Cybersecurity researchers have uncovered a jailbreak technique to bypass ethical guardrails erected by OpenAI in its latest large language model (LLM) GPT-5 and produce illicit instructions.
Generative artificial intelligence (AI) security platform NeuralTrust said it combined a known technique called Echo Chamber with narrative-driven steering to trick the model into producing undesirable

Researchers Uncover GPT-5 Jailbreak and Zero-Click AI Agent Attacks Exposing Cloud and IoT Systems

Plus: Instagram sparks a privacy backlash over its new map feature, hackers steal data from Google's customer support system, and the true scope of the Columbia University hack comes into focus.

This is the week of Black Hat and Defcon, which means a flood of news coming out of the Las Vegas security conferences. As you might expect, artificial intelligence was one popular topic—specifically, using AI chatbots to cause mischief.

One team of researchers, from Tel Aviv University, created a clever attack that allowed them to take over a target’s smart home devices using a “poisoned” Google Calendar invite. It’s the first known attack method that used AI to impact physical devices.

Another researcher used a poisoned document that included a malicious prompt to trick ChatGPT into leaking a user’s private information when it’s connected to a Google Drive.

In non-AI news, an end-to-end encryption algorithm recommended for radio communications used by police and military around the world can be easily cracked, according to new research. The researchers warn that weak implementations of the encryption algorithm could allow eavesdroppers to listen in—or even transmit their own messages.

Speaking of weaknesses, a security researcher found that misconfigured APIs in some streaming platforms used for company meetings and sports livestreams can allow someone to watch the streams without logging in. And a teen hacker discovered that an internet-connected smoke and vape detector in his high school’s bathroom contained microphones—and can be exploited for secret spying.

A leaked trove of data has exposed how teams of suspected North Korean IT scam workers operate, from their meticulous record keeping to the after-work activities—and their near-constant surveillance by people running the schemes.

Finally, in the last of our Black Hat- and Defcon-related news (so far), a pair of security researchers discovered a backdoor in an electronic lock used in at least eight brands of safes, and created a way to open the locks in seconds. They also found another vulnerability that allows them to figure out a safe’s unlock code.

We also took a deep dive into the US military’s slot machine program, spoke with experts who say it’s inevitable that AI will become part of nuclear weapons systems, and revealed a string of break-ins of National Guard armories in Tennessee that experts say is part of a disturbing trend.

And that’s not all. Each week, we round up the security and privacy news we didn’t cover in-depth ourselves. Click the headlines to read the full stories. And stay safe out there.

**Hack of US Court System Exposed Sealed Records, FBI Says**

A previously unreported cyberattack breached the federal judiciary’s electronic case filing system, potentially exposing the identities of confidential informants and compromising sealed court records across multiple US states, Politico reports. The breach was discovered around July 4 and affects the CM/ECF—or “case management/electronic case files”—system used by courts to manage sensitive documents.

Sources told Politico the hack may have impacted criminal dockets, arrest warrants, and sealed indictments, raising concerns that cooperating witnesses could be at risk. The actor behind the intrusion has not been exposed. The Administrative Office of the US Courts and FBI declined to provide Politico with a comment.

In response to recent cyberattacks, the federal judiciary said its been in the process of implementing new safeguards to address the judiciary’s ongoing exposure to “constant and sophisticated” cyber threats.

The incident highlights longstanding warnings that the judiciary’s systems are outdated and vulnerable. A top federal judge told Congress in June that CM/ECF and PACER face “unrelenting security threats” and need urgent replacement.

**Instagram’s New Map Feature Triggers Privacy Backlash**

Instagram’s latest feature—a searchable map showing user-posted content tagged to specific locations—has sparked a wave of privacy concerns, CNBC reports. Rolled out this week, the feature lets users explore photos and videos by browsing a visual map interface.

But users quickly raised alarms about the potential for stalking, harassment, and data misuse, especially for influencers and others posting real-time content from identifiable locations. “Instagram randomly updating their app to include a maps feature without actually alerting people is so incredibly dangerous to anyone who has a restraining order and actively making sure their abuser can’t stalk their location online,” one viral post warned.

Instagram said the feature only shows content from public accounts and reiterated that users can turn off location tagging. Still, the backlash echoes broader concerns about how tech platforms rapidly aggregate and expose personal data in ways that outpace users’ expectations and consent.

**Hackers Breached Google’s Salesforce Database, Stole Customer Data**

Hackers stole data from Google’s customer support system in a breach linked to a compromised Salesforce account, TechCrunch reports. The intrusion, disclosed Wednesday, affected an undisclosed number of Google customers and involved unauthorized access to data such as contact details and “related notes for small and medium-sized businesses.”

