired for “security contracts,” supposedly guarding facilities, doing warehouse work, and logistics. When they arrive in Russia, it turns out the contract is actually military. Documents are already taken; there’s no way back. The second line of attack is diplomacy. In Nepal, the Russian embassy openly cooperated with recruiting agencies until the Nepali government banned it in January 2024. With India, Moscow is negotiating a labor mobility agreement, officially to legalize Indians’ work in Russia, but actually to create a legal recruitment corridor. In Africa, Russia pressures governments of economically dependent countries: “Want Russian weapons and wheat? Don’t interfere with us recruiting your citizens.” The third mechanism is coercion through migration. Military commissariats in Tula and other Russian cities became centers for forced mobilization of Central Asian migrants. Detention on the street or at work, document checks, finding violations (which almost all migrants have). And then an ultimatum: either sign a contract and go to the front, or 20 years in prison for illegal stay. This isn’t recruitment; it’s modern-day slavery. Experts identify three stages that can be called “BDC”: Bribe, Deceive, and Coerce. First, a person is offered a dream job with a fantastic salary. Warehouse security, construction, shampoo production, dentistry, anything but war. The contract is written in Russian with vague wording about “special service conditions.” Only after arriving in Russia does the person understand: this is a military contract, and they’re already trapped. If someone tries to refuse, threats begin, physical violence, blackmail. “You have no documents, don’t know the language. Sign and you’ll get money and citizenship. Don’t sign, and we know where your family is.” In 2024-2025, recruiters actively use social media. Telegram, WhatsApp, and Facebook became hunting tools for potential recruits. They create groups for migrant workers, post attractive offers, and organize video calls with “successful workers” (who are actually either actors or military personnel under duress). African and Asian students at Russian universities are also under pressure: either a contract or deportation with loss of education and investments. When a person signs a contract, voluntarily or under duress, the most terrifying part begins. One of the Cameroonians who was captured said his “training” lasted only two weeks. During this time, he was taught basic rifle handling, grenade throwing, and navigation. No tactical training, no information about the enemy, and no understanding of modern warfare with drones and precision weapons. For comparison: Ukrainian military personnel undergo at least a month of basic training, often significantly more. Most foreigners end up in so-called assault companies, units used for the most dangerous tasks. Their function is cynically simple: attack Ukrainian positions, force the Ukrainian military to open fire, and reveal firing points. After this, Russian artillery knows where to strike. The Cameroonian mercenary captured near Kharkiv described an absurd situation: “There were five of us foreigners and two Russians. The Russians were in the back. We were told to go forward. When one of us tried to surrender to Ukrainians, the Russians opened fire on him to prevent him from leaving.” A 35-year-old Nepali who deserted from the Russian army and returned home was interviewed describing his life: “They treated us like dogs. There wasn’t enough food. They beat us without reason. Russians got better food and better equipment. We were second-class people.” Foreigners received old equipment, worn weapons, and minimal rations. Phones were taken, and contact with families was forbidden. “We were like ghosts. Nobody knew where we were, whether we were alive or dead.” A Cuban named Ernesto, who surrendered, told Ukrainian journalists his story. He was recruited in Cuba with a promise of “military service in the rear,” supposedly guarding facilities and logistics. A salary of $2,000 seemed fantastic for the island where he earned $35 per month. “When we arrived in Russia, we were immediately sent to a training base. The training lasted three weeks, but half of that time was spent on paperwork, making it feel like a joke. Then we were sent to Donbas.” Ernesto ended up in an assault company with other Cubans. “My comrades died as soon as we got to the front. First attack, and half died. We were just thrown forward, without support, without reconnaissance. We were bait.” Indian Majhoti Sahil, 22 years old, who voluntarily surrendered to the 63rd Separate Mechanized Brigade, said, “We were used as cannon fodder. We didn’t even know where we were, what was happening, or why they were shooting.” He was sent to the front after three weeks of “training,” half of which was spent on bureaucratic procedures. [video source] Ukraine’s Foreign Minister Andrii Sybiha voiced horrifying statistics: “Most mercenaries don’t live longer than a month after arriving at the front.” One month. 30 days. This is the average lifespan of a foreign mercenary in the Russian army. The official figure as of November 2025 is 3,388 confirmed dead foreigners. But the real number could be two or even three times higher. Many bodies simply aren’t identified. They’re cremated without documentation or left on the battlefield. Russia isn’t interested in counting foreign casualties because it creates diplomatic problems and requires payments to families. The most cynical detail: Russia doesn’t request the exchange of any foreigners except North Koreans. When Ukraine notifies Russia through the Coordination Headquarters about captured Nepalis, Indians, Cubans, or Cameroonians, Moscow doesn’t respond. Dmytro Usov stated directly, “In all this time, we haven’t received a single request from Russia to exchange foreign mercenaries. Except for North Koreans, Moscow wants them back because it has obligations to Pyongyang. The rest are simply forgotten.” Among all the horrific stories of this war, there’s one that surpasses everything in its cynicism. Russia doesn’t just recruit foreigners from around the world; it forcibly conscripts Ukrainians from occupied territories and Crimea, which constitutes a war crime, turning them into invaders attacking their country. As of July 2025, 46,327 Ukrainians were forcibly conscripted by Russian authorities. Crimea contributed 35,272 individuals, constituting the largest group. Russian invaders have been systematically mobilizing Crimeans since 2014, but after February 2022, the process took on an industrial scale. Sevastopol contributed 5,368 people, the Donetsk region 5,368, Luhansk 4,650, Zaporizhzhia 560, and Kherson 478. Ivan Fedorov, head of the Zaporizhzhia Regional Military Administration, described the forced mobilization system as “a refined mechanism of repression.” Russia uses electronic summons through the Russian Gosuslugi system. If you have a Russian passport (issued by force), you’re automatically in the database. At checkpoints at city entrances, at markets, and near shops, occupiers check documents for all men of conscription age. If you do not have a deferment, you will be sent directly to the military commissariat. If a man evades, occupiers can bring his family to responsibility: fines, property seizure, and prison threats. The most cruel aspect is that conscripted Ukrainians are often sent to assault units, which have the highest mortality rates and where foreigners are also deployed. Since 2025, mobilization has been year-round, not seasonal as before. According to the Security Service of Ukraine and the Coordination Headquarters, this is connected to Russia’s enormous losses: Russia loses about 50,000 killed and wounded monthly but can only recruit about 25,000 through contracts. Foreigners and forcibly conscripted men from occupied territories cover the difference. 