Iran is beyond broke, more Trump assassination repercussions, FBI finally raids some fraudsters, racial carve-out congressional districts are unconstitutional, Russia loses more ships and planes, Cornyn amnesty pander unearthed, an oil theft ring busted, DEI earns some college pink slips, and a brand spanking new Microsoft Zero Day exploit.
The Wall Street Journal offers a deep dive into the state of Iran’s wartime economy. And it turns out that the mullahs are, effectively, broke:
Government revenue has dried up just as the needs of its population are rising.
The war has thrown around one million people out of work directly and another million indirectly, according to early estimates cited by Gholamhossein Mohammadi, an official at Iran’s Labor and Social-Affairs ministry. That is a significant portion of the roughly 25 million people who are normally employed in Iran.
The cost of living has soared, with the annual inflation rate reaching 67 percent in the month through mid-April from the same period a year earlier, according to Iran’s central bank. The subsidized price of red meat, which was mostly imported through sea routes, has gone up to the equivalent of around $3.60 a pound, beyond the reach of most in a country where the minimum wage is around $130 a month.
“Living is not affordable anymore,” said Mahdi Ghodsi of the Vienna Institute for International Economic Studies. “Iran is at its weakest point.”
Businesses across the country — from manufacturers to retailers — are closing, residents said. The lack of steel and other raw materials is hampering production in various industries. Electronic goods, which are mostly imported, are in short supply and expensive.
A 67 percent inflation rate? The worst we’ve experienced in recent memory was 9.1 percent in June 2022.
Snip.
“Iran’s rial weakened on Wednesday, with the dollar trading at around 1.8 million rials, according to market trackers. The rate reflects continued pressure on the local currency amid economic strains.” Back at the start of January, this newsletter informed you, “When Ruhollah Khomeini swept to power in 1979, one US dollar traded for 70 rials. Today, that same dollar commands a staggering 1,130,000 rials, more than 16,000-fold its price in 1979. In the last year alone, the rial has lost 50 percent of its value.” The Iran rial was the weakest currency in the world . . . back when one dollar could buy you 1.3 million rials.
Plus the specter of hunger riots.
Our ridiculous media referred to the attempted Trump assassination as a “security incident” or “loud noise.”
The security establishment has promised and made better security arrangements after the two prior attempts on Trump’s life in 2024 in Butler, Pa., and West Palm Beach, Fla., the assassination of Charlie Kirk at an open-air Utah college campus in 2025, or the wounding of congressman practicing baseball at a suburban Washington field all the way back 2017.
Those events – along with the BLM riots in summer 2020, the Antifa attacks on immigration agents, the execution of the United Health Care CEO and the attempted assassination of Justice Brett Kavanaugh near his personal home – have something more in common than just the exploitation of current security postures.
They all, according to publicly released evidence, involved perpetrators influenced by a vast left-wing machinery that bombards social media, community protests and even establishment television with an unrelenting message of hatred and intolerance that can dehumanize the targets of violence and motivate armed actors to action, experts said.
That machinery ranges from nonprofits like the Southern Poverty Law Center, which actually paid racist actors in the name of fighting extremism, to the organizers of the No Kings protests who unleashed hundreds of thousands of old and young protesters onto the streets on the false notion that America has somehow become a monarchy under Trump.
In between, elitists and teachers have infused the nation with claims that America’s history is racist and unrighteous and that young Americans are predestined to fates determined as oppressors or the oppressed based on their skin color. And well-funded nonprofits consorting with America’s enemies in China and Cuba are openly fomenting a color revolution in hopes of securing a Marxist future on U.S. soil.
Allen appears to have been influenced by some of that ideology, as well as Democrats’ incessant but unfounded claims that Trump was involved in the late Jeffrey Epstein’s sex trafficking.
The manifesto police said Allen wrote suggested he was “no longer willing to permit a pedophile, rapist, and traitor to coat my hands with his crimes,” and that he subscribed to the Marxist paradigm of critical race theory that divides people into oppressors and the oppressed.
Who funded American Nazis and the KKK? You did, through USAID.
The NGO funding machine is getting harder to ignore.
USAID funneled $27 million through the Tides Center, with some of it going directly into the Southern Poverty Law Center.
Finally: “FBI and DHS Raid Dozens of Minnesota Fraudsters, Including ‘Quality Learing Center.'”
Federal officers are conducting raids of suspected fraudsters in Minneapolis on Tuesday, including the most infamous Somali-linked false front, the “Quality Learing Center.”
The FBI and the Department of Homeland Security’s Homeland Security Investigations (HSI) are targeting more than 20 locations in their latest operation against the massive Minnesota fraud network, according to Fox News correspondent Bill Melugin, who said that he spoke with the Department of Justice (DOJ), the FBI’s parent agency. The size and scope of the Minnesota fraud scandal, which is heavily linked to the Somali community there, but also implicates multiple Democrat politicians, including Gov. Tim Walz, Attorney General Keith Ellison, and Rep. Ilhan Omar, continues to astound patriotic Americans.
Melugin posted on X April 28, “Sources tell FOX the locations are largely Somali linked businesses, including the infamous ‘Quality Learning Center’. I’m told these are court approved search warrants being served and they are tied to fraud, not immigration enforcement. Fox is told 22 search warrants were executed in Minnesota this morning.”
He also shared a statement from a DOJ spokesperson: “Today the FBI with federal, state and local law enforcement is involved in court-authorized law enforcement activity as part of an ongoing fraud investigation.”
While investigating apparent false fronts for taxpayer-funded daycares in Minnesota, journalist Nick Shirley found one that had even misspelled “learning” in its own name on its sign, calling the place a “Quality Learing Center.” Tikki Brown, the commissioner of Minnesota’s Department of Children, Youth, and Families, then asserted that the childcare facility in question closed down the previous week, explaining why Shirley didn’t see any children there. But on Dec. 29, the same location was “packed with kids.” Apparently, some fraudster panicked and summoned children to provide a veneer of legitimacy. It’s The Truman Show in real life.
A new pair of reports is shedding fresh light on how teachers unions across the country have quietly poured more than $1 billion into political causes over the past decade, with a top education watchdog warning the spending reflects a growing focus on activism rather than classroom priorities.
According to research from Defending Education, national teachers unions alone have directed roughly $669 million toward left-wing political groups, advocacy organizations and campaigns since 2015. When state and local affiliates are included, that figure balloons to more than $1 billion in total political spending.
The reports track spending from the two largest unions, the National Education Association (NEA) and the American Federation of Teachers (AFT), as well as their state-level affiliates, using federal filings and campaign finance records.
The Supreme Court just handed down one of the most consequential redistricting decisions in a generation — and Democrats are not going to like it one bit.
In a 6-3 ruling in Louisiana v. Callais, the majority held that Louisiana’s congressional map — redrawn to include a second majority-black district — constitutes an unconstitutional racial gerrymander under the Fifteenth Amendment. The Court stopped short of striking down Section 2 of the Voting Rights Act entirely, but it dramatically narrowed the ways in which states may use race when drawing congressional maps.
For Republicans eyeing the House in 2026, this is the kind of ruling that changes the math.
I’m sure I don’t have to tell you which justices dissented.
The ruling’s immediate implications are huge. As we’ve previously reported, Republicans could potentially pick up anywhere from 12 to 19 new House seats across the South, as states seize the opportunity to redraw maps that were previously constrained by Section 2 requirements.
Democrats in South face wipeout if Supreme Court guts Voting Rights Act — NYT pic.twitter.com/goHof93AS3
The Southern Poverty Law Center (SPLC) has been funded by big name businesses and philanthropists including George Soros, JPMorgan, ex-Apple CEO Tim Cook and George Clooney.
The group — indicted Tuesday for allegedly funneling millions to the hate groups it says it is ideologically against — also holds over $786 million in assets, yet still solicits donations.
In fact, it took in $106 million in donated cash 2024, according to its latest available financial disclosures, yet still ran “urgent” appeals for “emergency” cash.
Over the years, donations have been made by big name donors, many of whom pledged to the organization after clashes at a 2017 by “Unite the Right” white supremacist rally in Virginia, which resulted in the death of one protester.
“Ukraine Hits Shadow Fleet Tanker Marquise with Marine Drones.” “The vessel was hit about 210 kilometers southeast of Tuapse, Russia” in the Black Sea.”
“After Al-Qaeda in Mali (JNIM) [Jama’at Nasr al-Islam wal Muslimin] & FLA [Azawad Liberation Front] took the city yesterday, the Russian Africa Corps & Malian soldiers fled to a military base outside town where they got surrounded…The Russians negotiated an exit from the [base] and fled. But the agreement didn’t include the Marian soldiers who were left behind. So, Russia once again abandoning its supposed allies as soon as the going gets tough.” Mali rebels also shot down a Russian helicopter.
Speaking of Mali: “Defense minister killed in united al-Qaeda and ISIS jihad attack, country on verge of collapse.”
Mali was on the brink of collapse last year as al-Qaeda affiliate Jama’at Nusrat al-Islam wal-Muslimin (JNIM) unleashed attacks on the country. Then came a report that Jihad Watch covered yesterday about renewed attacks that injured 16 people, as efforts to create an Islamic state in Mali escalated. The new siege rapidly spiraled into much worse, with JNIM, ISIS and Northern rebels coordinating attacks. Mali’s defense minister was killed.
I’m guessing the ISIS here is the Islamic State in the Greater Sahara.
Mali’s military government, which Gen. Assimi Goïta leads, broke ties with France in 2021-2022 and hired the Russian Wagner Group (known as the Africa Corps) to fight the rebels.
Technically, Wagner Group and Africa Corps are different Russian mercenary groups, though I’m sure a lot of soldiers for the former ended up in the latter.
The siege also served as “a major blow to Russia as the mercenaries had no intelligence about the attacks and were unable to protect major cities.”
Mali now faces an existential threat, which Kurdistan24 News characterized as “a profound failure for Mali’s Russian-backed military junta, signalling severe regional instability.”
Governments in the Sahel have never been the most stable, but the Russian-backed coups there have made things measurably worse.
A resurfaced 2020 campaign ad shows U.S. Sen. John Cornyn promoting his support for the “legalization of Dreamers”—a message that has since been removed from his YouTube channel.
In the Spanish-language ad, a narrator proclaims that, while Cornyn supports secure borders, he “firmly supports legalization of Dreamers.”
The video, which was previously available on his official YouTube channel, was quickly removed after circulation on social media.
Created by executive action under President Barack Obama in 2012, the Deferred Action for Childhood Arrivals (DACA) program allows certain individuals brought to the United States illegally as children, known as “Dreamers,” to remain in the country and shields them from deportation.
The program was challenged by President Donald Trump and Attorney General Ken Paxton, who argued it was unconstitutional. The U.S. Supreme Court ultimately blocked the Trump administration’s attempt to end the program in a 5–4 ruling.