The attackers reportedly targeted the data through Salesforce cloud systems. Google’s Threat Intelligence Group pinned the attack on ShinyHunters, a hacking group known for targeting large companies’ cloud-based databases, including Salesforce systems.

The breach affecting Google follows similar attacks on Cisco, Qantas, and Pandora, where attackers used voice phishing to trick employees into granting access. Google says the group may be preparing a leak site to extort victims and is linked to other cybercriminal collectives like The Com, which has a history of hacking and extortion.

**Columbia University Hack Exposed Data of 870,000 People**

A cyberattack on Columbia University compromised the personal information of nearly 870,000 individuals, including students, applicants, and possibly staff, Bloomberg reports. The stolen data includes contact information, academic records, financial aid details, and some health and insurance information, according to draft letters, intended for victims, obtained by the news outlet.

The breach, which dates back to mid-May, was only publicly acknowledged after Columbia filed reports with state attorneys general in California and Maine. A university official previously claimed the perpetrator was politically motivated. The school claims it has implemented new safeguards and continues to notify affected individuals.

The incident preceded a campus-wide IT outage in June. The school reportedly suspected a potential cyberattack at the time.

The US Court Records System Has Been Hacked

At the Defcon security conference in Las Vegas on Friday, Nakasone tried to thread the needle in a politically fraught moment while hinting at major changes for the tech community around the corner.

The Trump administration's radical changes to United States fiscal policy, foreign relations, and global strategy—combined with mass firings across the federal government—have created uncertainty around US cybersecurity priorities that was on display this week at two of the country's most prominent digital security conferences in Las Vegas. “We are not retreating, we're advancing in a new direction,” Cybersecurity and Infrastructure Security Agency chief information officer Robert Costello said on Thursday during a critical infrastructure defense panel at Black Hat.

As in other parts of the federal government, the Trump administration has been combing intelligence and cybersecurity agencies to remove officials seen as disloyal to its agenda. Alongside these shifts, the White House has also been hostile to former US cybersecurity officials. In April, for example, Trump specifically directed all departments and agencies to revoke the security clearance of former CISA director Chris Krebs. And last week, following criticism from far-right activist Laura Loomer, the secretary of the Army rescinded an academic appointment that former CISA director Jen Easterly had been scheduled to fill at West Point. Amid all of this, former US National Security Agency and Cyber Command chief Paul Nakasone spoke with Defcon founder Jeff Moss in an onstage discussion on Friday, focusing on AI, cybercrime, and the importance of partnerships in digital defense.

“I think we've entered a space now in the world where technology has become political and basically every one of us is conflicted,” Moss said at the beginning of the discussion. Nakasone, who is on the board of OpenAI, agreed, citing Trump's January launch of the “Stargate” AI infrastructure initiative flanked by Oracle's Larry Ellison, SoftBank's Masayoshi Son, and OpenAI's Sam Altman. “And then two days later, just by chance, \[the Chinese generative AI platform\] DeepSeek came out,” Nakasone deadpanned. “Amazing.”

Nakasone also reflected on demographic differences between the US federal government and the tech sector.

“When I was the director of NSA and commander of US Cyber Command, every single quarter I would go to the Bay or I'd go to Texas or Boston or other places to see technology,” he said. “And every place that I went to, I was twice the age of the people that talked to me. And then when I came back to DC and I sat at the table, I was one of the younger people there. OK, that's a problem. That's a problem for our nation.”

Throughout the discussion, Nakasone largely geared his remarks toward efforts to counter traditional US rivals and adversaries, including China, Iran, North Korea, and Russia, as well as specific digital threats.

“Why aren't we thinking differently about ransomware, which I think right now is among the great scourges that we have in our country,” he said. “We are not making progress against ransomware.”

At times, though, Moss attempted to steer the conversation toward geopolitical changes and conflicts around the world that are fueling uncertainty and fear.

“How do you be neutral in this environment? Can you be neutral? Or is the world's environment since last year, Ukraine, Israel, Russia, Iran, just take your pick, America—how does anybody remain neutral?" Moss asked at the beginning of the conversation. Later he added, “I think because I'm so stressed out by the chaos of the situation, I'm trying to feel how do I get control?”

Referencing these remarks and comments Moss had made about turning to open source software platforms as a community-building alternative to multinational tech companies, Nakasone hinted at Moss' notion that the world and its entering a precarious state of flux.

