AnonymousMedia.org

Category: Uncategorized

  • Trump tests boundaries of his power as Minnesota pushes back

    Trump tests boundaries of his power as Minnesota pushes back


    Tom BatemanBBC News, Minnesota

    BBC accompanies ICE observer on the lookout for agents in Minneapolis

    With 1,500 troops reportedly on standby to deploy to Minnesota, tensions are rising in the state as protests continue against Donald Trump’s immigration crackdown. US officials say they are targeting the “worst of the worst” but critics warn migrants with no criminal record and US citizens are being detained, too.

    “It could be anybody,” says Sunshine, as she drives around her neighbourhood, St Paul – one of the so-called Twin Cities, along with Minneapolis. Snow and ice swirl over the tarmac in the bitter wind.

    Sunshine is not her real name – she has asked to use a pseudonym because of fears she could be targeted for her actions.

    “I have decided for my own safety to give them more space,” she says, referring to the unmarked patrol cars ahead, driven by the US Immigration and Customs Enforcement (ICE) agents she is trying to track.

    Each day, residents in loosely organised groups drive around their neighbourhoods trying to spot ICE agents and film them, they say, to hold them to account.

    “I, we, have the legal right to drive on the streets of our own city and we have the legal rights to observe [the ICE agents], but they seem to have forgotten that,” Sunshine says.

    The streets of Minneapolis feel like a battle of wills between a Republican president pressing the boundaries of his power and a Democratic city and state pushing back.

    This week as the temperature plummeted, protests intensified against ICE agents outside the federal building hosting them.

    A woman's eyes can be seen in the rearview mirror of her car. Her identity is being obscured to protect her.

    “Sunshine” says she has a legal right to observe ICE’s actions

    Minnesota officials have urged protesters to stay orderly and peaceful, and local officials have said the majority have stayed trouble-free. But at times there have been clashes, with the authorities deploying tear gas and pepper balls to disperse crowds.

    On Friday, a US federal judge issued an order limiting the crowd control tactics that can be used by ICE agents toward peaceful protesters in Minneapolis.

    Judge Katherine Menendez said federal agents cannot arrest or pepper spray peaceful demonstrators, including those monitoring or observing ICE agents.

    Trump has vowed to press on with his mass deportation drive in Minnesota, with thousands of federal agents deployed to the state.

    Many of them were sent in the aftermath of the fatal shooting of Minneapolis woman, Renée Good, 37, by an ICE agent on 7 January.

    The circumstances surrounding her death remain contested, with the Trump administration saying the ICE agent who shot her acted in self-defence, while local officials argue the woman was attempting to leave and posed no danger. The FBI is investigating the shooting, but officials in Minnesota say they have been denied access to evidence.

    Good’s killing has focused the minds of many members of this community who are determined to reverse Trump’s campaign.

    In her car, Sunshine spots two unmarked vehicles with darkened windows containing ICE agents.

    We follow them to a nearby neighbourhood, where the two cars proceed to drive slowly and repeatedly around the block in circles, in what is seemingly a diversion tactic to take Sunshine away from a shopping centre immigrants often use.

    “This is the game. But if they’re doing this with me, they’re not putting their hands on someone,” she says.

    “So, yes, it’s gas money and it’s my time and I’m okay with that.”

    The week after Good’s death there was a second shooting involving a federal officer in Minneapolis.

    Reuters Demonstrators stand in front of members of U.S. Customs and Border Protection (CBP) and other law enforcement officials, near the Bishop Henry Whipple Federal Building. One man is wearing a red jacket another is wearing a brown jacket opposite a line officials wearing all black and black helmets Reuters

    The Department of Homeland Security (DHS) said an officer shot a man in the leg in Minneapolis after being attacked with a shovel as he tried to make an arrest of a Venezuelan migrant who entered the US illegally.

    After the incident, Homeland Security Secretary Kristi Noem said the agent was “beat up” and “bruised”, adding ICE officers were “following protocols that we have used for years” from before the Trump administration.

    The man’s family has disputed the DHS’ version of events in an interview with the Washington Post, saying he was shot in the doorway and not during a scuffle in the street.

