ClearSignal — Mar 05, 2026

Today's landscape is defined by intensifying military operations against Iran with historic weapons debuts, coordinated global law enforcement dismantling cybercrime infrastructure, and mounting cyber threats exploiting cloud and identity vulnerabilities. The convergence of kinetic operations, aggressive cyber enforcement, and actively exploited critical vulnerabilities demands immediate attention across defense acquisition, cybersecurity compliance, and operational security domains.

Top 3

US submarine sinks Iranian ship in first torpedo kill since WWII, Pentagon confirms — A U.S. submarine’s successful sinking of an Iranian frigate marks the first torpedo kill since WWII, demonstrating both escalating military action and the operational effectiveness of undersea warfare capabilities. This historic engagement signals both the intensity of current operations and validates decades of submarine warfare investment and doctrine. — defense-news
These 2 recent cases confirm DOJ is escalating cyber enforcement — DOJ’s shift toward prosecuting misrepresentations and noncompliance with cybersecurity obligations—rather than breaches themselves—fundamentally changes the compliance landscape for government contractors. This enforcement evolution means companies face legal liability for certifications and cybersecurity posture claims, not just incident outcomes, requiring immediate review of representations made in contracts and certifications. — federal-news-network
Attackers are using your network against you, according to Cloudflare — Cloudflare’s threat intelligence reveals attackers are bypassing traditional security tools by exploiting identity-based attack vectors within complex cloud environments. This trend away from malware and zero-days toward exploiting legitimate access credentials and misconfigurations represents a strategic shift requiring fundamental changes to cloud security architecture and monitoring approaches. — cyberscoop

Competitive Landscape

French-German fighter program on life support as Dassault blames Airbus — Dassault CEO Eric Trappier declared the French-German fighter program effectively dead if Airbus refuses to collaborate with Dassault. This represents a potential collapse of a major European defense partnership with implications for the future fighter aircraft market. — defense-news

Policy & Regulatory

France, Germany create panel to advance shared nuclear deterrence plans — France and Germany established a joint panel to advance shared nuclear deterrence plans, an initiative that appears to have tacit support from the Trump administration according to Pentagon officials. — defense-news
These 2 recent cases confirm DOJ is escalating cyber enforcement — DOJ is escalating cyber enforcement with recent cases focused on misrepresentations and material noncompliance with cybersecurity obligations, rather than data breaches themselves, according to Lance Taubin. — federal-news-network

Agency & Mission Activity

FBI seizes LeakBase cybercrime forum, data of 142,000 members — The FBI successfully seized LeakBase, a major cybercrime forum used for trading hacking tools and stolen data, capturing information on 142,000 members. This law enforcement action disrupts a significant marketplace for cybercriminal activity. — bleeping-computer
Despite air dominance, US ‘can’t stop everything’ Iran fires, Hegseth says — Defense Secretary Pete Hegseth stated that despite U.S. air superiority over Iran, some Iranian air attacks may still penetrate defenses and reach their targets. This acknowledgment comes amid ongoing tensions and military operations against Iran. — defense-news
Bombs headed for Iran in Operation Epic Fury don names of US sailors — U.S. Central Command released photos showing sailors aboard USS Abraham Lincoln marking ordnance with their names before strikes on Iran as part of Operation Epic Fury. This demonstrates active U.S. military operations against Iranian targets. — defense-news
US and Ecuador launch military operation against organized crime groups — The United States and Ecuador have initiated joint military operations targeting organized crime groups in Ecuador. This represents expanded U.S. military engagement in South America focused on counter-narcotics and security cooperation. — defense-news
Mastermind of Iranian plot to assassinate Trump is dead, Hegseth claims — Defense Secretary Pete Hegseth announced that the mastermind behind an Iranian assassination plot targeting President Trump has been killed. Hegseth stated that Iran’s attempt failed and Trump ‘got the last laugh.’ — defense-news
The US Air Force just used its oldest bomber to attack Iran — U.S. Central Command deployed B-52 bombers to strike Iranian ballistic missile facilities and command control posts. This represents direct military action against Iranian infrastructure using legacy strategic bomber assets. — defense-news
US submarine sinks Iranian ship in first torpedo kill since WWII, Pentagon confirms — A U.S. submarine successfully sank an Iranian frigate in the Indian Ocean using an Mk-48 torpedo, marking the first U.S. torpedo kill since World War II. The Pentagon confirmed the torpedo achieved ‘immediate effect.’ — defense-news