“This is going to be an interesting storyline that we play out through ‘25 and ’26. When we come back \[to Defcon\] next year to have this discussion, will we still be able to have this sense of, oh, we're truly neutral? I sense not. I think it's going to be very, very difficult.”

Ex-NSA Chief Paul Nakasone Has a Warning for the Tech World

Security researchers found two techniques to crack at least eight brands of electronic safes—used to secure everything from guns to narcotics—that are sold with Securam Prologic locks.

About two years ago, security researchers James Rowley and Mark Omo got curious about a scandal in the world of electronic safes: Liberty Safe, which markets itself as “America’s #1 heavy-duty home and gun safe manufacturer,” had apparently given the FBI a code that allowed agents to open a criminal suspect's safe in response to a warrant related to the January 6, 2021, invasion of the US Capitol building.

Politics aside, Rowley and Omo were taken aback to read that it was so easy for law enforcement to penetrate a locked metal box—not even an internet-connected device—that no one but the owner ought to have the code to open. “How is it possible that there's this physical security product, and somebody else has the keys to the kingdom?” Omo asks.

So they decided to try to figure out how that backdoor worked. In the process, they'd find something far bigger: another form of backdoor intended to let authorized locksmiths open not just Liberty Safe devices, but the high-security Securam Prologic locks used in many of Liberty’s safes and those of at least seven other brands. More alarmingly, they discovered a way for a hacker to exploit that backdoor—intended to be accessible only with the manufacturer's help—to open a safe on their own in seconds. In the midst of their research, they also found _another_ security vulnerability in many newer versions of Securam's locks that would allow a digital safecracker to insert a tool into a hidden port in the lock and instantly obtain a safe’s unlock code.

Security researchers James Rowley and Mark Omo.Photograph: Ronda Churchill

At the Defcon hacker conference in Las Vegas today, Omo and Rowley made their findings public for the first time, demonstrating onstage their two distinct methods for opening electronic safes sold with Securam ProLogic locks, which are used to protect everything from personal firearms to cash in retail stores to narcotics in pharmacies.

While both their techniques represent glaring security vulnerabilities, Omo says it's the one that exploits a feature intended as a legitimate unlock method for locksmiths that's the more widespread and dangerous. “This attack is something where, if you had a safe with this kind of lock, I could literally pull up the code right now with no specialized hardware, nothing,” Omo says. “All of a sudden, based on our testing, it seems like people can get into almost any Securam Prologic lock in the world.”

Omo and Rowley demonstrate both their safecracking methods in the two videos below, which show them performing the techniques on their own custom-made safe with a standard, unaltered Securam ProLogic lock:

**Security Update? No, Buy a New Lock**

Omo and Rowley say they informed Securam about both their safe-opening techniques in spring of last year, but have until now kept their existence secret because of legal threats from the company. “We will refer this matter to our counsel for trade libel if you choose the route of public announcement or disclosure,” a Securam representative wrote to the two researchers ahead of last year's Defcon, where they first planned to present their research.

Only after obtaining pro bono legal representation from the Electronic Frontier Foundation's Coders’ Rights Project did the pair decide to follow through with their plan to speak about Securam's vulnerabilities at Defcon. Omo and Rowley say they're even now being careful not to disclose enough technical detail to help others replicate their techniques, while still trying to offer a warning to safe owners about two different vulnerabilities that exist in many of their devices.

When WIRED reached out to Securam for comment, the company’s CEO, Chunlei Zhou, responded in a statement. “The specific ‘vulnerabilities’ alleged by Omo and Rowley are already well known to industry professionals and in fact, also affect other safe lock providers that use similar chips,” Zhou writes. “Delivering any attack based on these vulnerabilities does require specialized knowledge, skills, and equipment, and we have no record of any customer that has ever had even a single safe lock defeated through a use of this attack.”

Zhou’s statement goes on to point to other ways safes’ locks can be opened from drilling and cutting to the use of a locksmith device called a Little Black Box that exploits vulnerabilities in some brands of electronic safe locks.

Omo and Rowley respond that the vulnerabilities they found were not previously known to the public; one of the two does not require _any_ special equipment, despite Zhou’s claim; and none of the other techniques Zhou mentions represents as serious a security flaw as their findings about the Securam ProLogic locks. The brute-force safecracking methods Zhou points to, like cutting and drilling are far slower and less stealthy—or, like the Little Black Box, are available only to locksmiths and haven’t been publicly shown to be exploitable by unauthorized hackers.

Zhou added in his statement that Securam will be fixing the vulnerabilities Omo and Rowley found in future models of the ProLogic lock. “Customer security is our priority and we have begun the process of creating next-generation products to thwart these potential attacks,” he writes. “We expect to have new locks on the market by the end of the year.”