16% of all Russian prisoners in Ukraine are Ukrainians mobilized from occupied territories. Of them, 6% are Crimeans. Dmytro Usov said, “We exchange Ukrainians for Ukrainians. It’s absurd, but it’s reality.” When Ukraine captures a mobilized Crimean or resident of occupied Donbas, it later exchanges him for other Ukrainian prisoners. Unlike Russia, Ukraine understands the difference between voluntary mercenaries and those forcibly conscripted. Ukrainian courts acquit those who demonstrate they were under duress and did not engage in crimes against civilians. According to the Main Intelligence Directorate, most mobilized Ukrainians surrender or try to desert at the first opportunity. Forced mobilization of civilian populations from occupied territories to participate in war against their own country is a direct violation of the IV Geneva Convention (Article 51) and the Rome Statute of the International Criminal Court (Article 8). Ukraine systematically transmits data on every case to international institutions. Each of these 46,327 cases is a separate case for future tribunals. The international reaction to mass recruitment of foreigners evolved from shock to concrete actions. Nepal became the only true success story. In January 2024, after the deaths of the first Nepalis and media coverage of their stories, the government banned issuing work permits for Russia, demanded the return of citizens, and launched an information campaign with Ukraine’s support. Result: from almost a thousand contracts monthly in 2023-2024 to one person in 2025. This proves when there’s political will and international support, the problem can be solved. India is in a difficult situation. After the deaths of at least 12 Indians and 16 more missing, the government officially demands Russia return its citizens. But simultaneously, New Delhi and Moscow are negotiating a labor mobility agreement that would create a legal corridor for recruitment. Ukrainian President Zelenskyy met with Indian Prime Minister Modi in August 2025 and personally drew attention to the problem, but India balances between economic interests and humanitarian obligations. Cuba doesn’t recognize the problem at all. Official Havana neither confirms nor denies, just stays silent. The U.S. uses data on Cubans’ participation in the war as an argument in its policy toward the island, but Cuba’s economic blockade makes the island dependent on Russia, and Havana can’t afford conflict with Moscow. African countries react differently. South Africa launched an investigation into the recruitment of 17 of its citizens and officially condemned these actions. But Somalia, Burundi, Congo, and other countries in difficult economic and political situations don’t react at all. Either they lack resources or don’t want to spoil relations with Russia, which supplies weapons and supports certain regimes. Tajikistan, Uzbekistan, and Kyrgyzstan are in the most difficult situation. Millions of their citizens work in Russia and send money home; this is a significant part of these countries’ GDP. Conflict with Moscow threatens economic catastrophe. Officially, these countries condemn forced mobilization, but in practice can do little. Ukraine conducts systematic countermeasures. The I Want to Live project is a platform where foreign mercenaries can get information about safe surrender. The platform includes a Telegram channel, a website, and a hotline available in multiple languages. Hundreds of foreigners used this platform. Each prisoner gives detailed interviews about recruitment methods, service conditions, and crimes of the Russian command. This data is transmitted to the International Criminal Court, the UN, and the Red Cross. Ukraine cooperates with local media, NGOs, and public organizations in donor countries to spread information about mercenaries’ real fate. Videos with prisoners’ testimonies are translated into Nepali, Spanish, and various African languages. Serhii Kyslytsia, Ukraine’s Permanent Representative to the UN, regularly raises the topic at Security Council and General Assembly sessions, naming specific numbers, countries, and names. This creates pressure on these countries’ governments. The Coordination Headquarters collects prisoner data, the Main Intelligence Directorate conducts special operations and information campaigns, the Foreign Ministry conducts diplomacy, and people’s deputies lobby the topic in international parliamentary organizations. Russia’s need for foreign mercenaries is a sign of weakness, not strength. If Putin’s army were as mighty as Kremlin propaganda claims, it wouldn’t need to recruit Nepalis, Cubans, and Somalis. The numbers are unmistakable: Russia experiences a monthly loss of approximately 50,000 killed and wounded, yet it can only recruit approximately 25,000 through contracts. The difference of 25,000 is a gap that needs filling. And the Kremlin fills it with foreigners and forcibly conscripted Ukrainians. Mark Galeotti, a leading expert on Russian security, wrote in The Sunday Times, “Putin has turned the Russian army into an international legion of despair. The current crisis is not a sign of the empire’s strength but that it’s falling apart.” When citizens of 128 countries participate in the war, when Iran supplies drones, North Korea sends soldiers and shells, and China provides “non-military” support, this is already a world war, just not officially declared. Forbes, in an analytical article in fall 2025, wrote, “World War III began not with nuclear strikes but with the quiet recruitment of the world’s poorest countries into a conflict that doesn’t concern them.” What Russia does with foreigners is neocolonialism in its purest form. The Kremlin exploits economic inequality between countries, turning poverty into a weapon. The list of donor countries speaks for itself: Nepal, Cuba, Somalia, Burundi, Congo, Tajikistan, Uzbekistan, and the world’s poorest corners. Russia doesn’t recruit in Switzerland, Norway, or Singapore. It recruits where people are ready for anything for money that in developed economies is a modest salary. Andrii Sybiha, in a speech at a UN forum, called this “monetization of global inequality”: “Putin’s regime has turned systemic poverty into a military resource. It buys lives at a price that for some countries seems ordinary, but for Global South residents is the only chance to escape destitution.” The Economist calculated the economics of cynicism: replacing one Russian contractor with five foreigners saves the Russian budget about $10,000 per month. Multiply this by thousands and you get billions in savings. A contractor from Moscow or St. Petersburg receives $3,000-5,000 plus social guarantees. If he dies, the family receives millions of rubles in compensation, plus his death creates discontent in society. A foreigner costs $2,000 with no obligations. If he dies, no payments, no public resonance in Russia. Human lives became financial optimization. If the international community allows Russia to exploit global poverty for warfare with impunity, it will create a precedent. Other authoritarian regimes will see: you can recruit poor people from around the world, throw them into war, and nobody will stop you. Bloomberg, in an editorial in fall 2025, wrote, “Russia’s war against Ukraine exposed the dirtiest mechanisms of the modern global economy. It turns out, for the right price, you can buy thousands of lives. And the world watches, morally condemns, but does nothing.” 18,000 foreigners from 128 countries and 46,000 forcibly mobilized Ukrainians aren’t just military statistics. It’s a system where global poverty was turned into a weapon, where despair is monetized, and where a person’s life is valued at $2,000 per month until death. Putin built an international army not from ideological allies but from the deceived, coerced, and desperate. A Nepali who thought he’d work at a warehouse. A Cuban for whom two months of war equal five years of work at home. An African promised a shampoo factory. A Ukrainian from Crimea forced at gunpoint to shoot at his own country. Most don’t live longer than a month at the front. Russia doesn’t request their exchange because they’re not needed; there’s always a new wave. Nepal proved this can be stopped. But it requires political will, international coordination, and economic support for donor countries. While such a chasm exists between economies, while for someone $2,000 is an entry-level specialist’s monthly salary and for someone a five-year income, there will be those who exploit it. This isn’t just Russia’s war against Ukraine. It’s the first war of a new era where global inequality became a military resource, where the poorest die for the imperial ambitions of the most cynical. And if the world doesn’t stop this now, future conflicts will look the same: not clashes of armies but auctions of lives, where the winner is whoever’s willing to pay a bit more for a bit more meat for the grinder. The question isn’t whether it’s immoral; that’s obvious. The question is whether the world is finally ready to do something about it.