The messaging aligns with comments Cornyn made on the Senate floor in 2020 regarding recipients of the Deferred Action for Childhood Arrivals program following that Supreme Court ruling.
“DACA recipients must have a permanent legislative solution. They deserve nothing less,” Cornyn said at the time. “We need to take action and pass legislation that will unequivocally allow these young men and women to stay in the only home, in the only country, they’ve known.”
Cornyn also described the uncertainty surrounding their status as “terrifying” and said many recipients have built careers and families in the United States.
“These young people deserve better,” he added.
The senator further noted he had been working with advocacy groups and stakeholders—including the Texas Hispanic Chambers of Commerce, LULAC, and Catholic bishops—to find a long-term solution.
Cornyn has long been known as a squish on amnesty, but no Republican should be seeking the approval of the hard-left LULAC.
David Morens, 78, worked under Fauci while he served as director of the National Institute of Allergy and Infectious Diseases. The DOJ charged Morens with conspiracy against the United States; destruction, alteration, or falsification of records in federal investigations; concealment, removal, or mutilation of records; and aiding and abetting. The case is being prosecuted by the U.S. Attorney’s Office for the District of Maryland.
Morens, along with two unnamed co-conspirators, “concealed, removed, destroyed and caused the concealment, and removal of federal records to evade FOIA [Freedom of Information Act] and FRA [Federal Records Act],” according to the indictment.
During his time at NIH, which ran from 2006 to 2022, Morens used his personal email account to conduct government business, specifically discussing the origins of Covid-19 with Manhattan-based nonprofit EcoHealth Alliance president Peter Daszak. Morens deleted said emails after sending them.
He also spoke with NIH’s FOIA liaison, asking for tips on how to evade FOIA requests.
Sure acts like he’s guilty, doesn’t he?
“Despite state law, we’re secretly keeping DEI.” College: “All right, then, enjoy this pink slip.”
Fourteen defendants from Texas and New Mexico were federally indicted for large-scale oil theft in the Permian Basin.
The United States Attorney’s Office for the Northern District of Texas announced on April 22 that the 14 conspirators were indicted for the alleged transport and theft of crude oil across the Texas-New Mexico border.
The criminal activity allegedly took place in the Permian Basin, which is responsible for nearly 40 percent of all oil production in the U.S.
Snip.
The Texas defendants are Randell Wayne Reid, age 41, of Electra; his father, James Darrell Reid, 65, also of Electra; and Christopher Frederick Harris, 22, of Seminole. Randell Reid and James Reid are both owners of Reidco Enterprises, a Texas-based company.
The defendants allegedly conspired to steal crude oil from the Permian Basin, “some of which was then stored on land that one of the conspirators leased from the United States government,” according to the U.S. Attorney’s Office. Stolen crude oil was then sold to the other conspirators well below the market value set by West Texas Intermediate (WTI) pricing. WTI is used as a benchmark to set crude oil prices in the region.
The indictment of Randell and James Reid restates these claims, adding that the men conspired to trade oil across the state borders.
Spirit Airlines to cease operations tomorrow, thanks in part to Elizabeth Warren blocking a merger with JetBlue.
The zero-day flaw combines a time-of-check to time-of-use (TOCTOU) race condition and path confusion in Windows Defender’s signature update system, according to an advisory from the Retail & Hospitality-Information Sharing and Analysis Center (RH-ISAC). If exploited successfully, a local user can access the Security Account Manager (SAM) database, obtain password hashes, and eventually gain administrator rights using the pass-the-hash technique, which would give the attacker full system control.
Local user rather than remote, so that mitigates the potential attacker pool. (Hat tip: Borepatch.)
Louis Rossmann, call your office. “Conroe residents say city is stonewalling their requests for information on Flock Safety cameras.”
People in Conroe are asking city officials for answers about how Flock cameras are being used and where the collected information ends up.
Residents say they feel like they are not getting straight answers.
Residents are working to learn how these cameras operate and, on Thursday, spoke to ABC13 about their demands for city officials to be more transparent, as they feel their questions are being ignored.
“Everybody in the community wants to feel safe. Everyone agrees this could help with kidnappings and hit-and-runs. To me, I just haven’t seen the data that proves that,” said concerned citizen, James Fletes.
Officials have said in the past that Flock cameras read license plates and alert police if the plates are linked to any crimes.
This technology has been used in the greater Houston area for years. In Conroe, some people say they are worried about the number of cameras and the lack of information about them.
Fletes says this concern led him to file a public records request with the city of Conroe. He asked questions such as how many cameras there are, how they work, where the data goes, and who can access it.
He says the city told him it would cost $1,200 to release the information, so he and others in the community joined forces to cover the cost.
“This is no longer just my request. It’s the people of Conroe’s request. They funded it, and we’re tired of being stonewalled,” said Fletes.
The original request was sent in March. Now, it’s almost May, and he says no information has been released yet.
“They were quick to take the money and very slow to provide the documents,” said Fletes.
There seems to be a whole lot suspicious about the ways cities have surreptitiously rolled out AI-enabled cameras and hoped people wouldn’t notice. (Hat tip: TPPF.)
When last we checked, Microsoft CEO Satya Nadella was busy trying to shove Copilot, their AI tool, into every crevice of every Microsoft product. Finally, enough users seem to have complained loudly enough to get them to rethink the strategy.
Microsoft is vowing to focus on quality with future Windows 11 releases, which includes better performance and reeling in the company’s Copilot footprint over the OS.
“Quality” and “performance” go together with Windows like vanilla ice cream and used motor oil.
On Friday, Microsoft President for Windows and Devices, Pavan Davuluri, announced the “commitment to quality” in both a blog post and an email to users.
The plan calls for bolstering the “performance, reliability and well-crafted experiences” over the OS for this year.
That sort of suggests that “performance, reliability and well-crafted experiences” were not priorities for Windows in previous years, doesn’t it?
“These areas have meaningful impact on how you experience Windows: how fast it starts and responds, how stable it is under real workloads, and how consistent and thoughtful the experience feels,” Davuluri wrote.
PC users will be happy to know that one goal is reducing Windows 11’s resource usage to free up more capacity.
This would be great news if anyone trusted them to do that. Countless times in the past, Microsoft has pledged to reduce resource usage in Windows, but the bloat always returns.
Another priority is “less noise, less distraction and more control across the OS.”
Surprisingly, the blog post makes little mention of AI. Instead, Davuluri merely says the company wants “to be thoughtful about how and where we bring AI into Windows.”
“You will see us be more intentional about how and where Copilot integrates across Windows, focusing on experiences that are genuinely useful and well‑crafted. As part of this, we are reducing unnecessary Copilot entry points, starting with apps like Snipping Tool, Photos, Widgets and Notepad,” he said. Users can expect the change to roll out this month and in the next for Windows 11 preview releases.
Finally, the backslash against MicroSlop has gotten so loud that it’s even penetrated Redmond’s C-Ring. This is indeed progress, given that earlier this month Microsoft was literally banning users from its Discord for using the term. So give them credit for at least realizing that they have a problem.
Davuluri made the announcement months after he faced backlash for tweeting that “Windows is evolving into an agentic OS,” which caused some users to retort the company was obsessing about AI over basic Windows 11 performance. A January Windows 11 release that prevented PCs from booting up or going to sleep sparked more complaints about the OS’s stability.
There’s that vaunted Microsoft quality again.
Last month, Davuluri indicated he was taking the criticism seriously. Microsoft is also facing increased competition from Apple, which released its most affordable MacBook so far, the Neo, which has been a hit among consumers and reviewers.
Yeah, let’s talk about the state of Windows-based PCs and the competition. This was supposed to be a big year for PCs, but then reality hit.
There was supposed to be a massive tailwind for the PC market this year. Windows 10 reached end-of-life in late 2025, meaning that somewhere around 1 billion PCs worldwide stopped receiving security updates. This is less of an issue in the consumer PC market, but it’s a big deal in the business PC market.
PC OEMs like HP were set up for success in 2026, but the AI boom has complicated the situation. Enormous demand for DRAM and NAND chips from the AI infrastructure build-out, coupled with memory chip manufacturers shifting production to server products, has left the PC market with scraps. Memory chip prices have surged, pushing up the bill of materials and forcing price increases.
Gartner expects PC prices to surge by 17% this year, prompting consumers and businesses to hold onto their current PCs for longer. Budget PCs as a category could essentially disappear, leaving a large swath of consumers in a bind. Gartner expects PC shipments to tumble by 10.4% in 2026.
In one of life’s little ironies, the same AI bubble that Microsoft was trying to shove down user’s throats is what’s making buying a new PC less affordable and crushing sales. But it’s not stopping Apple.
HP is an obvious loser in this scenario, but there’s a surprising winner as well: Apple….
Apple is also exposed to rising memory chip prices across its entire device business. However, the company is seizing an opportunity to bring Windows PC users into its ecosystem.
Apple announced the MacBook Neo last week. The 13-inch entry-level MacBook starts at $599, a price that PC OEMs like HP will have trouble hitting as memory prices spiral higher. The Neo is powered by the A18 Pro chip, the same SoC used in the iPhone 16 Pro family. Higher-end MacBooks use Apple’s M-series chips, but the underlying technology is essentially the same.
Apple has equipped the Neo with 8GB of unified RAM, shared between the CPU and GPU, as well as a 256GB solid-state drive. These are really the bare minimums for a usable PC, but it’s enough for a solid entry-level experience. Early reviews have been positive, although full third-party reviews haven’t yet arrived ahead of launch.
Apple is playing the long game here. If there was ever a time to launch a budget MacBook, it’s right now. With memory prices driving up the cost of Windows PCs, a $599 MacBook should be appealing to budget-conscious consumers. Apple also offers the Neo to the education market for a discounted price of $499.
If Apple can grow its Mac install base and steal away market share from Windows-based PCs, the company will be setting up its Mac business for stronger growth down the road. Once the memory situation normalizes and the macroeconomic environment improves, Apple will have a larger base of Mac users eager to upgrade when the time comes.
This is probably correct. $599 is getting down around the price range for what used to be called netbooks, though that market segment seems to have largely died, at least among Windows users. (There still seems to be a market there for Linux users.)
Remember: Apple is the company that saw other companies dumping dump-trucks full of cash into AI build-outs and went “Nah, bro, I’m good.”
Google will spend approximately $90 billion on AI infrastructure this year. Meta has committed $65 billion. Microsoft, Amazon, and Alphabet are collectively spending over $300 billion. Apple, meanwhile, is spending just $12.7 billion on capital expenditure for the entire fiscal year.
As a hardware manufacturer, Apple can just wait for the AI wars to shake out and partner with the winner (if any).
And here’s a mildly amusing video on the whole situation.