Photograph: Ronda Churchill

In a followup call, Securam director of sales Jeremy Brookes confirmed that Securam has no plan to fix the vulnerability in locks already in use on customers’ safes, but suggests safe owners who are concerned buy a new lock and replace the one on their safe. “We’re not going to be offering a firmware package that upgrades it,” Brookes says. “We’re going to offer them a new product.”

Brookes adds that he believes Omo and Rowley are “singling out” Securam with the intention of “discrediting” the company.

Omo responds that’s not at all their intent. “We’re trying to make the public aware of the vulnerabilities in one of the most popular safe locks on the market,” he says.

**A Senator’s Warning**

Beyond Liberty Safe, Securam ProLogic locks are used by a wide variety of safe manufacturers including Fort Knox, High Noble, FireKing, Tracker, ProSteel, Rhino Metals, Sun Welding, Corporate Safe Specialists, and pharmacy safe companies Cennox and NarcSafe, according to Omo and Rowley’s research. The locks can also be found on safes used by CVS for storing narcotics and by multiple US restaurant chains for storing cash.

Rowley and Omo aren't the first to raise concerns about the security of Securam locks. In March of last year, US senator Ron Wyden wrote an open letter to Michael Casey, then director of the National Counterintelligence and Security Center, urging Casey to make clear to American businesses that safe locks made by Securam, which is owned by a Chinese parent company, have a manufacturer reset capability. That capability, Wyden wrote, could be used as a backdoor—a risk that had already led to Securam locks being prohibited for US government use like all other locks with a manufacturer reset, even as they're widely used by private US companies.

In response to learning about Rowley and Omo’s research, Wyden wrote in a statement to WIRED that the researchers’ findings represent exactly the risk of a backdoor—whether in safes or in encryption software—that he’s tried to call attention to.

“Experts have warned for years that backdoors will be exploited by our adversaries, yet instead of acting on my warnings and those of security experts, the government has left the American public vulnerable,” Wyden writes. “This is exactly why Congress must reject calls for new backdoors in encryption technology and fight all efforts by other governments, such as the UK, to force US companies to weaken their encryption to facilitate government surveillance.”

**ResetHeist**

Rowley and Omo’s research began with that same concern, that a largely undisclosed unlocking method in safes might represent a broader security risk. They initially went searching for the mechanism behind the Liberty Safe backdoor that had caused a backlash against the company in 2023, and found a relatively straightforward answer: Liberty Safe keeps a reset code for every safe and, in some cases, makes it available to US law enforcement.

Liberty Safe has since written on its website that it now requires a subpoena, a court order, or other compulsory legal process to hand over that master code, and will also delete its copy of the code at a safe owner’s request.

Rowley and Omo planned to reveal the existence of Securam’s vulnerabilities more than a year ago, but held off until now due to the company’s legal threats.Photograph: Ronda Churchill

Rowley and Omo didn't find any security flaw that would allow them to abuse that particular law-enforcement-friendly backdoor. When they started examining the Securam ProLogic lock, however, their research on the higher-end version of the two kinds of Securam lock used on Liberty Safe products revealed something more intriguing. The locks have a reset method documented in their manual, intended in theory for use by locksmiths helping safe owners who have forgotten their unlock code.

Enter a “recovery code” into the lock—set to “999999” by default—and it uses that value, another number stored in the lock called an encryption code, and a third, random variable to compute a code that's displayed on the screen. An authorized locksmith can then read that code to a Securam representative over the phone, who then uses that value and a secret algorithm to compute a reset code the locksmith can enter into the keypad to set a new unlock combination.

Omo and Rowley found that by analyzing the Securam ProLogic's firmware, however, they could find everything they needed to compute that reset code themselves. “There's no hardware security to speak of,” says Rowley. “So we could reverse engineer the whole secret algorithm just by reading the firmware that's in the lock.” The resulting safecracking method requires little more than punching a few numbers into a Python script they wrote. They call the technique ResetHeist.

The researchers note that safe owners can prevent this ResetHeist technique by changing their lock's recovery code or its encryption code. But Securam doesn't recommend that safeguard in any user documentation the researchers could find online, only in a manual for some manufacturers and locksmiths. In another Securam webinar Omo and Rowley found, Securam notes that you can change the codes, but that it’s not necessary, and that the codes are “usually never” changed. In every lock the researchers tested, including about a handful they bought used from eBay, the codes hadn't been changed. “We have not bought a lock on which the recovery method didn't work,” Omo says.