Power outage in Iberia forced datacenter contingency rethink Exclusive  Airbus is overhauling its datacenter contingency plans after a ten-hour power outage across Spain and Portugal in April nearly forced a complete production shutdown.…

Französische Medienberichte versetzen die GrapheneOS-Entwickler in Aufruhr. Die Infrastruktur des Projekts wird in andere Länder verlegt. (GrapheneOS, Android)

Hashtag-do-whatever-I-tell-you Cato Networks says it has discovered a new attack, dubbed "HashJack," that hides malicious prompts after the "#" in legitimate URLs, tricking AI browser assistants into executing them while dodging traditional network and server-side defenses.…

As legitimate businesses purchase AI tools from some of the largest companies in the world, cybercriminals are accessing  an increasingly sophisticated underground market for custom LLMs designed to  assist with lower-level hacking tasks. In a report published Tuesday, Palo Alto Networks’ Unit 42 looked at how underground hacking forums advertise and sell custom, jailbroken, and open-source AI hacking tools.  These programs are sold on dark web forums, advertised as either explicit hacking tools or dual-use penetration testing tools. Some offer monthly or yearly subscriptions, while others appear to be copies of commercial models trained on malware datasets and maintained by dedicated communities. The models provide foundational capabilities around certain tasks that could be helpful to both hackers and cybersecurity defenders alike, like scanning for vulnerabilities in a network, encrypting data, exfiltrating data, or writing code.  Andy Piazza, senior director of threat intelligence for Unit 42, told CyberScoop that as AI tools have improved, their dual use nature in cybersecurity has become clearer. “You know, Metasploit is a good guy framework, and it can be used by bad guys,” said Piazza. “Cobalt Strike was developed by good guys and now unfortunately bad guys have cracked it and used it as well. And now we’re seeing the same thing with AI.” The report highlights two recent examples. Starting in September, a new version of WormGPT appeared on underground forums. The jailbroken LLM first emerged in 2023 before its developers went underground amid heightened scrutiny and media reporting. This year a newer version reemerged, advertised  as a hacking tool that would offer LLM capabilities “without boundaries.” The original WormGPT claimed to be trained on malware datasets, exploit writeups, phishing templates, and other data meant to finetune its hacking assistance. The model and architecture behind the newer version (WormGPT4) remains unknown. Unit 42 researchers said this updated version “marks an evolution from simple jailbroken models to commercialized, specialized tools to help facilitate cybercrime,” offering cheap monthly and annual subscriptions. Lifetime access costs as little as $220, with an option to purchase the full source code. “WormGPT 4’s availability is driven by a clear commercial strategy, contrasting sharply with the often free, unreliable nature of simple jailbreaks,” the report noted. “The tool is highly accessible due to its easy-to-use platform and cheap subscription cost.” Another model, KawaiiGPT, is free on GitHub with a lightweight setup that took “less than five minutes” to configure on Linux. It advertises itself as “Your Sadistic Cyber Pentesting Waifu.”  While likely a copy of an open-source or older commercial AI model, it “represents an accessible, entry-level, yet functionally potent malicious LLM.” It uses a casual tone, greeting users, with comments like “Owo! Okay! Here you go….” while delivering malicious outputs. “While its code for attack functions might be less complex than the more optimized PowerShell scripts generated by WormGPT 4, KawaiiGPT instantly provides the social and technical scaffolding for an attack,” the report claimed. Like many open-source tools, KawaiiGPT also has a dedicated community of around 500 developers who update and tweak it to maintain effectiveness.  Piazza has concerns about these AI tools’ availability and their impact on the cybercriminal ecosystem, but he joked they’re less about “AI lasers dropping malware in our networks” or other overhyped threats.  The capabilities described in the report fall below those seen in recent incidents, like a hacking campaign identified by Anthropic that automated large portions of successful cyber attacks. Piazza noted real limitations with the models being sold on the underground market. For example, While LLMs may  generate malware faster, internal tests at Palo Alto Networks found that most of the code is easily detectable.  The real danger, he said, is that the report confirms what cyber professionals have warned about since LLMs first emerged: their potential to make criminal hacking easier and less technical. “It’s just that interoperability,” said Piazza.  You don’t even have to be good with the terminology. You don’t even have to use the word ‘lateral movement,’ when using these tools. You can just ask ‘How do I find other systems on the network?’ and it can drop you out a script. So that barrier to entry: lowering and lowering.” The post Underground AI models promise to be hackers ‘cyber pentesting waifu’  appeared first on CyberScoop.