I’m pretty sure Microsoft users wouldn’t object to Copilot if it was something optional you could turn off, and if the granularity of control allowed users to keep it entirely out of products they don’t want it in. But no, letting users decide isn’t the Microsoft Way, and they had to try shoving it into everything to justify the huge sums of money they were throwing into AI.
Jobs are down, more Minnesota fraud uncovered, a bunch of military action outside the Persian Gulf, an Austin jihad shooter, Noem gets the Old Yeller treatment, Bill Clinton remains Bill Clinton, and Microsoft, amazingly, manages to get even worse.
It’s the Friday LinkSwarm!
Also consider this your “Iran Strikes: Day 7” update with a smattering of news as well. There are reports that Kurdish forces have entered Iran from Iraq, but I’m not seeing sufficient evidence for that yet.
Interesting chart showing Iran has likely “blown its wad” on missiles and drones, as day by day fewer and fewer are being launched.
Update Numbers as of Mar. 6, 12.00 AM The numbers are rounded and compiled from various media reports, with a margin of error of ±10% 15% **Corrected previous Post there was a Mistake https://t.co/eDlVfc3nzApic.twitter.com/UiHAU0yNHe
The Supreme Court upheld the standard for reviewing asylum cases, keeping it in the hands of immigration agencies.
Yes, even the leftist justices agreed. 9-0.
“We granted certiorari to determine whether the Court of Appeals applied the appropriate standard of review under the INA [Immigration and Nationality Act],” wrote Justice Ketanji Brown-Jackson. “We conclude that the statute requires application of the substantial evidence standard to the agency’s conclusion that a given set of undisputed facts does not constitute persecution.”
Top officials in Minnesota were made aware of fraud concerns surrounding government assistance programs as early as 2019 but failed to take action as billions of dollars were stolen and warnings piled up.
Former Minnesota state officials testified to the House Oversight Committee that Governor Tim Walz and Attorney General Keith Ellison were first informed that the state’s social services programs had been compromised by widespread fraud in 2019 and 2020, according to a new report from the committee.
“Testimony obtained by the Committee reveals that Governor Tim Walz and Attorney General Keith Ellison were aware of widespread fraud in social service programs, lied about their knowledge of the fraud, and retaliated against employees who dared to raise concerns. Instead of protecting vulnerable Americans, they handed over billions in taxpayer dollars to fraudsters and threw their own state employees under the bus,” said House Oversight Committee chairman James Comer (R., Ky.).
Several different entities and state-level programs are implicated in Minnesota’s fraud scandal. The most prominent program is Feeding Our Future, which fraudsters targeted during the Covid era to steal $300 million from the Minnesota Department of Education that had been designated to provide food to poor children. Feeding Our Future is now dissolved and dozens of defendants have been convicted in connection with the scheme since 2022.
According to the committee report, Minnesota Department of Education officials first received allegations of fraud against Feeding Our Future from the U.S. Department of Agriculture in 2019. The USDA alleged Feeding Our Future was created with forged signatures and misled sponsored food distribution sites about certain federal requirements. Minnesota officials dismissed the allegations at the time. By April 2020, Walz and Ellison’s offices were briefed about the Minnesota Department of Education’s concerns regarding Feeding Our Future, Assistant Commissioner Daron Korte testified to the committee. State officials contacted the USDA about Feeding Our Future in late 2020, but the agency’s inspector general did not act, a failure that emboldened the scammers at Feeding Our Future.
The Oversight Committee report asserts that Minnesota officials could have suspended payments to Feeding Our Future but chose not to because of potential litigation and racism accusations. Minnesota officials blamed the USDA and Feeding Our Future for perpetuating the large-scale fraud. In March 2021, the Minnesota Department of Education stopped payments to Feeding Our Future, but resumed payments voluntarily the following month after a court hearing on the matter. A court order was never issued requiring the payments, contradicting Walz’s 2022 assertion to the contrary. The lack of a court order was confirmed during the course of the Oversight Committee’s investigation.
In early 2019, Walz’s administration became aware of fraud tied to two programs administered by Minnesota’s Department of Human Services, former agency commissioner Tony Lourey testified. Another former commissioner, Jodi Harpstead, testified that Walz’s administration believed fraud connected to a child care program run out of the Department of Human Services had already been resolved. But the Oversight Committee report references two auditor reports showing otherwise, both of which were issued in 2019. The Department of Human Services lacked fraud mitigation mechanisms and felt pressure to get money out the door to justify state appropriations, the committee found. Despite credible allegations of fraud, the agency failed to act on the warnings and unilaterally stop making payments to the social services programs in question.
The Oversight Committee’s report is based on testimony from nine top current and former state officials, documents and communications, and briefings with federal and state officials. The Minnesota U.S. Attorney’s office recently speculated that the interwoven fraud schemes totaled nearly $9 billion in misallocated funds. Of the fraud defendants, 85 percent of them come from Minnesota’s Somali-American immigrant community. Social services programs that provide food, child care, housing, and special education have all come under scrutiny as federal investigators unravel the fraud scheme.
I know it’s been easy to overlook in all the other military news this week, but Afghanistan and Pakistan have been going at it as well, though only at a border skirmish level rather than a full-scale conflict. Since the Pakistani ISI helped create the Taliban, this is what’s known as “blowback.”
Rene Campos, a registered sex offender, is seeking elected office in California – launching a campaign for Fresno City Council amid fierce backlash and renewed questions about whether someone with his record should hold public office.
Campos was arrested in 2018 following a cyber tip to the Central California Internet Crimes Against Children Task Force. He was found in possession of child sex abuse material, according to court records. In 2021 he entered a no-contest plea to a single misdemeanor charge of possessing and controlling child pornography/child sex abuse material (likely under California Penal Code § 311.11). He served only one month in prison and a two year probation period.
Campos describes himself as a gay man who is running for office on the platform of “reduced crime and rehabilitation.”
Possession of child pornography is typically treated as a felony, even in a woke haven like California. How the Fresno candidate was able to make a deal for a misdemeanor charge and spend only one month in prison is a mystery, but this does help to confirm ongoing suspicions that California’s legal system is falling into steep decline.
California is notoriously soft on child sex abusers. Recently, a Sacramento parole board released Daniel Allen Funston, who was convicted in 1999 of sixteen counts of kidnapping and child molestation after a horrific crime spree in Sacramento County, during which he kidnapped, raped, and beat eight children ages 3 to 7.
Funston was originally sentenced to three consecutive life terms plus 20 years, but was set free at age 64 due to a California elderly inmate program (maybe he’ll run for office, too).
Data from 2022 shows that the Golden State released over 7000 child sex offenders after less than one year of incarceration. Interestingly, “digital blocks” were added to the Megan’s Law website that prevent more recent analysis.
Virginia Governor Abigail Spanberger is demanding that Immigration and Customs Enforcement provide warrants before violent illegal criminals are turned over to federal authorities, following the stabbing of a Virginia woman by an illegal immigrant with a long and violent criminal history.
Abdul Jalloh was charged with second-degree murder after Stephanie Minter was brutally stabbed in the neck at a Virginia bus stop. Jalloh had previously been charged more than 40 times, including for egregious crimes such as aggravated assault, malicious wounding, and rape. Prosecutors dropped 20 of the 43 charges against Jalloh. The Fairfax County Commonwealth’s Attorney’s office said the charges were dropped because Jalloh often chose victims who did not have permanent addresses, making the proceedings more difficult.
The Department of Homeland Security said Jalloh is an illegal immigrant from Sierra Leone. He entered the United States in 2012.
“ICE previously lodged a detainer against Jalloh in 2020, and he was granted a final order of removal by a judge who found he could be removed to any country other than Sierra Leone,” DHS said in a statement. “This case illustrated the importance of third country removals to get criminal illegal aliens out of the U.S.”
Spanberger insists that in order for Virginia to work with federal authorities, ICE must provide a signed judicial warrant, regardless of the alien’s criminal history. DHS requested cooperation with Virginia and Spanberger to deport Jalloh following his alleged involvement in the fatal stabbing.
“We are calling on Virginia Governor Abigail Spanberger and Virginia’s sanctuary politicians to commit to not releasing this murderer and violent career criminal from their jail without notifying ICE,” Deputy Assistant Secretary Lauren Bis said in a statement. “This illegal alien’s murder of an innocent, beautiful American woman came less than 24 hours before Governor Spanberger’s demonization of ICE law enforcement. This heinous criminal is a perfect example of why we need cooperation from sanctuary jurisdictions and the importance of third country removals for the safety of the American people.”
What the Trump administration has done on the DEI front represents the beginning of a general reorientation of our politics away from wokeness. One need only survey what prominent leaders of the Left are saying about the political price the Democratic Party has paid on that score. What they are saying indicates a large political change, even if the Dems prove incapable of unmooring themselves from woke politics for the near future.
The first sign of this reorientation is a general shift in the popular mindset: the spell of woke politics has broken. This matters because it was always the way in which woke politics commanded assent in the citizens’ hearts and minds that was crucial. That assent has been questioned or denied now in a broad way, with the backing of public authority (Supreme Court decisions, executive orders, agency directives), and with widespread public support. Wokeness’s public hectoring, punitiveness, and censoriousness, and the extremism of many of its positions on the issues, is unpopular at the level of 70–30 or 80–20 opinion poll divides.
We ought to be confident, therefore, that the broken spell of wokeness augurs a permanent shift in our public life. What that means precisely, however, depends very much on how we understand wokeness and what is done going forward to ensure that woke excess does not return. Now, if, as many say, wokeness was the product of cultural Marxism (Christopher Rufo and a host of followers) or postmodernism (Jordan Peterson and another host of followers), then all that needs to be done is to combat bad ideas. On these interpretations, our universities in particular, and other cultural institutions where the influence of such ideas holds sway, need our attention. Certainly, cultural Marxism and postmodernism represent bad ideas, and the world would be a better place without their influence.
But if what wokeness represents above all is the explosive power of the civil rights revolution and the influence of an aggressive leftist interpretation of anti-discrimination politics, as another band of interpreters claims (I among them), then the task ahead is much bigger and much more difficult.
Trump’s anti-DEI measures, on this view, would represent only the first step in a broader campaign of civil rights reform. One could look long and hard without seeing much in the way of evidence for any such thing so far. Are these current efforts against DEI an illusion, a brief moment of political opportunism that will recede as public hatred of wokeness recedes—only to return in a few years when the next wave of anti-discriminatory passion rises up?
I don’t think that worry is justified. The anti-DEI campaign to date will have enduring consequences because even if it is not yet clear that what is at stake in DEI is civil rights politics, the current reorientation can only have the effect of raising our awareness of the role of anti-discrimination in our public life. This has begun on the all-important moral plane of civil rights politics. Precisely by breaking the spell of its puritanical commands, our anti-woke moment is reworking something essential to civil rights politics. Because public morality is the crucial filter of the human mind, a shift at this level will change what we see, what we think, and what we think we can say. Anti-woke sentiment, backed by changes in the law, is providing a moment of political, cultural, and mental freedom that will necessarily lead, after many decades during which this was not possible, to a general reappraisal of the moral power and the meaning of the civil rights revolution.