Technology Trends

Police dismantles online gambling ring exploiting Ukrainian women — Spanish and Ukrainian law enforcement dismantled a criminal ring that exploited Ukrainian war refugees to operate an online gambling scheme, laundering approximately €4.75 million in illicit proceeds. — bleeping-computer
Cisco flags more SD-WAN flaws as actively exploited in attacks — Cisco has identified two Catalyst SD-WAN Manager security vulnerabilities being actively exploited in the wild and is urging administrators to immediately upgrade affected devices. — bleeping-computer
Phobos ransomware admin pleads guilty to wire fraud conspiracy — A Russian national pleaded guilty to wire fraud conspiracy charges for his role as an administrator of the Phobos ransomware operation, which compromised hundreds of victims globally. — bleeping-computer
Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers — A critical Mail2Shell vulnerability in the FreeScout helpdesk platform enables remote code execution without user interaction or authentication, posing a severe zero-click attack risk. — bleeping-computer
Fake LastPass support email threads try to steal vault passwords — LastPass is alerting users about an active phishing campaign using fake unauthorized access notifications to steal master vault passwords through fraudulent support email threads. — bleeping-computer
Spyware-grade Coruna iOS exploit kit now used in crypto theft attacks — A new iOS exploit kit called “Coruna” containing 23 vulnerabilities has been discovered in use by multiple threat actors for both espionage and cryptocurrency theft campaigns. The spyware-grade toolkit represents a significant mobile security threat targeting iOS devices. — bleeping-computer
Hacker mass-mails HungerRush extortion emails to restaurant patrons — Threat actors are mass-emailing customers of HungerRush point-of-sale platform with extortion demands, threatening to expose restaurant and customer data if the company doesn’t respond. The incident highlights supply chain vulnerabilities in commercial POS systems. — bleeping-computer
Mississippi medical center reopens clinics hit by ransomware attack — The University of Mississippi Medical Center resumed normal operations nine days after a ransomware attack that blocked access to electronic medical records and disrupted IT systems. The incident highlights ongoing ransomware threats to healthcare infrastructure. — bleeping-computer
How a Brute Force Attack Unmasked a Ransomware Infrastructure Network — Huntress Labs detailed how investigation of an RDP brute-force attack revealed a geo-distributed VPN-linked infrastructure network suspected to be part of a ransomware-as-a-service ecosystem connected to initial access brokers. The analysis provides insight into ransomware operation infrastructure and attack chains. — bleeping-computer
Police dismantle major phishing platform blamed for attacks on hospitals and schools — International law enforcement agencies dismantled a major phishing-as-a-service platform that targeted hundreds of thousands of accounts globally, including hospitals and schools. Europol announced the takedown operation Wednesday. — the-record
62 people indicted by Taiwanese prosecutors over ties to cyber scam company Prince Group — Taiwanese prosecutors indicted 62 people connected to cyber scam company Prince Group, following the October indictment of founder Chen Zhi by U.S. prosecutors on money laundering charges. The Taipei District Prosecutors Office launched its investigation after the U.S. action. — the-record
Sprawling FBI, European operation takes down Leakbase cybercriminal forum — The FBI and European law enforcement agencies dismantled Leakbase, a major cybercriminal forum where criminals traded stolen credentials and software vulnerability exploits. The global operation represents a significant crackdown on cybercrime infrastructure. — the-record
Russian hackers deploy new malware in phishing campaign targeting Ukraine — Researchers discovered a suspected Russian espionage campaign targeting Ukraine using two previously undocumented malware strains deployed through phishing operations. The campaign represents ongoing cyber warfare activities in the region. — the-record
Global coalition dismantles Tycoon 2FA phishing kit — Microsoft led a global coalition that dismantled the Tycoon 2FA phishing kit, seizing 330 domains comprising the platform’s core infrastructure and naming the alleged creator in a civil complaint. The operation represents a significant disruption to phishing operations targeting two-factor authentication. — cyberscoop
LLMs are getting better at unmasking people online — A new study reveals that large language models are increasingly capable of deanonymizing individuals online, with researchers warning this represents a large-scale privacy invasion threat. — cyberscoop
Authorities from 14 countries shut down major cybercrime forum LeakBase — International law enforcement from 14 countries dismantled LeakBase, a major cybercrime marketplace with over 142,000 members, seizing databases and arresting multiple suspects. — cyberscoop
Attackers are using your network against you, according to Cloudflare — Cloudflare’s annual threat report highlights that attackers are exploiting blind spots in complex cloud environments to conduct identity-based attacks that bypass the need for sophisticated malware or zero-day exploits. — cyberscoop
Novel interceptor drones bend air-defense economics in Ukraine’s favor — Ukraine is successfully deploying interceptor drones that use manual ramming or close-in detonation to counter threats, creating favorable air-defense economics without yet incorporating artificial intelligence. — defense-news
US launches Precision Strike Missiles in Iran war in first combat use — The Precision Strike Missile was used in combat for the first time, launched from M142 HIMARS systems in open desert terrain during Operation Epic Fury against Iran. This marks a significant operational milestone for the advanced weapon system. — defense-news
Israeli F-35 notches first kill of a manned fighter in downing of Iranian Yak-130 — Israeli F-35s achieved the first air-to-air kill of a manned fighter aircraft by downing an Iranian Yak-130, while UK Royal Air Force F-35Bs intercepted Iranian drones over Jordan. These represent historic firsts for F-35 combat capabilities. — defense-news
VMware Aria Operations Bug Exploited, Cloud Resources at Risk — A command injection vulnerability in VMware Aria Operations is being actively exploited, potentially granting attackers broad access to victims’ cloud environments. The flaw poses significant risk to cloud resource security. — dark-reading

← Archive