The attack on the engineering firm was identified by Arctic Wolf in September before it could disrupt the engineering company’s operations or spread further. The post Russian Hackers Target US Engineering Firm Because of Work Done for Ukrainian Sister City appeared first on SecurityWeek.

Drei Bezirksverwaltungen in London haben nach Cyberangriffen die IT abgeschaltet, was behördliche Dienstleistungen einschränkt. Details gibt es noch keine.

Nicolas Guillou ist von beinahe allen digitalen Diensten dieser Welt gesperrt – von Amazon bis Paypal. Europa wirkt dagegen völlig machtlos

This research note investigates the aftermath of YouTube’s global ban on Russian state-affiliated media channels in the wake of Russia’s full-scale invasion of Ukraine in 2022. Using over 12 million YouTube comments across 40 Russian-language channels, we analyzed the effectiveness of the ban and the shifts in user activity before and after the platform’s intervention. We found that YouTube, in accordance with its promise, effectively removed user activity across the banned channels. However, the ban did not prevent users from seeking out ideologically similar content on other channels and, in turn, increased user engagement on otherwise less visible pro-Kremlin channels. By Yevgeniy Golovchenko Department of Political Science, University of Copenhagen, DenmarkKristina Aleksandrovna Pedersen Department of International Economics, Government and Business, Copenhagen Business School, DenmarkJonas Skjold Raaschou-Pedersen Copenhagen Center for Social Data Science, University of Copenhagen, DenmarkAnna Rogers Computer Science Department, IT University of Copenhagen, Denmark IMAGE BY David_Peterson ON PIXABAY Research Questions * How effective was YouTube’s global ban on Russian state-affiliated channels in reducing (commenting) activity on these channels? * To what extent did users previously active on banned channels redirect their engagement to other types of political content on YouTube? Essay Summary * We collected over 12 million comments across a range of pro- and anti-Kremlin Russian-language YouTube channels during Russia’s full-scale invasion of Ukraine. * The analysis focuses on YouTube’s global ban on several Kremlin-affiliated YouTube channels and the subsequent changes in commenting activity. * Comment activity on banned channels dropped sharply to near zero immediately after the ban, indicating that the ban was, in fact, successful in preventing exposure to these channels. * Users previously engaging with banned channels substantially increased engagement on other (non-blocked) pro-Kremlin channels in the weeks following the ban. * This suggests a potential “substitution effect” either through users actively seeking out alternative outlets in the wake of the ban or through YouTube’s algorithmic recommendations. * These findings have important implications for our understanding of information control as a means of suppressing disinformation sources. Global bans can prevent users from accessing certain content. However, we also show the challenges of such policies by empirically illustrating how the bans can redirect at least some of the online engagement toward ideologically similar alternatives. --- Implications The war between Russia and Ukraine takes place on physical battlefields as well as in the information space. This became apparent during Russia’s invasion of Ukraine in 2014 and continues to be relevant during the recent invasion on February 24, 2022. Since the beginning of the ongoing war, numerous scholars across various fields have noted that the so-called “information war” plays an important political and military role (Darczewska, 2014; Thornton, 2015). While the scholarly community, as well as the general public, has largely focused on the production and dissemination of content, an important part of the informational struggle also takes place through information control, both in Russia, Ukraine, and even the EU (European Commission, 2022; Golovchenko, 2022). This research note focuses on online user activity on YouTube, one of the world’s most popular social media platforms. YouTube, among other large social media platforms, has long been criticized for allowing hate speech and disinformation to foster without much action. These concerns intensified on the heels of Russia’s military aggression and crackdowns on independent media (Milmo, 2022). Simultaneously, YouTube also plays a valuable role in disseminating information and regime-critical opinions in autocracies like Russia (Gainous et al., 2018; Reuter & Szakonyi, 2015). YouTube’s double-edged sword nature makes it an important platform in the struggle for “truth” about the war. Pro-Kremlin disinformation about the war in Ukraine and the Kremlin’s strategic information control have also been met with great concern in the West. Russian state-controlled media, such as Sputnik and RT (formerly Russia Today), are widely recognized among researchers, fact-checkers, and the broader public as active perpetrators in the dissemination of disinformation (for an overview of the websites’ reach, see Kling et al., 2022) (BBC, 2019; Elliot, 2019; Golovchenko, 2020; Thornton, 2015). On March 2, 2022, the European Union responded by banning access to these channels to limit “the Kremlin’s disinformation and information manipulation assets” (European Commission, 2022). On March 11, YouTube took a further step by announcing a block of Russian state media as a whole across the platform, based on its policy against content that “denies, minimizes or trivializes well-documented violent events” (Reuters, 2022). This global ban is the focus of our research note. Using publicly available data from YouTube’s API, this research note assesses the effectiveness and implications of YouTube’s ban in reducing engagement with Russian state-affiliated media. We restricted our analysis to Russian-language YouTube channels, as these target not only domestic audiences but also Russian speakers abroad, including the Russian diaspora and large Russian-speaking populations in several post-Soviet states (Cheskin & Kachuyevski, 2018). Prior research has demonstrated that state-owned Russian-language media contributed to polarization during parliamentary elections in Ukraine, underscoring the scope of Russian-language political content disseminated by Kremlin-affiliated outlets (Rozenas & Pesakhin, 2018). We operationalize engagement as the number of comments for each video (for a discussion of the relation between comments and engagement, see Byun et al., 2023). Commenting serves as an important proxy for online activity because a high comment count also implies a high number of views. However, engagement through comments is also an important resource in its own right that can be used to gain even more visibility. While YouTube does not disclose the details of its algorithm, the platform has indicated that video visibility—for example, in search results—is also influenced by engagement (YouTube, n.d.). Our results suggest that YouTube’s ban against Russian state media almost eliminated online engagement with their videos. However, we also observed a sudden and discontinuous increase in commenting engagement on non-banned pro-Kremlin channels. We corroborated this further by showing that users who were active on blocked pro-Kremlin channels before the ban responded to the policy by increasing their activity on these non-blocked pro-Kremlin channels. The findings have two important implications. Firstly, we can confirm independently that YouTube did follow through with its