Sources have identified the alleged gunman as 53-year-old Ndiaga Diagne to Nexstar’s KXAN and The Associated Press…
Diagne is originally from Senegal, according to multiple people briefed on the investigation. One of the people told the AP that Diagne came to the U.S. in 2006 and was a naturalized U.S. citizen…
Austin mass killer captured on video wearing ‘Property of Allah’ hoodie during rampage.
“Dallas Democrats Decide To Let DA Creuzot Go. With no Republican in the race, Democrat primary winner Amber Givens will become Dallas County’s next district attorney.” Creuzot was yet another Soros-backed DA, so maybe Dallas Democrats are ever so slowly moving back to sanity.
I’m just going to embed this Asmongold clip of Bill Clinton’s Jeffrey Epstein deposition without comment.
President Trump announced Thursday that Senator Markwayne Mullin (R., Okla.) will replace Kristi Noem as Homeland Security Secretary.
The announcement comes after Noem struggled to stand up to a public grilling by members of the Senate Judiciary Committee who pressed the former South Dakota governor on Tuesday about a $220 million ad campaign contract that was subcontracted to one of her longtime allies. Trump was furious at Noem for insisting during the hearing that he had personally approved the contract and began floating Mullin’s name as a potential replacement, National Review first reported early Thursday.
Mullin will replace Noem effective March 31. It’s unclear whether Trump plans to nominate Mullin to serve in the position permanently or whether he will serve in an acting capacity, sparing him the necessity of Senate confirmation.
“I am pleased to announce that the Highly Respected United States Senator from the Great State of Oklahoma, Markwayne Mullin, will become the United States Secretary of Homeland Security (DHS), effective March 31, 2026,” Trump wrote on Truth Social. “The current Secretary, Kristi Noem, who has served us well, and has had numerous and spectacular results (especially on the Border!), will be moving to be Special Envoy for The Shield of the Americas, our new Security Initiative in the Western Hemisphere we are announcing on Saturday in Doral, Florida. I thank Kristi for her service at ‘Homeland.’”
Already under significant scrutiny due to bipartisan criticism of her handling of Trump’s deportation agenda, Noem ran into further trouble this week during a series of hearings in which multiple lawmakers, most notably Republican Senator John Kennedy of Louisiana, asked her to explain why the agency had awarded a $220 million contract to a firm that was founded just days before, without ever opening up the bid to a competitive process. Kennedy also pointed out that part of that ad campaign was subcontracted to a strategy firm owned by Ben Yoho, the husband of former DHS spokeswoman Tricia McLaughlin.
A $220 million no-bid ad contract isn’t just wasteful, it’s actively criminal.
More defeats for the gambling lobby: “Two House Chairs Defeated by Challengers. State Reps. Cecil Bell and Stan Kitzman were ousted by Kristen Plaisance and Dennis Geesaman respectively.”
Plaisance ran on a platform of fiscal responsibility, securing Texas’ elections, and defending state sovereignty.
Bell’s campaign and allied groups—including the Las Vegas Sands–backed casino lobby and Texans for Lawsuit Reform—reportedly spent more than $1 million attempting to defend the incumbent.
Bell, who chairs the Intergovernmental Affairs Committee, had been censured by the Montgomery County Republican Party last year.
Incumbent State Rep. Stan Kitzman of Brookshire has been defeated by Dennis “Goose” Geesaman for the GOP nomination for House District 85. Kitzman served as chair of one of the House’s subcommittees on appropriations.
Geesaman, a pilot and Air Force Academy graduate, retired as a Lt. Colonel. He served five terms on the Flatonia City Council and later served as mayor.
While Texans for Lawsuit Reform and casino-funded PACs backed Kitzman’s reelection campaign, Geesaman ran on a platform of ending magnets for illegal immigration, DOGE-ing Texas, and supporting parental rights.
Kitzman also recently came under investigation for his paid work for a local governmental entity while serving in the Legislature.
Kitzman also voted to impeach Paxton, so I think we’re well rid of both of them.
The war against tranny madness continues. “Paxton Opinion Targets Therapists Behind Child ‘Psychological Transitioning.’ Psychiatric providers who help facilitate prohibited treatments may be barred from receiving public funds and could risk losing their licenses.”
Samsung Electronics America Inc. is one of five companies that have been accused by Attorney General Ken Paxton of collecting and monetizing consumers’ viewing data on smart TVs.
Following the agreement, Samsung will now make changes to not only halt the collection of viewing data without consent, but also update their TVs to include disclosures and consent screens.
Heard from some state agency people that this was coming: “Texas Dismantles DEI-Oriented HUB Network. The comptroller’s office has ended race- and sex-based preferences in state contracting.” Good.
“Former Warren Campaign Worker Says the U.S. Must Be ‘Abolished’ to Atone for Death of Ayatollah Khamenei…Calla Walsh, the communist activist who campaigned for Elizabeth Warren, Ed Markey, Bernie Sanders, and others, said the only way to exact “justice” is the complete deconstruction of the U.S. and Israel.” What percentage of the ideological core of the Democrat Party are actively communist?
One thing that reportedly helped kill Netflix’s acquisition of Warner Brothers: GOP congressmen visiting Netflix headquarters and discovering tampons in the men’s room.
Microsoft seems to be going from bad to worse: “Microsoft Copilot to hijack your browser… for your own convenience, embeds Edge into AI assistant, ignores questions about opt-in.”
Microsoft is rolling out a Copilot update to Windows Insiders that embeds web browsing directly into the assistant, opening links in a side panel rather than launching your default browser.
The plan is that users of the Copilot app in Windows will show content in the assistant’s window “so you don’t lose context.”
Copilot will also (with permission) have access to the context of tabs opened in that conversation, so the assistant can look across them when responding to user prompts. Opened tabs will be saved with the conversation so that they can be returned to, and, if a user chooses to enable it, passwords and form data can be synchronized.
Enabling password and form data synchronization might give some users pause for thought, particularly after the Windows Recall fiasco, but users worried about Redmond slurping data should probably consider an alternative to Windows anyway.
At first glance, it looks like embedding Edge into Copilot via the WebView2 control is an attempt to steer the user away from their default browser. Convenient, yes. Good for competition, possibly not. We asked Microsoft whether this would be an opt-in experience and which browser was being used, but, other than acknowledging receipt of our questions, the company did not respond.
It looks like this is going to be limited to corporate users for now, but launching web links without user control strikes me as a huge attack vector for malicious code. (Previously.)
New Zealand “Lesbian Navy Captain Faces Court Martial After $100M Ship Ran Aground, Caught Fire, Sank.” Since that happened all the way back in 2024, they’re certainly not rushing to justice…
Apple has some new computers out, so here’s M5 Pro vs. M5 Max benchmarks. My trailing edge consumer ass is still on an Intel-based MacBook Pro…
“Japanese companies are paying older workers to sit by a window and do nothing—while Western CEOs demand super-AI productivity just to keep your job.” Seems like there should be a happy medium between those two extremes…
Microsoft has long had a reputation of an abusive company, all the way back to its origins, when Gary Kildall accused Bill Gates of stealing parts of CP/M for DOS. The list of lawsuits against Microsoft for anti-competitive or shady business business practices is so extensive it has its own Wikipedia article. But it’s latest moves to force both subscription models and AI into every nook and crevice of its software may be the final straws that break the Borg’s back, as longtime Windows users finally seem to be abandoning ship.
Last month, I met with a mid-sized law firm facing a common dilemma. Their Windows 10 laptops were nearing the end of support and needed to be replaced. Typically, this meant buying new hardware and software—predictable and straightforward. But this time, Microsoft suggested a different approach: move to Windows 365 Cloud PCs, a PC that operates with a monthly subscription and is accessible from any device, scalable, secure, and AI-enhanced. The catch? The shift from ownership to a subscription model and reduced local control led their IT team to question how “personal” these computers truly were.
Cloud subscriptions replace personal computing
The experience of this law firm encapsulates a major industry shift: Today, you don’t buy Windows, you rent access to it. Windows 365 Cloud PCs began as a business-only experiment at Microsoft but have grown into its central product and are now the primary road map, with local Windows installations becoming a mere stepping stone to cloud-based desktops. With tools like Windows 365 Boot, users can bypass the traditional local operating system altogether, landing directly into a personalized, cloud-streamed environment, even on third-party or bring-your-own devices.
Hardware no longer anchors the user’s experience; the familiar PC is now a portal into a metered utility controlled, updated, and managed by Microsoft. Windows 365 Switch blurs the line even further, allowing seamless migration between cloud and local environments. With each step, more user agency is surrendered in exchange for the convenience of a cloud-managed world.
The AI revolution and hardware
As if the cloud weren’t enough, artificial intelligence is muddying the waters. Microsoft is loud about a future built on AI PCs, touting Copilot integration, neural processing units (NPUs), and specialized hardware. But as Dell’s own product head recently admitted, customers aren’t flocking to buy these new devices for AI alone; the proposition is too abstract, and the day-to-day benefits too unclear. In reality, most significant leaps in AI are happening in the cloud, not on the desktop. Even Jeff Bezos framed the future simplistically: AI will appear everywhere, but it will live in the cloud.
Meanwhile, Microsoft is aggressively pushing its users to rely on its AI-powered tools and ecosystem, with access controlled through subscriptions. Gone is the idea of installing and running your own AI applications locally; instead, users are nudged to rent access to AI services, hosted and updated in Microsoft’s cloud. The notion of the self-managed PC is fast giving way to a persistent, subscription-based rental of power and capability, with AI primarily serving as another tool for vendor lock-in.
Hidden costs and loss of control
Businesses and individuals face new economic realities. The traditional model—investing in hardware for five years—is replaced by an ever-escalating treadmill. A basic Windows 365 Cloud PC costs about $41 a month for 8GB, excluding Office or AI add-ons. Vendors pitch this as a trade-off against the hidden costs and complexity of managing local computers in hybrid work. Before long, subscription fees will become just another line item in ballooning IT expenses.
Perhaps more concerning is the core loss of control. The local PC gave users the keys. They owned, updated, installed, and protected their own digital spaces. The new cloud-and-AI reality puts Microsoft in charge of software, identity, AI tools, and even privacy decisions. The old personal computer offered freedom; the new model is managed, metered, and routinely adjusted to fit Microsoft’s evolving business interests. Yes, security can benefit. Yes, patching and remote management are simplified for companies. But every user now sits one step further removed from the heart of their own computing experience.
That was linked by this piece, which was linked from Borepatch, who has further thoughts.
What this means is that you don’t own any Microsoft software. Sure, you may think that because you paid them money (most often when you bought your computer – some of that purchase price went to Microsoft in the form of a license fee for Windows). But you actually don’t own “your” copy of software. At all.
