Category: Uncategorized

When we talk about the scourge of anti-vaxxer philosophy within the federal government, we naturally spend a great deal of that time talking about RFK Jr. He’s the Secretary of Health and Human Services and perhaps the most infamous anti-vaxxer on the planet, after all. But if you thought HHS was the only part of the government infected with this dangerous unscientific nonsense, you’d be wrong.

In April of this year, Pete Hegseth, Secretary of Whatever-We’re-Calling-It-Today, rescinded a requirement for America’s fighting forces to be inoculated against influenza. Why? Well, because it just wasn’t necessary, you see. Also, freedom. Probably bald eagles. Perhaps apple pie and baseball are involved. It’s really anyone’s guess these days. Hegseth stated the following publicly on his decision:

“The notion that a flu vaccine must be mandatory for every service member, everywhere, in every circumstance, at all times, is just overly broad and not rational,” the secretary said. “Our new policy is simple: If you, an American warrior entrusted to defend this nation, believe that the flu vaccine is in your best interest, then you are free to take it; you should. But we will not force you.”

“Our men and women in uniform were forced to choose between their conscience and their country, even when those decisions posed no threat to our military readiness,” Hegseth said. “That era of betrayal is over. Under President [Donald J.] Trump, the War Department continues to take decisive action to once again restore freedom and strength to our joint force. We’re seizing this moment to discard any absurd overreaching mandates that only weaken our warfighting capabilities.

So, to summarize, the requirement that soldiers be vaccinated against influenza was as follows:

1. Broad and irrational
2. A betrayal
3. An absurd and overreaching mandate
4. Weakened our fighting forces
5. Would be ended and soldiers would no longer be forced to be vaccinated

I assume that analysis still holds, other than the last, now that the military is once again mandating the flu vaccine for its soldiers because, and this will shock you, a bunch of soldiers got sick.

The Army, Navy, and Air Force are once again requiring basic trainees to get vaccinated against influenza after the virus quickly swept through an Air Force base in Texas, sickening at least 222 recruits and hospitalizing four. Last week, news broke of a flu outbreak sweeping through Lackland Air Force Base, part of Joint Base San Antonio in Texas. Two unnamed sources told ABC News that the situation at the base has been worsening.

In addition to the 222 cases and four hospitalizations reported as of Tuesday, one recruit, Keon McDaniel, died. McDaniel was in his sixth week of basic training and suffered a medical emergency on June 12. It’s unclear if his death was related to the outbreak.

ABC News reported that sources think only about 40 percent of the new Air Force trainees at the base were vaccinated and that the outbreak began in early June.

So, according to Hegseth himself mere months ago, sixty percent of the new Air Force trainees at the base are going to be subject to a broad, irrational, absurd, freedom-stealing betrayal mandate to get the flu vaccine? Cool.

It’s absolutely incredible just how shallow the anti-vaxxer mentality can be. Freedom, I am told, is worth fighting and dying for. If a flu vaccine mandate is anti-freedom, why are we letting some illnesses and potential deaths cause us to take actions that are anti-freedom?

The answer is because it isn’t about freedom at all. It’s about placating the dumbest corners of our society just because they happen to be a voting bloc aligned with Donald Trump, a man not exactly known for his incredible good health and fitness.

Pentagon spokesperson Sean Parnell said that the Pentagon had granted exceptions to Hegseth’s optional flu shot policy to the Army, Navy, Air Force, National Security Agency, and the Defense Health Agency. The exceptions came after a “comprehensive review” and are in line with a standard policy of “adapting force health protection measures to critical operational realities.”

“The decisions were based upon thorough risk assessments and are designed to maximize operational readiness, lethality, and force generation, while safeguarding at-risk populations,” Parnell said.

And that’s any different than the situation three months ago, exactly?

It’s not different at all, of course. Pete Hegseth directly, and of his own accord, managed to get hundreds of soldiers sick, at a minimum. He reduced our war-fighting readiness as a result. And he reversed course the moment the inevitable outcome reared its ugly, feverish, coughing head.