effort to limit Russian disinformation. While there is a debate in the literature on the effectiveness of information control policies (Gläßel & Paula, 2020; Gohdes, 2020; Hobbs & Roberts, 2018; Jansen & Martin, 2015; Roberts, 2020; Shadmehr & Bernhardt, 2015), our findings partly support that such policies can limit “undesirable” information (Chen & Yang, 2019; King et al., 2013; Stockmann, 2013; Stern & Hassid, 2012). This is also in line with Santos Okholm et al. (2024), who found that the geo-blocking of the Russian RT and Sputnik within the EU’s territory added friction and reduced the sharing of these outlets on Facebook. Secondly, the findings also highlight the limits of online bans as a means of fighting disinformation. We show empirically that some of the activity may have moved to channels known for spreading disinformation about Russia’s invasion of Ukraine. The sudden increase in commenting engagement among non-blocked pro-Kremlin channels supports the notion of a “substitution effect,” a pattern where at least some of the engagement from the blocked channels shifted to non-banned parts of the pro-Kremlin media ecology on YouTube. This could be driven either by users’ direct effort to search for non-blocked alternatives that may offer similar content or indirectly by YouTube’s suggestion algorithms that introduce new pro-Kremlin content to users based on their viewing history. Substitution of banned or blocked information has previously been documented across different contexts, including in authoritarian regimes’ moderation of online communities and deplatforming studies investigating migration to alternative platforms (Buntain et al., 2023; Chandrasekharan et al., 2017; Horta Ribeiro et al., 2023; Roberts, 2018; Rogers, 2020). This research note focuses on within-platform migration and substitution of content. While it is not possible to isolate the main mechanism behind this within the scope of this study, our findings emphasize the challenges of online bans. While the initial bans can be effective, they may not be sufficient to fully curb disinformation efforts on a broader scale. It is outside of the scope of this research note to estimate the final net effect of the ban on the pro-Kremlin environment on YouTube as a whole. Theoretically, one can expect that a portion of the audience of the banned channels did not find their way to the non-banned alternatives. In this case, the online activity for pro-Kremlin YouTube content would be reduced overall. It is therefore likely that the ban succeeded in disrupting the pro-Kremlin YouTube media environment, despite the substitution effect captured in this research note. We encourage future research to empirically test whether this is the case. Additionally, further research is encouraged to investigate whether the ban prompted pro-Kremlin audiences to migrate to other platforms in search of the banned pro-Kremlin content. Furthermore, the findings are limited to engagement through non-deleted comments; it does not reveal to what extent an immediate decline in viewership followed the YouTube ban. The latter was not possible because the data was collected after the ban, and YouTube’s API only provided access to the latest view count rather than historical changes. The exact date or nature of the ban was not publicly announced by YouTube in advance, to the best of our knowledge. The advantage of commenting data is that each individual comment is time-stamped, enabling post-hoc historical studies of bans. The analysis does not geolocate the commenting activity for both pragmatic and ethical reasons. It is possible that the commenting activity on Russian state media channels declined mainly among Russian-speaking audiences outside the Russian Federation but only to a lesser degree within the country, or vice versa. Despite these limitations, our findings serve as a reminder that similar social media policies should not view state-affiliated channels in isolation but instead consider them as part of a broader ecology that promotes similar propaganda and disinformation narratives, regardless of the actual funding or formal state affiliation. Going beyond the case of Russia’s invasion of Ukraine, it is theoretically possible that bans in other contexts could redirect engagement to non-banned substitutes that are even more prone to spreading disinformation. If policymakers or social media firms choose to combat disinformation through similar bans, it is important that such measures are sufficiently broad in scope from the outset and also encompass more fringe sources, in order to minimize the risk of users substituting harmful content with even more extreme versions of the blocked sources. Perhaps more importantly, one should always consider the additional risk of harmful substitution when making the decision. Perhaps more importantly, one should always consider the additional risk of harmful substitution when making such decisions. This requires not only empirical analysis but also, ideally, data access for independent analysts who can critically examine both the intended and unintended consequences of these interventions. Additionally, this study is agnostic on the appropriateness of removing social media content based on accuracy assessments; rather, we are interested in focusing on the effects of doing so. Findings Finding 1: YouTube’s ban on Russian state-affiliated media successfully reduced activity on the blocked channels. First, we examined the effects of YouTube’s ban on Russian state-affiliated media. Figure 1 shows the change in the daily number of comments on the videos from the respective channels. We demonstrated activity among regime-critical outlets, as well as the relatively apolitical Russian-speaking entertainment channels, as a baseline. There was a sharp and strong decline in comment engagement for Russian state-affiliated media (bottom left) on the day after YouTube announced its global ban policy. This includes a decline in major, mainstream Kremlin-affiliated media outlets like Rossiya 24 and relatively popular yet more niche outlets like the ultra-conservative Tsargrad and Zvezda, run by the Russian Ministry of Defense (see Appendix B for the complete list of channels). In contrast, we observe no sharp and discontinuous drop in other channels. The latter supports the interpretation that the drastic decline was likely the result of YouTube’s targeted ban rather than a broader decline in the Russian-speaking YouTube environment. Figure 1. Change in the number of comments for banned pro-Kremlin media and entertainment channels. February 24 and March 4, 2022, are marked with grey and red lines, respectively. Looking at the trends in commenting activity within the 40 days prior to the ban, Figure 1 shows a notable increase at the onset of the full-scale invasion, peaking at 250,000 daily comments. This is followed by a slight drop in commenting activity coinciding with the implementation of heightened censorship measures, before comments level out.1 Comparing the commenting activity among blocked channels in the 10 days preceding the ban and the first 10 days after the ban (March 12–22), the daily number of comments drops from 12,517 to 23. While commenting activity drops down to 0.18% for the blocked pro-Kremlin channels, it does not disappear completely. A few comments were made on the blocked channels during the period after the ban. Appendix C shows an overview of the post-ban activity of the blocked channels. A deeper investigation of why this activity continued is outside the scope of this Research Note. However, it