Rather, you have the right to run the software on your computer. That may not seem like a big difference, but it is. The license agreement (you know, the one you didn’t read before you clicked “I Agree”) allows Microsoft to change the terms of the agreement at any time, at their pleasure.
Microsoft has just done this in a big, big way. Key new stuff in Windows 11 is:
AI integrated with your operating system
Online presence is critical for lots of Windows now (e.g. AI)
Windows will nag you until you put all your data online (OneDrive) whether you want to or not.
The proper technical term for that first bullet point is that your Windows operating system is essentially now an “AI Agent” which if you are a regular reader you know is very, very bad security juju.
Combine this enormous security hole with the requirement to essentially be online 100% of the time (bad security) and the liklihood that OneDrive will slurp all your data to some Internet black hole in a Microsoft data center, Windows is simply unsecurable.
Yes, I know that is inflammatory, but there is simply no way that you can get assurance that your security is sane. I say that as someone who has spent decades inn Internet Security (and particularly in security assurance). Not to put too fine a point on it, but I don’t think that I could get decent assurance that things aren’t going “bump in the Net”. For most of the readers here, it’s not even worth trying.
And that AI, Copilot, is not only widely loathed by users, but is creating brand spanking new security holes.
“We’ve been following Microsoft and all their massive missteps over the last several months. Most of it related to AI and pushing AI into consumer products and pushing it on to people who don’t want it.”
“There’s an error with Copilot. Apparently, it can can read your email. That’s great. And Copilot is sort of the bedrock of Windows 11. It’s very hard to get rid of Copilot. They want to put it in everything, including Notepad.”
“Copilot slows everything down. I would highly recommend you turn it off.” If you can figure out how. Kneon recommends Linux Mint if you want a Windows-like experience.
“Look, Microsoft is not secure. And just realize if you’re using it, especially for business, if you don’t want anybody to see it, you probably shouldn’t use their tools.”
“A work tab within Copilot chat had summarized email messages stored in a user’s draft and sent folders even when they had a sensitivity label on it and a data loss prevention policy configured to prevent unauthorized data sharing.” Sounds like Copilot is as indifferent to your privacy and security as Microsoft on the whole.
“I don’t know if you can hurt Xbox anymore, because Xbox is a dying brand, but the new boss, who comes from an AI background, promises not to flood it with soulless AI slop. This is Asha Sharma, formerly the head of Microsoft’s AI division, which is causing problems. Now she’s in charge of Xbox. She promises many more great games made by humans.”
Sharma blather about how Xbox will run across multiple platforms instead of a console snipped. “Are we seeing first signs that Xbox is dead and about to be consumed by Microsoft? I think that’s 100% what’s going to happen.”
“I think they’re going to basically AI themselves into the wood chipper. I think it’s very clear that that’s all they care about right now, if they’re putting the head of AI in charge of gaming and she’s talking cloud and AI and all that. Yeah, it’s over, man.”
Microsoft CEO Satya Nadella is facing some accusations of “Indian nepotism” for putting Sharma in charge of Xbox, especially since she has no background in gaming development. Of course, Microsoft has long been accused of abusing the H1-B visa system to bring over cheap workers. Indeed, this MSN India piece crows about it.
According to official H-1B filings submitted to the US Department of Labor between 2012 and 2023, Microsoft filed over 50,000 H-1B visa applications, and approximately 70 to 80 percent of these applications were for Indian nationals. This makes Indians the largest group in Microsoft’s US-based technical talent pipeline. The data shows a consistent year-on-year trend where Indian engineers make up the majority of Microsoft’s skilled immigrant workforce.
Snip.
Multiple research estimates and workforce studies indicate that 26 to 30 percent of Microsoft’s global technical workforce is Indian or Indian-origin.
Snip.
Microsoft operates one of its biggest global R&D centres in Hyderabad, which works on products including Azure, Office, Windows, LinkedIn integration, AI/ML systems and cybersecurity. The India Development Center (IDC), established in 1998, is one of Microsoft’s oldest and largest development facilities outside Redmond. This drives significant recruitment of Indian engineers for advanced research and product development roles.
Snip.
A review of Microsoft’s global leadership roster shows notable Indian-origin executives including Satya Nadella (CEO), Rajesh Jha (EVP), Suresh Kumar (EVP), Anil Bhansali (VP Engineering), and dozens of corporate vice presidents and product heads. This demonstrates the substantial representation of Indian-origin professionals in high-level technical and management roles within the company.
But Microsoft also has a Jeffrey Epstein problem. Do a search on founder and former CEO Bill Gates in the Epstein files and you get 2,616 results. Nor is he the only Epstein-connected person of interest high in the ranks of Microsoft. Financier and Democrat megadonor Reid Hoffman is still listed on the Microsoft board, despite being notoriously close to Epstein and showing up in the Epstein files 2,667 times. (Also on the board: Former Obama Commerce Department head Penny Pritzker, sister of Illinois Governor J.B. Pritzker and aunt to Epstein friend Tom Pritzker, whose name shows up 2,524 times in the Epstein files.)
Even before Microsoft jumped on the AI bus (or, if you prefer, off the AI cliff), it was notorious for security holes in its software, and there’s precious little evidence that the AI age has made anything better. The latest “Patch Tuesday” featured fixes for no less than six Zero Day exploits.
What all this amounts to: Anyone still on Windows should look to move to Linux if they have the technical chops to do so, or Apple if they don’t. Though Apple has dabbled with subscription services as well, they’re still overwhelmingly a hardware company that wants to sell you the latest shiny. And Apple has been dinged for its “lazy” approach to AI, which may turn put to be the smartest move after all. “Amazon, Microsoft, Meta Platforms, and Alphabet are projected to spend around $700 billion combined on capital expenditures in 2026, much of it on AI data centers and hardware — Apple plans just $14 billion.” That means they’re less likely to try and shove it into every damn thing. And I know my now-relatively-ancient MacBook Pro keeps working even when the Internet is down.
If you’re still on Windows, now might be the time to get out while the getting is good…
Uncle Sam assembles another big stick for Iran, the radical leftwing networks in Minnesota continue to get exposed, silver shatters, two state Democrats get clipped in separate forgery cases, the rise of the Amelia memes, Microsoft update breaks everything (again), and are malls actually reviving?
And Neville Roy Singham’s fingerprints are visible everywhere.
It’s the Friday LinkSwarm!
As of right this moment, America hasn’t gone kinetic on the Mullahs yet, but we’re assembling an awful big stick.
USS Abraham Lincoln has gone dark, with no transponder or communication, signaling possible preparation for action against Iran.
A third US carrier strike group, USS George H.W. Bush (CVN-77), is moving into the Middle East theater.
Snip.
Some very interesting developments in the last 48 hours indicate something big is about to happen.
The EU all of a sudden has decided the next thing on their agenda is to declare the IRGC a terrorist group. Curious timing, that.
Minnesota agitators, including elected officials, have been organizing efforts to stalk, harass, and even hunt ICE agents in a Signal group chat that was infiltrated by Cam Higby and others.
It has been insane looking at the messages and the actual people involved.
And now DataRepublican has the donor list … you know, the people actually paying to make sure this all happens.
DataRepublican has also helpfully linked to their social media profiles.
You can download he data yourself. And DataRepublican has already turned in all the captured information to the Feds…
This is the story of how Minnesota became a political laboratory—first for the 2020 George Floyd protests, then for a sustained campaign against federal immigration enforcement. The players are the same. The money flows through familiar channels. And the strategy, according to those who designed it, was always meant to be replicated.
Snip.
Understanding how The People’s Forum operates requires following the money. And the money leads to Shanghai.
Neville Roy Singham is an American tech entrepreneur who sold his software company, ThoughtWorks, for approximately $785 million in 2017. He now lives in Shanghai, where, according to a 2023 New York Times investigation, he “works closely with the Chinese government media machine and finances propaganda worldwide.”
The Network Contagion Research Institute (NCRI), a Rutgers University-affiliated research organization, published a comprehensive report in May 2024 documenting what it calls the “Singham Network”—a web of nonprofits, fiscal sponsors, and alternative media outlets that share funding, personnel, and messaging.
According to NCRI, The People’s Forum received over $20 million from Singham and his wife, Jodie Evans (co-founder of the anti-war group CODEPINK), between 2017 and 2022. The money moved through a complex network of donor-advised funds and shell companies, including the Justice and Education Fund, the United Community Fund, and the Goldman Sachs Philanthropy Fund.
The People’s Forum has acknowledged receiving Singham funding. In a December 21, 2021 post on X (then Twitter), the organization defended its financial relationship with Singham against critics.
Congressional investigators have taken notice. On September 4, 2025, House Ways and Means Committee Chairman Jason Smith sent a formal letter to [People’s Forum Executive Director Manolo] De Los Santos demanding records and alleging that The People’s Forum had “acted as a foreign agent of the Chinese Communist Party” while enjoying tax-exempt status.
“Public reporting suggests that The People’s Forum has received over $20 million from Mr. Singham and his wife,” Smith wrote. “Multiple reports have found that The People’s Forum is part of Mr. Singham’s network of non-profit organizations that serve as his conduits to spread pro-CCP narratives.”
The Senate Judiciary Committee separately requested that the Department of Justice investigate whether The People’s Forum should register under the Foreign Agents Registration Act.
De Los Santos himself has deep ties to Cuba. According to his biography at the Black Alliance for Peace, he “was based out of Cuba for many years” and “worked toward building international networks of people’s movements and organizations.” The New York Post reported that De Los Santos first traveled to Cuba in 2006 and was there as recently as March 2024. He has been photographed meeting with Cuban President Miguel Díaz-Canel.
Footnotes excised. Snip.
What makes Minnesota different from other immigration flashpoints is the degree to which organizers have been explicit about their strategy.
The NCRI report notes that activists in the Singham network view the 2020 protests as proof that “the ability for mass struggle now exists inside the United States.” This framing treats George Floyd’s death not as a singular tragedy but as a tactical validation—evidence that the right combination of outrage, infrastructure, and outside support can produce transformational results.
De Los Santos’s April 2024 call to recreate “the violent protests of the summer of 2020” was not a slip of the tongue. It was a statement of doctrine.
The IDN’s establishment before Operation Metro Surge began—funded by nearly $1 million from the Bush Foundation—demonstrates pre-positioning rather than organic response. The explicit training of thousands in “rapid response” and “legal observation” tactics, the encrypted communication networks, the coordinated media strategies: none of this materialized spontaneously after Good’s death.
It was waiting.
The evidence assembled here—from congressional investigations, foundation records, tax filings, academic research, and organizers’ own statements—establishes that what is happening in Minnesota is neither spontaneous nor accidental.
