YOUR PRIVACY TOOL IS WATCHING YOU: The whole point of a VPN (virtual private network) is to hide who you are and where you are. Turns out, that may be exactly the problem. Under Section 702 of FISA, NSA targeting procedures presume that anyone whose location is unknown is a foreign national and therefore fair game for warrantless surveillance. So, the millions of Americans using VPNs to dodge geo-blocks, hide from their employers, or just avoid the general feeling of being watched, may well be watched. The FBI, NSA, and FTC have all recommended VPN use to protect your privacy. But Wired.com says that six Democratic lawmakers are pressing DNI Tulsi Gabbard to publicly reveal whether Americans using VPNs may be inadvertently giving up their rights to avoid warrantless government surveillance. This is all part of the ongoing battle over potential reauthorization of Section 702. Entrepreneurial note: it seems the market is wide open for a VPN that won’t reveal who's using it or where they are but will absolutely vouch that the user is American.
THE BUZZ AT BARKSDALE: Earlier this month, a swarm of unidentified drones repeatedly buzzed Barksdale Air Force Base in Louisiana, home to nuclear-capable B-52 bombers. The drones reportedly loitered for hours, shrugged off jamming attempts, and came back for encores over multiple nights, at one point forcing a runway shutdown and sending airmen into a “shelter in place” alert. Who is behind it? No one knows - or at least no one is saying. Somehow, we don’t think it’s Google Maps.
IRAN EXPANDS TARGET LIST TO INCLUDE YOU RETIREMENT ACCOUNT: Iranian officials are helpfully clarifying that the modern battlefield now includes your brokerage statement. In remarks tied to the escalating conflict, an Iranian official warned that entities financing the U.S. military, including investors buying U.S. debt, could be considered legitimate targets. Mohammad Bagher Ghalibaf (who some media claimed was in discussions with Jared Kushner and Steve Witkoff) said on X that, “In addition to military bases, those financial institutions that fund the U.S. military budget are considered legitimate targets. U.S. Treasury bonds are tainted with the blood of Iranians. If you proceed to purchase them, you are in fact attacking your own assets and primary headquarters. We are monitoring your investment portfolios.”
MORE THAN ONE WAY TO MEDDLE IN AN ELECTION: A unit of Russia's foreign intelligence service allegedly proposed staging a fake assassination attempt on Hungarian Prime Minister Viktor Orbán ahead of the country's April 2026 parliamentary elections, according to The Washington Post, citing an internal SVR document obtained and authenticated by a European intelligence service. Officers from the SVR reportedly suggested that drastic action might be necessary - a strategy they dubbed "the Gamechanger." The proposal argued that such an incident would shift the campaign away from voter frustration over the economy and toward national security and emotional solidarity. The inspiration cited in the document: the July 2024 Trump campaign shooting, which produced iconic imagery and an immediate polling bump. Orbán may prefer more traditional campaign tactics - like ballot stuffing - rather than relying on other longshot tactics.
IRAN BRAGS OF HIRING A MEXICAN DRUG CARTEL TO GET A HEAD: The Justice Department announced this week it has pulled the plug on four websites that it says were run by Iran's Ministry of Intelligence and Security - sites that, per court documents, offered a $250,000 bounty for killing and beheading two targets. Officials say the website claimed an operational partnership with Mexico's Jalisco New Generation Cartel, and bragged about stealing data that they described as containing "witchcraft ceremonies." Subtle this was not. U.S. officials say the takedown is part of a broader effort to counter Tehran's cyber-enabled intimidation campaigns, which increasingly blend propaganda, criminal partnerships, and outright incitement.
RUSSIA INVADES SIGNAL WITH A FAKE "SIGNAL SUPPORT BOT": The FBI has issued a public service announcement warning that Russian intelligence-linked threat actors are actively targeting users of encrypted messaging apps such as Signal and WhatsApp in phishing campaigns that have already compromised thousands of accounts. Feds say the perps have been able to compromise individual accounts but not the encryption of the applications themselves. They have reportedly gained unauthorized access to victims' messages and contact lists and then sent messages, and used that info for additional phishing against further targets. The method is elegantly low-tech: fake in-app messages impersonating platform support, complete with a "Signal Security ChatBot," prompt users to hand over verification codes. Russia didn't have to break Signal's encryption. It seems like it just had to knock on the front door and wait for someone to open it.Got news to share? Drop us a note: Editor@thecipherbrief.com
Read more expert-driven national security insights exclusively in www.thecipherbrief.com.