is an important factor to keep in mind, as this could indicate that the ban was not fully implemented everywhere (at least not at once). Nevertheless, the findings indicate that engagement among the banned pro-Kremlin channels was severely reduced following the ban. These findings confirm that YouTube successfully limited the online activity tied to the Russian state-affiliated channels in the sample. Arguably, these are also the most influential Kremlin-affiliated channels. Therefore, while we cannot comment on the effectiveness of the ban on channels outside of this sample, we can reaffirm that the ban did halt the activity on some of the largest spreaders of state-sponsored pro-Kremlin content. Finding 2: YouTube’s global ban was potentially accompanied by a “substitution effect” where some commenting engagement from the blocked pro-Kremlin channels moved to other non-blocked pro-Kremlin channels. Our findings suggest that YouTube’s ban on the major pro-Kremlin channels likely increased commenting engagement for other pro-Kremlin channels. As shown in Figure 1, the increase is sudden and sharp around the cut-off date (March 12). The daily engagement with the channels almost doubles after the ban compared to before: Increasing from 1,199 during the period before the invasion (Jan 31–Feb 10) to 2,513 during the first ten days after the ban. In contrast, although we observe a slight increase in commenting activity among regime-critical channels, there is little indication that this is caused by the ban. Unlike the jump for the non-banned pro-Kremlin channels, the change appears to occur days before the ban. The sudden increase among non-blocked pro-Kremlin outlets suggests that some users commonly engaging with Kremlin-associated channels have migrated to non-blocked pro-Kremlin alternatives. As mentioned earlier, this pattern aligns with a “substitution effect,” where users either directly search for replacement channels that still disseminate pro-Kremlin disinformation or are indirectly nudged to these sources by social media algorithms. To further corroborate this pattern, we examine the activity of users who have posted at least one comment on the blocked Pro-Kremlin channels before the ban within the examined period. As shown in Figure 2, the number of comments by these users more than doubled on non-blocked pro-Kremlin channels. While they also become slightly more active on regime-critical channels, there is a much larger influx of comments on pro-Kremlin channels where daily comment engagement nearly doubles and appears to be driven by users migrating from the blocked channels. It is worth noting, however, that the commenting activity on both non-blocked pro-Kremlin channels and regime-critical anti-Kremlin channels declines approximately 2–3 weeks after the ban. The drop is likely driven by a reduction in video uploads in the data set (see Figure D3 in the Appendix). Figure 2. Substitution activity among pre-block followers of pro-Kremlin channels, weekly aggregation. Methods Data The data consists of 12,315,588 YouTube comments tied to 13,950 videos from 40 channels in the 40 days preceding and following March 12, 2022, the day YouTube fully implemented its ban on Russian state media globally. YouTube announced the ban on March 11. Although we do not know precisely when YouTube intended to enforce the ban, we treated the following day (March 12) as the day of implementation for pragmatic reasons. We restricted the sample to Russian-language channels; accordingly, we operated on the assumption that those engaging with the channel content were also predominantly Russian speakers. The data was collected in late spring 2022 (after the ban was put in place) using the following procedures. First, we identified 10 pro-Kremlin media outlets banned by YouTube,2 10 non-banned pro-Kremlin channels, and 10 regime-critical channels. The selection followed systematic inclusion criteria (subscriber counts above 100,000, Russian-language audience content, and established reputations for pro-Kremlin or regime-critical content; see Appendix A for details). We additionally included the 10 most popular entertainment channels in Russia, based on whatstat.ru and br-analytics.ru, as a non-political baseline. It should also be noted that at the time of data collection, the content of the banned channels was no longer accessible through YouTube’s front end. However, their channel front pages (i.e., youtube.com/@username) and associated metadata were still retrievable via the YouTube Data API. We identified the relevant channel user IDs through manual searches and, in turn, collected video and comment metadata from the blocked channels. This information was available during our data collection period but has since become inaccessible through the API. In the second step, we used the YouTube API to collect historic metadata from all channels, which included the video IDs and posting time of all videos uploaded by the 40 channels between January 24 and April 24. We then used the video metadata to collect all the public comment data on these videos, including the comment text, author IDs, and comment timestamps.3 The data collection took place from April 6 to May 25, 2022, and the full list of channels is available in Appendix B. The data only includes comments that had not been deleted at the time of data collection. It should be noted that YouTube’s own moderation mechanisms may already have removed some comments prior to collection, which could affect the completeness of the dataset. This does present a considerable limitation to our analysis, as the drop in comments observed in the initial days following the ban could have been driven by this. While this impacts our interpretation of the ban’s timing and immediate effectiveness, it was unlikely to impact the findings related to channel migration by commentators. Investigating change in time Our analysis of commenting activity is descriptive. For our investigation of the effectiveness of YouTube’s own ban, we focused on the comprehensive global ban implemented after March 11. The exact time of the ban, however, was unknown to the public. The sudden decrease to near-zero in activity on banned pro-Kremlin channels right after the exogenous ban does warrant a causal interpretation. However, we do not attempt to estimate or claim any causal effects regarding the potential “substitution” or movement to non-banned channels. In this setting, we visualize the commenting activity using a disrupted time series setup, allowing for different slopes before and after the implementation of the ban. To get a comprehensive overview of the development in commenting activity across channel types, the number of comments is grouped by the day each comment was posted and channel type—i.e., regime-critical, pro-Kremlin (banned and non-banned), and entertainment. The post Information control on YouTube during Russia’s invasion of Ukraine first appeared on HKS Misinformation Review.1    A further deep dive into the potential implication of the censorship laws implemented during this time is outside the scope of this paper but is addressed in a separate working paper being finalized by the authors of this research note.2    There is one exception in our data: The channel Tsargrad (царьград-тв) was blocked in July of 2020 for breaking YouTube guidelines, meaning that the block of this channel had no connection to the invasion in 2022.3    The analysis of comment content is outside the scope of this research note; however, the authors address this in a separate working paper.