The same network that helped turn George Floyd’s death into a national uprising has spent five years building the capacity to do it again. They have studied what worked in 2020, professionalized their operations, secured substantial funding, and pre-positioned infrastructure across Minnesota.
When Renée Good was killed on a Minneapolis street, that infrastructure activated precisely as designed.
Minnesota was chosen—first as the place where 2020 proved the model, then as the laboratory where that model would be refined and redeployed. The current crisis is not an accident of geography or politics.
A collection of far-left groups — led by a Communist activist network tied to CCP-linked millionaire Marxist Neville Roy Singham — is attempting to organize a nationwide anti-ICE school and business shutdown, with anti-Israel activist Linda Sarsour declaring that “we will bring this country to a halt.”
The general strike effort, scheduled for this Friday, is an attempt to replicate a Minnesota-wide anti-ICE shutdown which occurred last Friday and which was organized by many of the same far-left groups — but now with designs to do so on a national scale. The planned “National Shutdown” announced early this week includes plans for large-scale marches and a day of “no work, no school, no shopping” around the country.
The Manhattan-based Marxist revolutionary People’s Forum, the left-wing BreakThrough News media outlet, the Party for Socialism and Liberation (PSL), the far-left Code Pink anti-war group, and the Act Now to Stop War and End Racism (ANSWER) Coalition are all involved in either promoting or organizing the nationwide shutdown effort.
Just the News recently reported on how the forum, its propaganda machine, and the PSL were key players in pushing last week’s Minnesota-focused shutdown effort. Just the News also previously reported on how these and other radical activist groups have leadership links or financial ties to the funding network backed by Singham, whom others in his network call “Comrade.”
Social media used as organizing platform
The plans for Friday allegedly started with calls by a number of student groups at the University of Minnesota — the Somali Student Association, the Liberian Student Association, the Ethiopian Student Association, and the Black Student Union — who called for “Justice for Alex Pretti & Renee Nicole Good — NATIONWIDE SHUTDOWN” on Instagram on Sunday.
An investigation by Just the News shows that the forum was likely involved in creating the “National Shutdown” website which is now serving as an organizational hub for the coming Friday strike.
Did anyone notice a “nationwide shutdown” today? Mother Nature did a 100,000% better job shutting things down with Winter Storm Fern…
You gotta hand it to those Soros-sponsored district attorneys across the nation because when it comes to playing with fire, they play like they’ve never been burned.
The latest example is Philadelphia DA Larry Krasner. Not exactly a household name across the country,
But one that should be well-known to BattleSwarm readers.
Soros-linked groups have been his single largest financial backing source — helping him bypass traditional party fundraising and local contribution limits.
About a decade ago, Soros contributed about $1.7 million to the Philadelphia Justice and Public Safety PAC while Krasner was still a relative unknown in a seven-candidate race for district attorney. The Philly PAC is part of Soros’s nationwide Justice and Public Safety groups that fund “progressive” DAs in blue city contests.
According to public sources, in 2017, Soros’s donation to just one candidate accounted for nearly 30% of all campaign spending in the seven-person race. For his 2021 reelection, Soros groups gave Krasner another $1.2 million, including $259,000 for Philadelphia Justice and Public Safety PAC to run ads on Krasner’s behalf. Soros supported Krasner again last year, although I wasn’t able to find the dollar amounts before going to press.
Prior to getting all that Soros money to run for D.A., Krasner defended Black Lives Matter and Occupy Philadelphia members in court — and let’s just say Soros got his money’s worth. Or maybe it’s our money, given how intermingled Soros’s private funds are with taxpayer-funded NGOs purpose-tuned to push his causes.
Snip.
Here’s the quick and dirty transcript of Krasner talking about ICE officers: “This is a small bunch of wannabe Nazis — that’s what they are — in a country of 350 million. We outnumber them… If we have to hunt you down the way they hunted down Nazis for decades, we will find your identities, we will find you, we will achieve justice.”
What have I been repeating since the first attempt on President Donald Trump’s life last summer?
The left paints its enemies — we are no longer mere political rivals — as enemies, over and over, until some crazy decides to take justice into his own hands.
The FBI raided a Fulton County election office, evidently looking for evidence of the elction fraud carried out against president Trump in 2020. And it might be connected to…Nicolas Maduro?
Silver prices just plunged plunged over $30 an ounce today after a huge run-up. This means I’m either a genius when I sold a small amount of it last week (when prices were above where they are now), or an idiot for not selling all of it…
For three years, the world has waited for the Russian economy to implode. Instead, we watched a “Kalashnikov economy” defy gravity, fueled by high oil prices and a “friendship without limits” with Beijing. But as of January 2026, the gravity of basic math has finally caught up with Vladimir Putin.
The catalyst isn’t just the stalemate on the front lines; it’s a legislative “kill shot” from Washington and a quiet betrayal from the East. Between the new Graham-Trump Sanctioning Russia Act and a mounting domestic liquidity crisis, the Kremlin isn’t just running out of options—it’s running out of time.
The most significant development of 2026 isn’t a new missile system; it’s a tariff. The Graham-Trump Bill, greenlit by the White House on January 7, has fundamentally rewritten the rules of economic warfare. By threatening a mandatory 500% tariff on any country—including China and India—that continues to purchase Russian petroleum or uranium, the U.S. has finally weaponized the one thing Russia’s allies value more than cheap crude: access to the American consumer.
The shockwaves were instantaneous. On January 15, reports emerged that China’s largest state banks, including ICBC and Bank of China, began halting Ruble-denominated settlements. They aren’t waiting for the bill to be signed into law; they are pre-emptively cutting Russia loose to save their own export margins. When Beijing chooses its $500 billion trade surplus with the U.S. over its “strategic partner” in Moscow, the Russian war machine loses its primary life support system.
While the external walls are closing in, the internal floor is rotting. On New Year’s Day, Russia’s VAT officially jumped to 22%. This isn’t a sign of strength; it’s an act of desperation. The Kremlin is cannibalizing its own middle class to plug a federal budget revenue gap that fell 20% short of targets in 2025.
We are now seeing the first signs of a systemic banking fracture. In cities like Yekaterinburg and Novosibirsk, reports of ATM shortages are no longer fringe rumors—they are the physical manifestation of a “liquidity trap.” When the state raises taxes while inflation remains double-digit and interest rates hover near 20%, the result is a “medically induced coma” for the civilian economy.
Federal officials have charged two contractors with conspiring to disrupt Immigration and Customs Enforcement officers in Knoxville earlier this month.
The U.S. Attorney’s Office for the Eastern District of Tennessee unsealed a multi-count indictment on Friday against Tyler Shane Wells, 33, of Morristown, and 18-year-old Alexander Bonilla Servin of Smyrna.
They are charged with conspiracy to conceal and harbor illegal aliens, conspiracy to forcibly impede federal agents while engaged in performance of official duties, and conspiracy to prevent, by force, intimidation, or threat, federal agents from discharging their official duties from January 5 through January 13.
Bonilla-Servin is also charged with forcibly impeding federal agents engaged in the performance of their official duties.
Wells appeared in court on Friday and pleaded not guilty to the charges and a detention hearing is set for Monday. A trial date has been set for March 31, 2026.
Federal authorities accuse the two of plotting to block the entrance to a Hardin Valley construction site with Bonilla-Servin’s pickup truck in an effort to impede ICE agents. According to a Department of Justice release, the vehicle was put in position after federal agents were seen surveilling the site. Servin is also accused of hitting agents’ vehicle with the truck as it attempted to enter the site on January 13.
After more than a year of digging, Statehouse candidate Bailey Templeton’s most public records collection shows 1,085 Illinois children under 18 without SSNs had Medicaid bills of $66 million in 2025. That’s up 725% from $8 million for 450 children in 2021.
“It’s roughly $40 million spent on inpatient treatment, that’s a lot of time for children to be in hospitals,” Templeton told The Center Square Friday.
The data only generates more questions for Templeton.
“It raises questions about what would be called medical trafficking, where things are conducted on to children when they’re too young to be able to consent to these things,” she said.
Why, it’s almost like Democrats imported millions of illegal aliens and put them on welfare rolls…
Man tries to kill mayor in the Philippines with an RPG. (Never mind that The Sun calls it a bazooka.)
Idiot Hawaiian Democrat Senator Brian Schatz asks Marco Rubio a really stupid question, and Rubio hands him his ass:
“That’s statutory. The Helms Burton Act, the US embargo on Cuba, is codified. It was codified in law and it requires regime change in order for us to lift the embargo.”
Transportation Secretary Sean Duffy just dropped what I’ve been calling the nuclear option.
In an appearance on Katie Pavlich Tonight Thursday, Duffy made clear that withholding $200 million in federal funding isn’t the end of this fight. If California doesn’t come into compliance on the non-domiciled CDL issue, Duffy said, “we will eventually pull their ability to issue commercial driver’s licenses to anybody in California.”
Not just the 17,000 non-domiciled CDLs at the center of this fight. Every single CDL in the state.
I’ve written extensively about this standoff since the FMCSA released its audit findings last September, which showed that roughly 25% of California’s non-domiciled CDLs were improperly issued. I’ve covered the $160 million funding hit. I’ve warned about the decertification authority in 49 U.S.C. 31312 and 49 CFR 384.405, which most people in this industry didn’t even know existed.
This didn’t start with the Trump administration’s September 2025 emergency rule restricting non-domiciled CDLs to certain visa categories. That rule, which limited eligibility to H-2A, H-2B, and E-2 visa holders, has been stayed by the D.C. Circuit since November. The court found that petitioners were “likely to succeed” on their claims that the FMCSA violated federal law in its rulemaking.
The California problem predates all of that.
FMCSA’s August 2025 Annual Program Review found California had been violating federal regulations that existed long before Duffy took office. The state was issuing CDLs with expiration dates extending years beyond drivers’ lawful presence documentation. In one case that still makes my blood boil, California issued a driver from Brazil a CDL with passenger and school bus endorsements that remained valid months after his legal presence expired.
That’s not a new rule problem. That’s a California screwed-up problem.
California agreed in November to revoke all 17,000 improperly issued licenses by January 5, 2026. Then, on December 30, the California DMV unilaterally announced a 60-day extension to March 6, citing the need to ensure it doesn’t wrongfully terminate licenses for drivers who actually qualify.
Duffy’s response on X was blunt: “Gavin Newsom is lying.”
FMCSA never agreed to the extension. California proceeded anyway. On January 7, DOT made good on its threat and withheld approximately $160 million in National Highway Performance Program and Surface Transportation Block Grant funds. That’s on top of the $40 million already withheld over California’s refusal to enforce English language proficiency requirements.
California has more than 700,000 CDL holders. The state is home to the nation’s largest trucking workforce, with over 138,000 truck drivers moving freight through the ports of Los Angeles and Long Beach, the agricultural heartland of the Central Valley, and every retail distribution center feeding the country’s largest consumer market.