Vaccine mandates are bad when its politically advantageous to say they are, but good when you’re in charge and need to prepare for an invasion of Cuba, or who knows where else.

Filed Under: air force, anti-vaxxers, flu, flu vaccine, pete hegseth, vaccines

OpenAI on Friday released three versions of GPT-5.6, called Sol, Terra, and Luna, as a limited preview to a small number of companies as part of an ongoing engagement with the U.S. government.

While Sol is the latest flagship model and the most powerful, Terra strikes a balance between efficiency and power, and Luna is fine-tuned for speed and affordability.

“GPT‑5.6 Sol launches with our most robust safety stack to date. We strengthened protections for higher-risk activity, sensitive cyber requests, and repeated misuse, and spent multiple weeks finding weaknesses, pressure-testing our system, and hardening it against real-world attacks,” OpenAI said.

The model has also been touted as the “most capable model yet” for cybersecurity, making it much more suitable for vulnerability research and exploitation. On ExploitBench , GPT‑5.6 Sol is competitive with Anthropic Mythos Preview using only about one-third of the output tokens, OpenAI noted.

The goal, it added, is to enable access to legitimate work such as code review, vulnerability research, patch development, debugging, security education, and defensive testing, while enforcing strong guardrails that block offensive activity and swiftly remediating newly discovered jailbreaks. This includes adversarial attempts to jailbreak the model and refuse what it describes as “prohibited cyber assistance.” 

“As these capabilities continue to advance, our priority is to make sure they reach and benefit defenders, who can use these tools to find weaknesses, develop patches, and strengthen systems more broadly,” the artificial intelligence (AI) company explained.

That said, OpenAI is also warning that there may be scenarios during the preview phase where users may encounter safeguards that block or refuse legitimate requests, or have their requests paused for additional review, owing to the “dual-use” nature of the technology.

According to OpenAI’s GPT-5.6 Preview System Card, although the model is more adept at finding vulnerabilities in code and developing exploits, the capabilities do not extend to carrying out autonomous, end-to-end attacks against hardened targets or weaponizing those cyber vulnerabilities in real attacks.

“Separate evaluations examined misaligned behavior in agentic coding tasks and found GPT-5.6 shows a greater tendency than GPT-5.5 to go beyond the user’s intent, including by taking or attempting actions that the user had not asked for, though absolute rates remain low,” it pointed out.

An evaluation of GPT-5.6 Sol against widely deployed hardened software projects using VulnLMP, which is OpenAI’s internal framework designed to test end-to-end exploit chain development against real-world targets, has found the model to produce credible memory safety leads, some of which could lead to disclosure, mutation, or control flow corruption.

“This suggests that substantial parts of real world vulnerability research are becoming increasingly automatable when models are paired with tool use, build systems, and verification infrastructure,” the tech upstart said.

OpenAI intends to make GPT‑5.6 Sol, Terra, and Luna generally available in the coming weeks, and it previewed the model capabilities to the U.S. government. It’s also launching a limited preview for a small group of trusted partners whose participation has been approved by the government before a broader launch.

Earlier this month, U.S. President Donald Trump signed an executive order on AI and cybersecurity, calling for the creation of a framework that grants the federal government the ability to evaluate AI models’ capabilities and determine which qualify as “covered frontier models,” a designation for AI systems with advanced cyber capabilities.

The staggered release comes days after the company released an improved version of its GPT‑5.5‑Cyber model to trusted defenders as part of the Daybreak initiative and launched a new project called Patch the Planet in collaboration with Trail of Bits to help secure open-source projects.

It also follows the U.S. government’s decision to permit Anthropic to release its Mythos AI model to a group of about 100 trusted companies and federal government agencies that “operate and defend critical infrastructure,” more than two weeks after the powerful cybersecurity-focused models were pulled from the market.

“We’re restoring access for these organizations quickly, and we’re continuing to work with the government to expand access to Mythos 5 and make Fable 5 available for general use again,” Anthropic said in a statement posted on X.