**CodeSnatch**

The second technique the researchers developed, which they call CodeSnatch, is more straightforward. By removing the battery from a Securam ProLogic lock and inserting a small handheld tool they made with a Raspberry Pi minicomputer into an exposed debug port inside, they can extract a “super code” combination from the lock that's displayed on their tool's screen and can be used to immediately open the lock.

The researchers found that CodeSnatch trick by reverse engineering the Renesas chip that serves as the lock's main processor. That task was made far easier by the work of a group called fail0verflow, which had published their analysis of the same Renesas chip as part of their efforts to crack the PlayStation 4, which also uses that processor. Omo and Rowley built their tool to reprogram the chip's firmware to dump all of its information via the debug port—including the encrypted “super code” and the key, also stored on the chip, that decrypts it. “It's really not that challenging,” says Rowley. “Our little tool does that, and then it tells you what the super code is.”

Gaining access to the lock's code via its debug port does require inputting a password. But Omo and Rowley say that password was absurdly simple, and they successfully guessed it. They found that in one newer Securam ProLogic lock manufactured in March of this year, Securam had changed the password, but they were able to learn it again by using a “voltage glitching” technique: By soldering a switch to the voltage regulator on the chip, they could mess with its electrical voltage at the exact moment it performed the password check to bypass that check and then dump the chip's contents—including the new password.

Photograph: Ronda Churchill

In addition to Securam, WIRED reached out to 10 safe manufacturers that appear to use Securam ProLogic locks on their safes, as well as CVS. Most didn’t respond, but a spokesperson for High Noble Safe Company wrote in a statement that WIRED’s inquiry was the first it was learning of Securam’s vulnerabilities, and that it’s now reviewing the security of the locks used by its product line and preparing guidance for customers including “additional physical security measures or potential replacement options.”

A Liberty Safe representative similarly noted the company wasn’t previously aware of Securam’s vulnerabilities. “We are currently investigating this issue with SecuRam and will do whatever it takes to protect our customers,” a statement from the spokesperson reads, “including validating other potential lock suppliers and developing a new proprietary lock system.”

A CVS spokesperson declined to comment on “specific security protocols or devices,” but wrote that “the safety of our employees and patients is a top priority and we are committed to maintaining the highest physical security standards.”

**“Safes That Aren’t Safe”**

Rowley and Omo say that patching Securam Locks' security flaws is possible—their own CodeSnatch tool, in fact, could itself be used to update the locks' firmware. But any such fix would have to be implemented manually, lock by lock, a slow and expensive process.

Although Omo and Rowley aren't releasing the full technical details or any proof-of-concept code for their techniques, they warn that others with less benevolent intentions could still figure out how to replicate their safecracking tricks. “If you have the hardware and you're skilled in the art, this would be roughly a one-week thing,” Omo says.

He and Rowley decided to go public with their research despite that risk to make safe owners aware that their locked metal boxes may not be as secure as they think. More broadly, Omo says that they wanted to call attention to the wide gaps in US cybersecurity standards for consumer products. Securam locks are certified by Underwriters Laboratory, he points out—yet suffered from critical security flaws that will be tough to fix. (Underwriters Laboratory did not immediately respond to WIRED’s request for comment.)

In the meantime, they say, safe owners should at least know about their safes' flaws—and not rely on a false sense of security.

“We want Securam to fix this, but more importantly we want people to know how bad this can be,” Omo says. “Electronic locks have electronics inside. And electronics are hard to secure.”

Hackers Went Looking for a Backdoor in High-Security Safes—and Now Can Open Them in Seconds

A security researcher discovered that flawed API configurations are plaguing corporate livestreaming platforms, potentially exposing internal company meetings—and he's releasing a tool to find them.

Top streaming services like Netflix and Disney+ have made sustained investments over the years to lock their content down. Whenever they can, they prevent users from accessing videos without a subscription or watching region-blocked content. New findings presented today at the Defcon security conference in Las Vegas, though, indicate that streaming platforms used for things like internal corporate broadcasts and sports livestreams can contain basic design flaws that allow anyone to access a vast swath of content without logging in.

Independent researcher Farzan Karimi first realized years ago that misconfigurations in application programming interfaces, or APIs, exposed streaming content to unauthorized access. In 2020 he disclosed a set of such flaws to Vimeo that could have allowed him to access close to 2,000 internal company meetings along with other types of livestreams. The company quickly fixed the issue at the time, but the finding left Karimi with concerns that similar problems could be lurking in other platforms.