Under full decertification, California would be prohibited from issuing, renewing, transferring, or upgrading any commercial learner’s permits or commercial driver’s licenses until FMCSA determines the state has corrected its deficiencies. Previously issued CDLs would technically remain valid until their stated expiration dates, but here’s where it gets ugly.
Other states could refuse to recognize California credentials during the noncompliance period. FMCSA could issue guidance declaring CDLs issued by a noncompliant state invalid for interstate commerce. The Commercial Driver’s License Information System, which enables interstate verification, could flag every California license.
For the 700,000 CDL holders in the Golden State, decertification wouldn’t just be an administrative headache.
It would effectively ground them from operating in interstate commerce.
Blue state governors should stop trying to protect their precious illegal aliens and start following federal law.
TikTok has finalized a deal to create a new American entity, avoiding the looming threat of a ban in the United States that has been in discussion for years on the platform now used by more than 200 million Americans.
The social video platform company signed agreements with major investors including Oracle, Silver Lake and the Emirati investment firm MGX to form the new TikTok U.S. joint venture. The new version will operate under “defined safeguards that protect national security through comprehensive data protections, algorithm security, content moderation and software assurances for U.S. users,” the company said in a statement Thursday. American TikTok users can continue using the same app.
Tesla North America announced the completion of a major lithium refinery in Robstown, Texas, with Elon Musk calling it “the most advanced lithium refinery in the world.”
Robstown is just west of Corpus Christi.
In the promotion video, Jason Bevon, the site manager at the Gulf Coast lithium refinery, explains that the refining process used in Robstown is “inherently much more environmentally friendly.” The company claims that the process used by the refinery eliminates hazardous byproducts of the refining process and is more sustainable than traditional methods.
Bevon explained that the refinery “enables us to have access to the critical minerals for energy storage, for battery manufacturing, and ultimately for [electric vehicle (EV)] growth.”
“It enables us to accelerate Tesla’s mission by regionalizing supply chains for battery minerals and materials, by providing jobs, by cutting emissions from the transportation network that is required for these supply chains.”
“It really allows us to usher in energy independence for North America.”
Columbia University’s Center on Global Energy Policy explains that raw lithium needs to be processed into a “chemical in the form of lithium carbonate or lithium hydroxide, before being used in batteries,” which is done through refining. Currently, China dominates the global trade and production of key minerals, and leads the world in lithium refinement capabilities.
The need for lithium batteries has grown exponentially in recent years, with lithium batteries being required for EVs, smartphones, laptops, and renewable energy receptacles such as solar panels.
Also, you’re partially paying for it:
This political shift and the operation of the refinery are complemented by recent grants through the Texas Semiconductor Innovation Fund (TSIF), which was established when the Texas CHIPS Act, House Bill 5174, was signed into law in 2023. The TSIF totals “approximately $948 million in total appropriations” and is used for “semiconductor manufacturing and design,” according to the Texas Economic Development and Tourism Office.
Webb County’s sheriff and his assistant chief are facing federal charges for allegedly using office resources to create and profit from a disinfecting business during the COVID-19 pandemic.
Sheriff Martin Cuellar Jr., 67, and Assistant Chief Alejandro Gutierrez, 47, have both appeared before a federal grand jury after turning themselves in. Their indictments have now been unsealed, revealing that they both are accused of misappropriating Webb County Sheriff’s Office funds between 2020 and 2022.
Cuellar is the brother of U.S. Rep. Henry Cuellar (D-Laredo).
According to the indictment, around April 2020 Cuellar opened a for-profit business called Disinfectant Pro Master (DPM), which used resources belonging to the WCSO. He reportedly enlisted Gutierrez and Ricardo Rodriguez, an assistant chief, to assist in the start of the venture that provided disinfecting services to local businesses, residents, and the local school district.
Federal prosecutors allege none of the three made any personal investments in the startup company but used county resources, vehicles, and equipment. DPM also reportedly used county funds on multiple occasions to purchase supplies for the company. Staff from the sheriff’s office were often utilized to conduct the company’s operations during their regularly scheduled shifts according to the indictment.
The indictment also claims records show that payroll was not ever issued from the company to compensate the staff that was utilized to carry out its business.
During its operation, DPM received multiple contracts with local businesses, including a $500,000 contract with the United Independent School District, where Rodriguez served on the school board.
The company eventually closed in August 2022 after UISD did not renew its contract following media coverage and public scrutiny at a school board meeting over the contract being awarded to a board member’s company.
During the duration of the company’s operation, Cuellar, Gutierrez, and Rodriguez each reportedly received over $175,000. It is alleged in the indictment that Cuellar used his revenue to purchase a 10-acre property in Laredo.
As you might expect, Martin Cuellar is a Democrat.
Dwight documents not one but two of state-level Democrat congresscritters (state rep Ayshia “Ajay” Pittman in Oklahoma and former state senator Sonya Jaquez Lewis in Colorado) being involved in forgery scandals.
Nose-ringed leftist “Grace Carol Brown is charged with arson and burglary, and is ‘accused of smashing an exterior window, unlawfully entering the Comal County (TX) Republican Party headquarters, and starting a deliberate fire inside the building’ overnight on January 13/14.”
Oh, for fuck’s sake! “Parents say their trans son killed himself because his church employer wouldn’t let him wear French maid outfit, cat ears.”
Simon Whistler on Every Saudi Gigaproject in Vision 2030. Neom is still a ridiculous pipe dream, and Whistler is far too easily impressed with “zero carbon” claims, but some of these projects are actually worth doing and on-track.
Keir Starmer’s Labour government created the character of Amelia, a purple-haired nationalist Goth girl, for a lame Flash-style game to “combat far right extremism” (i.e., anyone who objects to importing illegal alien Islamist rapists into the UK), but now that she’s been adopted and memed by the right, that move backfired big time.
Louis Rossmann reports that downgrading to an earlier operating system bricks the latest OnePlus Android phone. I’d never heard of OnePlus, but it turns out it’s a Chinese brand, so you shouldn’t be buying it in the first place…
Surprise! American shopping malls aren’t dying off.
Shopping malls, long an economic and cultural fixture of American life, are facing sustained pressure but are not disappearing altogether.
Instead, the sector is undergoing creative destruction, as traditional mall formats give way to new concepts that reflect shifting consumer behavior and market conditions, according to recent industry data.
A research report by Capital One Shopping (COS) outlines the magnitude of the challenge facing the mall sector, citing rising mall closures that remain vacant for an average of nearly four years, as well as vacancy rates that are 112 percent higher than the overall retail vacancy rate.
COS also estimates that as many as 87 percent of large shopping malls could close over the next decade.
At the same time, COS data indicate a reversal of earlier trends. From 2021 through 2025, mall openings exceeded mall closures, suggesting adaptation rather than terminal decline. In 2025 alone, 9,410 new mall stores opened, nearly double the number that closed.
Additional evidence of revival appears in a recent article published by Growth Factor. Author Clyde Christian Anderson reported that indoor mall foot traffic in March 2024 rose 9.7 percent year over year, open-air shopping center traffic increased 10.1 percent, and outlet mall traffic climbed 10.7 percent—each exceeding pre-COVID-19 pandemic levels.
Every book I bought in 2025, most from early in the year when I still had a contract job and money in the bank…
Remember when Google was a world-leading corporation whose motto was “don’t be evil”, universally trusted for Internet searches, branching out into other businesses and could seemingly do no wrong? You may not, since that was a good 15-20 years ago. Since then, Google has done plenty of evil to lose our trust, from spinning up useful services only to allow them to be killed off a few years later to letting itself be infected with social justice to ruining search results to plump ad revenues.
Now Google is infecting itself with AI across all its divisions, and the results are disasterous.
No, Cheney didn’t vote for Kamala in 2020, and indeed only announced outright opposition to Trump after January 6. Google’s AI garbage has conflated the 2020 and 2024 presidential elections.
This is far from the first time Google’s AI systems have made mistakes.
A whole bunch of YouTube channels were banned based on the actions of completely unrelated channels, and the creators blamed AI. YouTube eventually restored them and denied AI was involved, but does anyone really believe anything Google/YouTube says anymore?
But Google AI is definitely improving one thing: malware.
Google’s Threat Intelligence Group (GTIG) is warning that bad guys are using artificial intelligence to create and deploy new malware that both utilizes and combats large language models (LLM) like Gemini when deployed.
The findings were laid out in a white paper released on Wednesday, November 5 by the GTIG. The group noted that adversaries are no longer leveraging artificial intelligence (AI) just for productivity gains, they are deploying “novel AI-enabled malware in active operations.” They went on to label it a new “operational phase of AI abuse.”
Google is calling the new tools “just-in-time” AI used in at least two malware families: PromptFlux and PromptSteal, both of which use LLMs during deployment. They generate malicious scripts and obfuscate their code to avoid detection by antivirus programs. Additionally, the malware families use AI models to create malicious functions “on demand” rather than being built into the code.
Google says these tools are a nascent but significant step towards “autonomous and adaptive malware.”
PromptFlux is an experimental VBScript dropper that utilizes Google Gemini to generate obfuscated VBScript variants. VBScript is mostly used for automation in Windows environments.
Ah, Windows, a fecund garden of malware for over 30 years.
In this case, PromptFlux attempts to access your PC via Startup folder entries and then spreads through removable drives and mapped network shares.
“The most novel component of PROMPTFLUX is its ‘Thinking Robot’ module, designed to periodically query Gemini to obtain new code for evading antivirus software,” GTIG says.
The researchers say that the code indicates the malware’s makers are trying to create an evolving “metamorphic script.”
According to Google, the Threat Intelligence researchers could not pinpoint who made PromptFlux, but did note that it appears to be used by a group for financial gain. Google also claims that it is in early development and can’t yet inflict real damage.
The company says that it has disabled the malware’s access to Gemini and deleted assets connected to it.
Google also highlighted a number of other malware that establish remote command-and control (FruitShell), capturing GitHub credentials (QuietVault), and one that steals and encrypts data on Windows, macOS and Linux devices (PromptLock). All of them utilize AI to work or in the case of FruitShell to bypass LLM-powered security.
Beyond malware, the paper also reports several cases where threat actors abused Gemini. In one case, a malicious actor posed as a “capture-the-flag” participant, basically acting as a students or researchers to convince Gemini to provide information that is supposed to be blocked.
Google specified a number of threats from Chinese, Iranian and North Korean threat groups that abused Gemini for phishing, data mining, increasing malware sophistication, crypto theft and creating deepfakes.
So Google has created a power bottle genie that refuses to stay in the bottle, but will grant wishes to just about anyone, no matter how evil their intent.
Also, not limited to Google, researchers have demonstrated new exploits for AI browsers (or rather, very old exploits refurbished for the AI age).