    Minneapolis is the fifth major city to be targeted in Trump’s immigration crackdown after his election pledge for the biggest deportation operation of undocumented migrants in history.

    The campaign, which remains popular with most Republicans and especially Trump’s Make America Great Again (Maga) supporters, has sparked a fierce backlash in the Democrat-led cities where operations are taking place.

    On Saturday, hundreds of demonstrators confronted and chased away a small group attempting to hold a pro-ICE and anti-Islam rally.

    Counter-protesters converged on the event organised by far-right activist Jake Lang, who was pardoned by Trump after being charged with crimes related to the US Capitol riots on 6 January 2021. Lang had vowed to burn a Quran outside City Hall, however it is not clear if he carried out his plan.

    Minnesota is home to the largest community of Somali immigrants in the US, the majority of whom are US citizens. The president has said they should “go back to where they came from” and described the community as “garbage”. He launched the immigration crackdown in December after some Somali immigrants were convicted in a massive fraud of state welfare programmes.

    Minnesota Governor Tim Walz recently said he would end his bid for re-election amid the fraud scandal. But he has accused Trump and his allies of seeking to take advantage of the crisis to play politics.

    Against this backdrop, Trump has threatened to invoke the Insurrection Act, a 19th Century law that allows active-duty military personnel to be deployed for law enforcement within the US, to quell the city’s resistance to his immigration campaign.

    On Friday the Justice Department opened a criminal probe into the Democrats Walz and Minneapolis Mayor Jacob Frey, accusing them of attempting to impede federal immigration operations. Walz said the move was “weaponising the justice system against your opponents”.

    In a post on social media, Trump called protesters in the city “traitors, troublemakers and insurrectionists” and accused them of being “in many cases, highly paid professionals”.

    Reuters An Immigration and Customs Enforcement agent raises a finger moments after detaining a man during an immigration raid, he is standing with his back to the camera and is wearing all black apart from a green vest with the words ICE on it in yellow writing Reuters

    In response to this characterisation, Sunshine says: “I’m definitely not being paid.

    “I think that I’m doing what I’m doing because I love my neighbours and watching them being racially profiled in the streets of our own our city.”

    She adds: “We have to protect one another.”

    Federal agents have been accused of racial profiling by observers, something the Trump administration denies.

    Near a Mexican restaurant, we stop the car and another observer who calls herself Misko gets out of her car, heading towards Sunshine, visibly distressed.

    The two women embrace. Misko is struggling for breath as she recounts what just happened.

    “Just around the corner. Two of them blocked me in, then they came out. [One agent] had an assault rifle. He was pounding on my window,” she says.

    DHS officials did not respond to questions from the BBC about the incident.

    Despite the encounter, Misko later tells me she won’t be deterred. With the president also renewing his threat to send in troops, Minneapolis feels in the grip of a deepening crisis, and no-one seems prepared to slow it down.

    A thin, grey banner promoting the US Politics Unspun newsletter. On the right, there is an image of North America correspondent Anthony Zurcher, wearing a blue suit and shirt and grey tie. Behind him is a visualisation of the Capitol Building on vertical red, grey and blue stripes. The banner reads: "The newsletter that cuts through the noise.”

    Follow the twists and turns of Trump’s second term with North America correspondent Anthony Zurcher’s weekly US Politics Unspun newsletter. Readers in the UK can sign up here. Those outside the UK can sign up here.



    Source link

  • Security Bug in StealC Malware Panel Let Researchers Spy on Threat Actor Operations

    Security Bug in StealC Malware Panel Let Researchers Spy on Threat Actor Operations


    Ravie LakshmananJan 19, 2026Malware / Threat Intelligence

    Cybersecurity researchers have disclosed a cross-site scripting (XSS) vulnerability in the web-based control panel used by operators of the StealC information stealer, allowing them to gather crucial insights on one of the threat actors using the malware in their operations.

    “By exploiting it, we were able to collect system fingerprints, monitor active sessions, and – in a twist that will surprise no one – steal cookies from the very infrastructure designed to steal them,” CyberArk researcher Ari Novick said in a report published last week.