Years later, he realized that by refining a technique for mapping how APIs retrieve data and interact, he could look for other vulnerable platforms. At Defcon, Karimi is presenting findings about current exposures in one mainstream sports streaming platform—he is not naming the site because the issues are not yet resolved—and releasing a tool to help others identify the problem in additional sites.

“For a company all hands or other sensitive meeting, there might be key internal information being shared—CEOs or other executives talking about layoffs or sensitive intellectual property,” Karimi told WIRED ahead of his conference talk. “You can see a bad pattern emerge in how easily you can circumvent authentication to access streams, but this class of issue was previously dismissed as requiring deep knowledge of a given business to identify.”

APIs are services that fetch and return data to whoever requests it. Karimi gives the example that you can search for the movie _Fight Club_ on a streaming platform, and the stream for the movie may come back with information about the length of the movie, trailers, actors in the movie, and other metadata. Multiple APIs work together to assemble all of this information with each fetching certain types of data. Similarly, if you search for Brad Pitt, a set of APIs will interact to deliver _Fight Club_ along with other movies he's starred in like _Troy_ and _Seven_. Some of these APIs are designed to require proof of authentication before they will return results, but if a system hasn't been scrutinized deeply, it is common for other APIs to blindly return data without requiring proof of authorization on the assumption that only an authenticated requestor will be in a position to send queries.

“Often there are basically four, five, some number of APIs that have all this metadata, and if you know how to trace through them, you can unlock paywalled content for free,” Karimi says. “It's a ‘security through obscurity’ model where they would never think that someone would be able to manually connect the dots between these APIs. The automation I’m introducing, though, helps find these authorization flaws quickly at scale.”

Karimi emphasizes that top streaming services are largely locked down and either corrected such API misconfigurations long ago or avoided them from the start. But he emphasizes that more utilitarian platforms for corporate streaming and other live events—including always-on cameras in sports arenas and other venues that are meant to only be accessible at certain times—are likely vulnerable and exposing video that is thought to be protected.

A Misconfiguration That Haunts Corporate Streaming Platforms Could Expose Sensitive Data

Cybersecurity researchers are drawing attention to a new campaign that's using legitimate generative artificial intelligence (AI)-powered website building tools like DeepSite AI and BlackBox AI to create replica phishing pages mimicking Brazilian government agencies as part of a financially motivated campaign.
The activity involves the creation of lookalike sites imitating Brazil's State

AI Tools Fuel Brazilian Phishing Scam While Efimer Trojan Steals Crypto from 5,000 Victims

A pair of hackers found that a vape detector often found in high school bathrooms contained microphones—and security weaknesses that could allow someone to turn it into a secret listening device.

A pair of hackers found that a vape detector often found in high school bathrooms contained microphones—and security weaknesses that could allow someone to turn it into a secret listening device.

Photograph: Ronda Churchill

A couple of years ago, a curious, then-16-year-old hacker named Reynaldo Vasquez-Garcia was on his laptop at his Portland-area high school, seeing what computer systems he could connect to via the Wi-Fi—“using the school network as a lab,” as he puts it—when he spotted a handful of mysterious devices with the identifier “IPVideo Corporation.”

After a closer look and some googling, Garcia figured out that a company by that name was a subsidiary of Motorola, and the devices he’d found in his school seemed to be something called the Halo 3C, a “smart” smoke and vape detection gadget. “They look just like smoke detectors, but they have a whole bunch of features like sensors and stuff,” Garcia says.

As he read more, he was intrigued to learn that the Halo 3C goes beyond detecting smoke and vaping—including a distinct feature for discerning THC vaping in particular. It also has a microphone for listening out for “aggression,” gunshots, and keywords such as someone calling for help, a feature that to Vasquez-Garcia immediately raised concerns of more intrusive surveillance.

Now, after months of reverse engineering and security testing, Vasquez-Garcia and a fellow hacker he’s partnered with who goes by the pseudonym “Nyx,” have shown that it’s possible to hack one of those Halo 3C gadgets—which they’ve taken to calling by the nickname “snitch puck”—and take full control of it.

Reynaldo Vasquez-Garcia and Nyx in Las Vegas, NV on August 8, 2025.Photograph: Ronda Churchill

At the Defcon hacker conference today, they plan to show that by exploiting just a few relatively simple security vulnerabilities, any hacker on the same network could have hijacked a Halo 3C to turn it into a real-time audio eavesdropping bug, disabled its detection capabilities, created fake alerts for vaping or gunshots, or even played whatever sound or audio they chose out of the device’s speaker. Motorola said it has since developed a firmware update to address those security flaws that will automatically push to cloud-connected devices by Friday.

