As the United States grapples with the disruptions stemming from Elon Musk’s Department of Government Efficiency (DOGE), hackers from nations deemed hostile by the U.S. are continuing their cyber onslaught. New reports indicate that China’s Salt Typhoon hacking group has broadened its target range to include more universities globally and at least two new telecommunications companies in the United States, raising the tally of compromised U.S. telecom networks to at least eleven.
Simultaneously, Russia’s infamous Sandworm hacking unit, recognized for its assaults on Ukraine including major power outages, is shifting focus towards Western targets such as Australia, Canada, the UK, and the U.S. Microsoft has named the subgroup within Sandworm "BadPilot," identifying it as a key player that breaks into systems primarily to access them for other Sandworm perpetrators.
On a different note, a troubling investigation has uncovered the operations of romance scammers who are exploiting the loneliness epidemic to enrich themselves illicitly. Moreover, concerns have been raised regarding the transparency of online advertising data that could jeopardize U.S. national security. Compounding these issues, recent funding cuts linked to the new Trump administration are adversely affecting programs aimed at shielding children from exploitation and human trafficking.
In this week’s spotlight, the official launch of the DOGE website revealed severe security vulnerabilities. Two developers uncovered that anyone could push updates to the site, which is claimed to be an official U.S. government domain. Their findings demonstrated the site’s lack of proper security measures when they left messages mocking its condition, highlighting that the database used for the website was shockingly accessible.
The DOGE domain launched in January offering minimal content, but this week began displaying data purportedly representing U.S. government sizes, coinciding with Musk’s commitment to "maximal transparency." However, this transparency may have overreached, as reports surfaced indicating the site inadvertently contained classified information.
Additionally, while the DOGE site prominently features content from Musk’s social platform X, it appears to prioritize that feed over its own domain, a point raised by several developers reviewing the setup.
Concerns were also raised about the security flaws in the Chinese TikTok alternative, RedNote, which reportedly lacks encryption, putting users at risk of surveillance by various governments and ISPs, not exclusively those from China. The study associated with the platform outlined multiple vulnerabilities that can expose user data and device metadata.
On the ground, U.S. military surveillance has intensified near the Mexico border with spy planes undertaking numerous missions, as the Trump administration labels drug cartels as terrorist organizations. This move has amplified the focus of the national security apparatus, leading to new contracts for Immigration and Customs Enforcement aimed at monitoring negative social media sentiment.
Further controversy surrounds the UK government’s recent secret order compelling Apple to develop a backdoor for accessing encrypted iCloud data, which has drawn sharp criticism. U.S. lawmakers have warned that such actions could undermine trust between the U.S. and UK, and global human rights organizations have condemned the move as a severe threat to privacy rights worldwide.