Several new AI browsers, including OpenAI’s Atlas, offer the ability to take actions on the user’s behalf, such as opening web pages or even shopping. But these added capabilities create new attack vectors, particularly prompt injection.
Prompt injection occurs when something causes text that the user didn’t write to become commands for an AI bot. Direct prompt injection happens when unwanted text gets entered at the point of prompt input, while indirect injection happens when content, such as a web page or PDF that the bot has been asked to summarize, contains hidden commands that AI then follows as if the user had entered them.
Last week, researchers at Brave browser published a report detailing indirect prompt injection vulns they found in the Comet and Fellou browsers. For Comet, the testers added instructions as unreadable text inside an image on a web page, and for Fellou they simply wrote the instructions into the text of a web page.
When the browsers were asked to summarize these pages – something a user might do – they followed the instructions by opening Gmail, grabbing the subject line of the user’s most recent email message, and then appending that data as the query string of another URL to a website that the researchers controlled. If the website were run by crims, they’d be able to collect user data with it.
When Isaac Asimov crafted the Three Laws of Robotics, he thought that robots would have built-in safeguards deep in their source codes to prevent them from doing harm. What he never could have envisioned is multiple artificial intelligence being created as quickly as possible by competing corporations, none of whom seem to value safety over time-to-market, and that some of these AIs could be capable of modifying their own source code for greater speed and efficiency, so that no one knows precisely at any given time what exactly they’re running, and what data sets have been used to feed their pet Frankenstein monsters…
Communist China never rests in its quest to infect American computers with spy and malware, as in this story.
The threat of cyberattack is never far away, be that by Amazon ransomware actors with an impossible-to-recover-from threat, or Windows zero-day exploits and even the hacking of the iPhone USB-C port. Luckily, the Federal Bureau of Investigation is also never far away when it comes to warnings about such attacks and hacker threats. But eyebrows will surely be raised just a little as the FBI and Department of Justice have confirmed that thousands of U.S. computers and networks were accessed to remove malware files remotely. Here’s what you need to know.
The U.S. Department of Justice and the FBI have confirmed that a court-authorized operation allowed the remote removal of malware files from 4,258 U.S.-based computers. The operation, targeting the PlugX malware variant as used by what are said to be China-backed threat actors, was, the Jan. 14 statement said, designed to take down a version of PlugX used by the group known as Mustang Panda or Twill Typhoon, capable of controlling infected computers to steal information.
According to court documents, the DoJ said, the People’s Republic of China government “paid the Mustang Panda group to develop this specific version of PlugX,” which has been in use since 2014 and infiltrated thousands of computer systems in campaigns targeting U.S. victims.
“The FBI acted to protect U.S. computers from further compromise by PRC state-sponsored hackers,”Assistant Director Bryan Vorndran of the FBI’s Cyber Division, said, adding that the announcement “reaffirms the FBI’s dedication to protecting the American people by using its full range of legal authorities and technical expertise to counter nation-state cyber threats.”
Thousands of U.S. computers and networks, estimated at 4,258 by the DoJ, were identified by the FBI in the technical operation to detect and delete the malware threat remotely. The first of nine warrants was obtained in August 2024 in the Eastern District of Pennsylvania authorizing the deletion of PlugX from U.S.-based computers, the last expired on Jan. 3. “The FBI tested the commands, confirmed their effectiveness, and determined that they did not otherwise impact the legitimate functions of, or collect content information from, infected computers,” the statement said.
“This wide-ranging hack and long-term infection of thousands of Windows-based computers, including many home computers in the United States, demonstrates the recklessness and aggressiveness of PRC state-sponsored hackers,” said U.S. Attorney Jacqueline Romero for the Eastern District of Pennsylvania. “The Department of Justice’s court-authorized operation to delete PlugX malware proves its commitment to a ‘whole-of-society’ approach to protecting U.S. cybersecurity.”
Upon reading this story, I was worried that the FBI had (and courts were authorizing use of) a tool that can break in and control random Windows PCs. While I wouldn’t put it past the FBI these days, the Forbes story left out one important technical detail:
After researchers found out that thousands of infected machines reported to one specific IP address, they managed to seize control over the IP address that served as a Command & Control (C2) server.
In close cooperation with the French authorities, the FBI and Justice Department used this IP address to “sinkhole” the botnet. Sinkholing in this context means that the redirection of traffic from its original destination to one specified by the sinkhole owners. The altered destination is known as the sinkhole.
With control of the sinkhole, a specially configured DNS server can simply route the requests of the bots to a fake C2 server. This provides the controller of the sinkhole with valuable information about the affected systems and an opportunity to send commands to delete the PlugX version from the connecting devices.
OK, that means the FBI only seized control of one specific computer that was already compromised by the exploit. That doesn’t mean the FBI doesn’t have a turnkey computer intrusion tool (logical fallacy alert), but it does mean they didn’t necessarily use such a tool here rather than a single white hat hacking instance to seize control of a single already-compromised PC.
Still, it’s always good to check that your security tools and settings have been updated to catch the latest malware and exploits, foreign or domestic…
“Patch Tuesday” is when Microsoft (and other software companies) regularly release patches for their software on the second Tuesday of a month. A “zero day exploit” is a serious, previously undisclosed security flaw in a shipping piece of software. Not every Patch Tuesday includes a zero day fix, and sometimes the release only fixes one or two.
Attackers are actively exploiting as many as six of the 90 vulnerabilities that Microsoft disclosed in its security update for August, making them a top priority for administrators this Patch Tuesday.
Another four CVEs in Microsoft’s update were publicly known before the Aug. 13 disclosure, which also make them zero-days of a sort, even though attackers have not yet begun exploiting them. Among them, an elevation of privilege (EoP) bug in Windows Update Stack, tracked as CVE-2024-38202, is particularly troubling because Microsoft does not yet have a patch for it.
The unpatched flaw allows an attacker with “basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of Virtualization Based Security (VBS),” according to Microsoft. The company has assessed the bug as being only of moderate severity because an attacker would need to trick an administrator or user with delegated permissions into performing a system restore.
However, Scott Caveza, staff research engineer at Tenable, says that if an attacker were to chain CVE-2024-38202 with CVE-2024-21302 (an EoP flaw in the current update that affects Windows Secure Kernel), they would be able to roll back software updates without the need for any interaction with a privileged user. “CVE-2024-38202 does require ‘additional interaction by a privileged user,’ according to Microsoft,” he says. “However, the chaining of CVE-2024-21302 allows an attacker to downgrade or roll back software versions without the need for interaction from a victim with elevated privileges.”
Caveza says each vulnerability can be exploited separately, but when combined, they could potentially have a more significant impact.
In all, seven of the bugs that Microsoft disclosed this week are rated as critical. The company rated 79 CVEs — including the zero-days that attackers are actively exploiting — as “Important,” or of medium severity, because they involve some level of user interaction or other requirement for an attacker to exploit. “While this isn’t the biggest release, it is unusual to see so many bugs listed as public or under active attack in a single release,” said Dustin Childs, head of threat awareness at Trend Micro’s Zero Day Initiative (ZDI), in a blog post.
This is, to use a technical term, “bad.”
I’m not an expert in Windows security, but ten zero day exploits sounds like a new record.
And just who is exploiting this vulnerability in the wild? Well, in one case, North Korea.
A Windows zero-day vulnerability recently patched by Microsoft was exploited by hackers working on behalf of the North Korean government so they could install custom malware that’s exceptionally stealthy and advanced, researchers reported Monday.
Getting pwned by North Korea is like getting arrested for knocking over a liquor store because you posted a picture of yourself in front of the store holding up the stolen cash on Facebook.
The vulnerability, tracked as CVE-2024-38193, was one of six zero-days—meaning vulnerabilities known or actively exploited before the vendor has a patch—fixed in Microsoft’s monthly update release last Tuesday. Microsoft said the vulnerability—in a class known as a “use after free”—was located in AFD.sys, the binary file for what’s known as the ancillary function driver and the kernel entry point for the Winsock API. Microsoft warned that the zero-day could be exploited to give attackers system privileges, the maximum system rights available in Windows and a required status for executing untrusted code.
Microsoft warned at the time that the vulnerability was being actively exploited but provided no details about who was behind the attacks or what their ultimate objective was. On Monday, researchers with Gen—the security firm that discovered the attacks and reported them privately to Microsoft—said the threat actors were part of Lazarus, the name researchers use to track a hacking outfit backed by the North Korean government.
“The vulnerability allowed attackers to bypass normal security restrictions and access sensitive system areas that most users and administrators can’t reach,” Gen researchers reported. “This type of attack is both sophisticated and resourceful, potentially costing several hundred thousand dollars on the black market. This is concerning because it targets individuals in sensitive fields, such as those working in cryptocurrency engineering or aerospace to get access to their employer’s networks and steal cryptocurrencies to fund attackers’ operations.”
Monday’s blog post said that Lazarus was using the exploit to install FudModule, a sophisticated piece of malware discovered and analyzed in 2022 by researchers from two separate security firms: AhnLab and ESET. Named after the FudModule.dll file that once was present in its export table, FudModule is a type of malware known as a rootkit. It stood out for its ability to operate robustly in the deep in the innermost recess of Windows, a realm that wasn’t widely understood then or now. That capability allowed FudModule to disable monitoring by both internal and external security defenses.
Rootkits are pieces of malware that have the ability to hide their files, processes, and other inner workings from the operating system itself and, at the same time, control the deepest levels of the operating system. To work, rootkits must first gain system privileges and go on to directly interact with the kernel, the area of an operating system reserved for the most sensitive functions. The FudModule variants discovered by AhnLabs and ESET were installed using a technique called “bring your own vulnerable driver,” which involves installing a legitimate driver with known vulnerabilities to gain access to the kernel.
Earlier this year, researchers from security firm Avast spotted a newer FudModule variant that bypassed key Windows defenses such as Endpoint Detection and Response, and Protected Process Light. Microsoft took six months after Avast privately reported the vulnerability to fix it, a delay that allowed Lazarus to continue exploiting it.
Whereas Lazarus used “bring your own vulnerable driver” to install earlier versions of FudModule, group members installed the variant discovered by Avast by exploiting a bug in appid.sys, a driver enabling the Windows AppLocker service, which comes preinstalled in Windows. Avast researchers said at the time the Windows vulnerability exploited in those attacks represented a holy grail for hackers because it was baked directly into the OS rather than having to be installed from third-party sources.
As I’ve noted before, Internet security is hard. Neither Mac nor Linux are entirely free of such exploits, but they seem to be a lot less frequent. Log4J wasn’t a Linux kernel exploit, but everyone (rightly) freaked out over it because Log4j was used everywhere and it let attackers install malicious code on your server.
Microsoft patching ten zero day exploits suggests that there’s a big problem up in Redmond. You would think the zero day vulnerability numbers would be going down, not up. I wonder if we might be seeing that start of widespread AI use to find vulnerabilities in software.