Many of the hackers’ tricks are on display in a video demo below, which the Vasquez-Garcia and Nyx made ahead of their Defcon presentation:

The Halo 3C’s vulnerabilities would have potentially allowed a teen hacker on a school network to take control of a Halo 3C for epic mischief or abuse. The sensor’s capabilities also ignite fears that school administrators or even police could have done the same to eavesdrop on unsuspecting students in a school bathroom. Schools are increasingly subject to all sorts of surveillance technology, from AI-powered weapons detectors, to “face analytics” cameras, to keystroke loggers on student computers.

One concern of the researchers is that technology like the Halo 3C could be turned against a student speaking about seeking an abortion, for instance. In marketing material, Motorola says the Halo 3C sensor “is ideal for observing health and safety in privacy-concern areas, such as restrooms and changing facilities, where video and audio recording is not permitted.” (Motorola said that the sensor is programmed with wake words, such as “Help, 911,” and does not record or stream audio.)

“To the credit of the company, the microphones sound great,” says Nyx. “From up on the ceiling, you could totally listen to what somebody was saying, and we’ve made this happen.”

Photograph: Ronda Churchill

Motorola told the hackers in an email that it has worked on a new firmware update that should fix the vulnerabilities. But the hackers argue that doesn’t, and can’t, address the underlying concern: that a gadget loaded with hidden microphones is installed in schools around the country. Motorola also advertises its Halo sensors for use in public housing—including inside residents’ homes—according to marketing material.

“The unfortunate reality is there's a microphone connected to a computer that's connected to the network,” says Nyx. “And there's no software patching that will make that not possible to use as a listening device.”

Motorola pitches the Halo 3C as an “all-in-one intelligent security device” in its marketing material. Its notifications “enable security teams at schools, hospitals, retail stores and more to respond to potentially critical events faster, helping to establish a safer environment,” it says.

A disassembled Halo 3C smoke and vape detector found to include microphones.

Courtesy of Reynaldo Vasquez-Garcia and Nyx

After Vasquez-Garcia got curious about the Halo 3C two years ago, he and Nyx—an older hacker he met at his local hackerspace—bought one on eBay and took it apart. Their physical teardown revealed the Halo 3C is essentially a Raspberry Pi micro computer with a bunch of sensors attached, including one for temperature or humidity, an accelerometer, and others for air quality that detect different gases. One feature jumped out: a couple of microphones.

“Seeing this device is getting put into buildings and having microphones in it,” says Nyx, “it’s kind of a huge red flag.”

To hack the Halo 3C, they found that if they could connect to one over the network it was installed on, they could brute-force guess its password with virtually no rate limitations due to a flaw in how it tried to throttle those guesses. “It’s trivially possible to guess passwords as quickly as the thing can respond to you,” says Nyx. That meant they could guess roughly 3,000 passwords a minute, and crack any insufficiently complex password relatively quickly.

Once they had administrator access to a Halo 3C, they found they could update its firmware to whatever they chose: Despite its security measures that attempted to require those firmware updates to be encrypted with a certain cryptographic key, that key was in fact included in firmware updates available on the Halo’s website. “They're handing you a locked box where the key is taped to the underside,” Nyx says. “As long as you know to look down there, you can open it up.”

Photograph: Ronda Churchill

A Motorola Solutions spokesperson said in a statement: “Motorola Solutions designs, develops and deploys our products to prioritize data security and protect the confidentiality, integrity and availability of data. A firmware update is available, and we are working with our customers and channel partners to deploy the update together with our additional recommendations and industry best practices for security.”

Marketing material available online says the Halo 3C uses a “Dynamic Vape Detection algorithm” which can sense nicotine, THC, and when someone is trying to mask their vaping with aerosols. Halo can also “alert security teams to motion after hours” and includes a “spoken keyword feature.”

Photograph: Ronda Churchill

“The HALO Smart Sensor can detect specific spoken keywords that immediately alert security to a potential issue. Pre-defined keywords like ‘help’ are particularly valuable in environments such as schools, where bullying is a concern, or for teachers in need of assistance, as well as nurses and hospital patients,” the marketing material adds. Another section says the sensors can be used to detect “bullying or aggression” in schools.

The marketing material also says Halo sensors have been used in public housing units in New York. “The sensors helped SSHA \[the Saratoga Springs Housing Authority\] reduce risks, enforce nonsmoking rules, and protect vulnerable residents, with plans for further installations across the housing authority,” it says.