Accuracy errors or inadvertent unmasking of rage-bait trolls? Probably somewhere in between Elon Musk's X (formerly Twitter) has inadvertently taught a large number of web users an important lesson. Not everyone online is necessarily who you think they are, and you shouldn't believe everything you read.…

Poetry proves potent jailbreak tool for today's top models Are you a wizard with words? Do you like money without caring how you get it? You could be in luck now that a new role in cybercrime appears to have opened up – poetic LLM jailbreaking.…

American cybersecurity firm CrowdStrike has confirmed that an insider shared screenshots taken on internal systems with hackers after they were leaked on Telegram by the Scattered Lapsus$ Hunters threat actors. [...]

Now that a potential peace plan has been aired out, what are the possible outcomes? Political scientist Andreas Umland offers insight in an interview with German daily Der Tagesspiegel.

Moscow-based Positive Technologies says a China-linked group tracked as APT31 appears to be responsible for breaches of entities in Russia's tech sector.

Hardly a day goes by without new headlines about how AI is poised to transform the economy. Even if claims that ‘AI is the new electricity’ prove to be exaggerated, we should still prepare for deep change. One of the most powerful and reliable mechanisms for ensuring that AI benefits society is also one of the most familiar: taxation. What would an AI tax look like in practice? The most practical approach would be to target the key inputs and most tangible metrics of AI development: energy, chips, or compute time. The United States already imposes a 15 per cent fee on sales of specific AI chips to China, and though this is technically an export control, it shows how an AI input tax could work. Alternatively, others have suggested changing how we tax capital to account for AI-driven economic shifts. This would be an AI tax in spirit, but broader in form. The structure of any AI tax would depend on what governments want to achieve. But one thing is clear: the current debate is far more grounded and urgent than it was when Bill Gates raised the idea of a ‘robot tax’ in 2017, echoed later by Bernie Sanders and others. The case for taxing AI Of course, some might ask why we should tax AI at all. The answer reflects two fundamentals about tax systems and how AI is changing the economy. First, many countries now tax human workers more heavily than their potential AI competitors in the labour market. In the case of the US, roughly 85 per cent of federal revenue comes from taxing people and their work (through income and payroll taxes), while capital and corporate profits are taxed far less. Technologies like AI benefit from favourable treatment in the form of generous write-offs, low corporate rates, and carve-outs. Second, economists expect AI to increase the financial returns to capital relative to labour, even if it doesn’t cause unemployment. The most extreme version of this would entail AI agents that can design, replicate, and manage themselves, meaning that capital would be performing its own labour. Under current tax policies, such a shift would widen inequality and shrink government revenue as a share of GDP. An AI tax could help level the field between humans and machines. Earlier this year, Anthropic CEO Dario Amodei warned that AI might eliminate half of all entry-level white-collar jobs and push unemployment to 10-20 per cent within five years. Whether such forecasts are borne out may depend partly on policy. Taxing labour more heavily than capital tilts the scales toward automation that replaces, rather than augments, human workers. At the very least, we shouldn’t let our tax system help put people out of work. Policymakers do not want to curb innovation or lose ground in the global AI race. But that reluctance may fade as public awareness matures. Moreover, at a time when the fiscal outlook is darkening, an AI tax could protect public revenues from technology-induced shocks. If mass job losses or hiring slowdowns do occur, governments that rely on income and payroll taxes could face fiscal crises even if new AI-ready jobs emerge later. More optimistically, the right tax policies – combined with an AI-driven productivity boom – could help fix structural fiscal problems. Rich countries are already struggling to fund health care and pensions for aging populations, while poorer countries face an inverse challenge: educating and employing large young populations despite thin tax bases. AI-generated revenue could be part of the solution for both. Alternatively, revenue could be directed to AI-related causes. Hypothecated taxes, which send revenue back to the sector they come from, like the US gasoline tax that funds highways or the United Kingdom’s television fee that supports the BBC, underscore that the goal is to enhance the public benefits of the taxed technology. An AI tax could do the same: funding grid upgrades, education technology, worker training, open-source AI models, AI-safety research, or mental-health protections. An AI tax could also bolster unemployment insurance and retraining for displaced workers, or even advance broader AI policy goals. For example, it could discourage excess energy use, greenhouse-gas emissions, ‘AI slop,’ or anticompetitive behaviour, or encourage new energy production and safer models. Policy needs to keep pace with technology and anticipate change. Taxing AI may sound politically far-fetched. Policymakers do not want to curb innovation or lose