    StealC is an information stealer that first emerged in January 2023 under a malware-as-a-service (MaaS) model, allowing potential customers to leverage YouTube as a primary mechanism – a phenomenon called the YouTube Ghost Network – to distribute the malicious program by disguising it as cracks for popular software.

    Cybersecurity

    Over the past year, the stealer has also been observed being propagated via rogue Blender Foundation files and a social engineering tactic known as FileFix. StealC, in the meantime, received updates of its own, offering Telegram bot integration for sending notifications, enhanced payload delivery, and a redesigned panel. The updated version was codenamed StealC V2.

    Weeks later, the source code for the malware’s administration panel was leaked, providing an opportunity for the research community to identify characteristics of the threat actor’s computers, such as general location indicators and computer hardware details, as well as retrieve active session cookies from their own machines.

    The exact details of the XSS flaw in the panel have not been disclosed to prevent the developers from plugging the hole or enabling any other copycats from using the leaked panel to try to start their own stealer MaaS offerings.

    In general, XSS flaws are a form of client-side injections that allows an attacker to get a susceptible website to execute malicious JavaScript code in the web browser on the victim’s computer when the site is loaded. They arise as a result of not validating and correctly encoding user input, allowing a threat actor to steal cookies, impersonate them, and access sensitive information.

    “Given the core business of the StealC group involves cookie theft, you might expect the StealC developers to be cookie experts and to implement basic cookie security features, such as httpOnly, to prevent researchers from stealing cookies via XSS,” Novick said. “The irony is that an operation built around large-scale cookie theft failed to protect its own session cookies from a textbook attack.”

    CyberArk also shared details of a StealC customer named YouTubeTA (short for “YouTube Threat Actor”), who has extensively used Google’s video sharing platform to distribute the stealer by advertising cracked versions of Adobe Photoshop and Adobe After Effects, amassing over 5,000 logs that contained 390,000 stolen passwords and more than 30 million stolen cookies. Most of the cookies are assessed to be tracking cookies and other non-sensitive cookies.

    It’s suspected that these efforts have enabled the threat actor to seize control of legitimate YouTube accounts and use them to promote cracked software, creating a self-perpetuating propagation mechanism. There is also evidence highlighting the use of ClickFix-like fake CAPTCHA lures to distribute StealC, suggesting they aren’t confined to infections through YouTube.

    Cybersecurity

    Further analysis has determined that the panel enables operators to create multiple users and differentiate between admin users and regular users. In the case of YouTubeTA, the panel has been found to feature only one admin user, who is said to be using an Apple M3 processor-based machine with English and Russian language settings.

    In what can be described as an operational security blunder on the threat actor’s part, their location was exposed around mid-July 2025 when the threat actor forgot to connect to the StealC panel through a virtual private network (VPN). This revealed their real IP address, which was associated with a Ukrainian provider called TRK Cable TV. The findings indicate that YouTubeTA is a lone-wolf actor operating from an Eastern European country where Russian is commonly spoken.

    The research also underscores the impact of the MaaS ecosystem, which empowers threat actors to mount at scale within a short span of time, while inadvertently also exposing them to security risks legitimate businesses deal with.

    “The StealC developers exhibited weaknesses in both their cookie security and panel code quality, allowing us to gather a great deal of data about their customers,” CyberArk said. “If this holds for other threat actors selling malware, researchers and law enforcement alike can leverage similar flaws to gain insights into, and perhaps even reveal the identities of, many malware operators.”



    Source link

  • Footage inside Spanish train as passengers evacuate from crash

    Footage inside Spanish train as passengers evacuate from crash


    A video filmed after a deadly crash involving high-speed trains in southern Spain, shows emergency workers at the scene and a passenger climbing out of a tilted carriage.

    Footage of passengers evacuating carriages has also been captured, with authorities warning that the death toll from the incident could rise.

    The incident occurred near the town of Adamuz, after a high-speed train travelling from Málaga to Madrid derailed and crashed onto a neighbouring track, according to the rail network operator. A second train travelling in the opposite direction also derailed.

    You can follow the latest updates here.



    Source link