Ravie LakshmananJun 26, 2026Cyber Espionage / Malware

A Chinese-speaking advanced persistent threat (APT) actor has been linked to a new custom backdoor called TinyRCT as part of cyber attacks aimed at government entities and critical infrastructure in Southeast Asia.

The activity, particularly aimed at state-owned enterprises in the energy and government sectors, has been attributed to a threat actor called CL-STA-1062, which Palo Alto Networks Unit 42 said shares overlaps with UAT-7237, a hacking group that was first flagged by Cisco Talos in August 2025 in relation to a campaign directed against web infrastructure entities in Taiwan.

Unit 42 said it also observed CL-STA-1062 campaigns in prior operations targeting strategic sectors in East Asia since March 2022, suggesting a broader but sustained focus in the region.

“From a technical standpoint, the attackers behind CL-STA-1062 rely on a hybrid toolkit,” Unit 42 said in a technical report. “While they frequently use common open-source tools such as SoftEther VPN, Mimikatz, and VNT, they have recently introduced TinyRCT, a bespoke, previously undocumented backdoor.”

TinyRCT is equipped to run arbitrary commands, enumerate files and exfiltrate them, capture the device’s screen, and delete itself from the compromised host.

In one campaign detected in September 2025, the threat actor is said to have infiltrated a Southeast Asian government entity and deployed a web shell to exfiltrate data from an MS SQL server. During the same attack, the threat actors have been found to conduct network reconnaissance on a separate government entity in the same country.

“This suggests an effort to identify lateral movement opportunities and broaden their access. In one case, we observed the attacker staging and exfiltrating an entire directory of web server source code from the government entity,” Unit 42 said, adding it detected the breach of at least 10 different organizations in Southeast Asia between October and December 2025.

Since at least mid-2025, CL-STA-1062 has trained its sights on the critical infrastructure, with the adversary scanning multiple entities in the region for vulnerabilities and then establishing a foothold via ASPX web shells that facilitate initial reconnaissance and outbound requests from the infected networks to attacker-controlled infrastructure, leading to the deployment of additional payloads.

This includes SoftEther VPN components and RAR archives containing the group’s toolset, including open-source utilities such as Yuze (a SOCKS5 proxy) and VNT (a VPN), often disguising them as VMware executables or an XDR agent (e.g., “XDRAgent.exe,” “vmtools.exe,” and “vmwared.exe”).

Further analysis of the campaign’s infrastructure has led to the discovery of a previously undocumented .NET backdoor dubbed TinyRCT (“PerfWatson2.exe”), a lightweight remote access trojan that enables system reconnaissance, command execution, file uploads, screenshot capture, remote control, and wipe traces of itself, while taking steps to avoid running in sandboxed environments.

It establishes a persistent communication channel with a remote server (“45.32.113[.]172”) over HTTP, but encrypts the exchanged data using AES-128 encryption in CBC mode.

“The malware operates on a beaconing model, with a default 10-second sleep interval between requests,” Unit 42 explained. “It polls the C2 server for instructions using GET requests, while it sends exfiltrated data via POST requests.”

As for how TinyRCT is delivered, it takes the form of a malicious archive named “chrome_setup.zip” containing a legitimate executable (“chrome_setup.exe”), a configuration file (“chrome_setup.exe.config”), and a rogue DLL (“MyAppDomainManager.dll”) that’s used to trigger an AppDomainManager injection attack to load the malicious DLL, which functions as a downloader by contacting “139.180.134[.]221” to retrieve “PerfWatson2.exe.”

“The combination of tools observed in this activity cluster reflects a pragmatic approach to tool selection and attack capabilities,” Unit 42 concluded. “The attackers behind this cluster continue to leverage common open-source tools such as SoftEther VPN and VNT to facilitate lateral movement.”

“Our discovery of the TinyRCT backdoor in the attackers’ infrastructure underscores their ability to customize tools to gain specific capabilities. The combination of targeting critical infrastructure and the development of custom malware suggests that CL-STA-1062 activity will continue to pose a threat to the region.”