ground in the global AI race. But that reluctance may fade as public awareness matures. If ‘winning’ in AI means having healthier people, happier kids, a more capable workforce, and stronger science – not just bigger models or richer companies – an AI tax could help deliver victory. Nor is such a tax likely to stifle innovation. AI is not a fragile startup industry. It is a 70-year-old technology that is now backed by the world’s largest corporations, with corporate investment exceeding $250 billion in 2024 alone. An AI tax could be structured to ensure that it does not impede national security, market competition, or research. In any case, crises can change minds fast. If AI is blamed for mass unemployment or fiscal shocks, elected officials and policymakers across the political spectrum will want to act. Better to prepare good options now than improvise later. As OpenAI CEO Sam Altman wrote in 2021, ‘The world will change so rapidly and drastically that an equally drastic change in policy will be needed to distribute this wealth and enable more people to pursue the life they want.’ Altman was speculating about the development of even more advanced artificial general intelligence, but his point already applies: Policy needs to keep pace with technology and anticipate change. One way or another, AI will reshape our economies and societies. But the results are not predetermined. Whether we get a future where people and communities can thrive will come down to the policies we choose. Taxing AI is not about punishing innovation. It’s about ensuring that the rewards are shared and the risks managed in the public interest. The sooner we start that work, the better prepared we will be able to use AI to create the future we want. © Project Syndicate

The Government of Kenya cyberattack on Monday morning left several ministry websites defaced with racist and white supremacist messages, disrupting access for hours and prompting an urgent response from national cybersecurity teams. The cyberattack on Government of Kenya targeted multiple high-profile platforms, raising new concerns about the security of public-sector digital infrastructure. According to officials, the Government of Kenya cyberattack affected websites belonging to the ministries of Interior, Health, Education, Energy, Labour, and Water. Users attempting to access the pages were met with extremist messages including “We will rise again,” “White power worldwide,” and “14:88 Heil Hitler.” Government of Kenya Cyberattack Under Investigation The Interior Ministry confirmed the Government of Kenya cyberattack, stating that a group identifying itself as “PCP@Kenya” is suspected to be behind the intrusion. Several government websites were rendered temporarily inaccessible while national teams worked to secure affected systems. “Preliminary investigations indicate that the attack is suspected to have been carried out by a group identifying itself as 'PCP@Kenya',” the ministry said. “Following the incident, we immediately activated our incident response and recovery procedures, working closely with relevant stakeholders to mitigate the impact and restore access to the affected platforms.” [caption id="attachment_106846" align="aligncenter" width="533"] Source: X[/caption] Officials confirmed that the situation has since been contained, with systems placed under continuous monitoring to prevent further disruption. Citizens have been encouraged to reach out to the National KE-CIRT if they have information relevant to the breach. Regional Cyber Issues Reported Within 24 Hours The Kenyan incident took place just a day after Somalia reported a cyberattack on its Immigration and Citizenship Agency. Somali officials said they detected a breach involving data from individuals who had entered the country using its e-Visa system. Early findings suggest that leaked data may include names, dates of birth, photos, marital status, email addresses, and home addresses. Authorities are now assessing how many people were affected and how attackers gained access to the system. The U.S. Embassy in Somalia referenced claims from November 11, when hackers alleged they had infiltrated the e-visa system and accessed information belonging to at least 35,000 applicants — potentially including U.S. citizens. “While Embassy Mogadishu is unable to confirm whether an individual’s data is part of the breach, individuals who have applied for a Somali e-visa may be affected,” the embassy said. [caption id="attachment_106848" align="aligncenter" width="377"] Source: X[/caption] No Claim of Responsibility So Far As of Monday afternoon, no threat group has formally claimed responsibility for either the Kenya or Somalia cyber incidents. Investigators are assessing whether the timing suggests any form of coordination or shared exploitation methods. For now, authorities emphasize that sensitive financial information, core government systems, and essential services in Kenya were not impacted. The cyberattack on Government of Kenya appears to have been limited to public-facing platforms.

Suspected espionage-driven threat actors from Iran have been observed deploying backdoors like TWOSTROKE and DEEPROOT as part of continued attacks aimed at aerospace, aviation, and defense industries in the Middle East. The activity has been attributed by Google-owned Mandiant to a threat cluster tracked as UNC1549 (aka GalaxyGato, Nimbus Manticore, or Subtle Snail), which was first documented

Top Kremlin aide scoffs that the European counterproposal “constructively doesn’t fit us at all.”