Nyx argues that the notion of requiring public housing residents to keep a hackable device that can become an audio eavesdropping tool in their apartment may represent the most disturbing application of the Halo 3C. “That kind of took it up a notch as far as how egregious this entire product line is,” Nyx says. “Most people have an expectation that their home isn’t bugged, right?”

As sensors like the Halo 3C proliferate across schools and even homes, Vasquez-Garcia says the biggest takeaway from his and Nyx’s findings ought to be that putting microphones and internet connections into every device in our lives as simple as a smoke detector is a decision that carries real risk. “If people remember one thing from this, it should be: Don’t blindly trust every internet of things device just because it claims to be for safety,” Vasquez-Garcia says. “The real issue is trust. The more we accept devices that say 'not recording' at face value, the more we normalize surveillance without really knowing what's inside or bothering to question it.”

Andy Greenberg is a senior writer for WIRED covering hacking, cybersecurity, and surveillance. He’s the author of the books _Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency_ and _Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers_. His books ... Read More

Joseph Cox is an award-winning investigative journalist focused on generating impact. His work has triggered hundreds of millions of dollars worth of fines, shut down tech companies, and much more. ... Read More

It Looks Like a School Bathroom Smoke Detector. A Teen Hacker Showed It Could Be an Audio Bug

Spreadsheets, Slack messages, and files linked to an alleged group of North Korean IT workers expose their meticulous job-planning and targeting—and the constant surveillance they're under.

Job hunting is a fresh kind of hell. Hours are wasted sifting through open roles, tweaking cover letters, dealing with obtuse recruiters—and that’s all before you get started with potential interviews. Arguably, some of the world’s most prolific job applicants—or at least most persistent—are those of North Korea’s sprawling IT worker schemes. For years, Kim Jong Un’s repressive regime has successfully sent skilled coders abroad where they’re tasked with finding remote work and sending money back to the heavily sanctioned and isolated nation. Each year, thousands of IT workers bring in somewhere between $250 million and $600 million, according to United Nations estimates.

Now an apparent huge new trove of data, obtained by a cybersecurity researcher, sheds new light on how one group of alleged North Korean IT workers has been running its operations and the meticulous planning involved in the money-making schemes. Money made by scam IT workers contributes to North Korea’s weapons of mass destruction development efforts and ballistic missile programs, the US government has said. Emails, spreadsheets, documents, and chat messages from Google, Github, and Slack accounts allegedly linked to the alleged North Korean scammers show how they track potential jobs, log their ongoing applications, and record earnings with a painstaking attention to detail.

The cache of data, which represents a glimpse into the workaday life of some of North Korea’s IT workers, also purportedly includes fake IDs that may be used for job applications, as well as example cover letters, details of laptop farms, and manuals used to create online accounts. It reinforces how reliant upon US-based tech services, such as Google, Slack, and GitHub, the DPRK workers are.

“I think this is the first time to see their internal \[operations\], how they are working,” says the security researcher, who uses the handle SttyK and asked not to be named due to privacy and security concerns. SttyK, who is presenting their findings at the Black Hat security conference in Las Vegas today, says an unnamed confidential source provided them with the data from the online accounts. “There are several dozen gigabytes worth of data. There are thousands of emails,” says SttyK, who showed WIRED their presentation ahead of the conference.

North Korea’s IT workers have, in recent years, infiltrated huge Fortune 500 companies, a host of tech and crypto firms, and countless small businesses. While not all IT worker teams use the same approaches, they often use fake or stolen identities to get work and also use facilitators who help cover their digital tracks. The IT workers are often based in Russia or China and are given more freedom and liberties—they’ve been seen enjoying pool parties and dining out on expensive steak dinners—than millions of North Koreans who are not afforded basic human rights. One North Korean defector who operated as an IT worker recently told the BBC that 85 percent of their ill-gained earnings were sent to North Korea. “It’s still much better than when we were in North Korea,” they said.

Multiple screenshots of spreadsheets in the data obtained by SttyK show a cluster of IT workers that appear to be split into 12 groups—each with around a dozen members—and an overall “master boss.” The spreadsheets are methodologically put together to track jobs and budgets: They have summary and analysis tabs that drill down into the data for each group. Rows and columns are neatly filled out; they appear to be updated and maintained regularly.

The tables show the potential target jobs for IT workers. One sheet, which seemingly includes daily updates, lists job descriptions (“need a new react and web3 developer”), the companies advertising them, and their locations. It also links to the vacancies on freelance websites or contact details for those conducting the hiring. One “status” column says whether they are “waiting” or if there has been “contact.”

Screenshots of one spreadsheet seen by WIRED appears to list the potential real-world names of the IT workers themselves. Alongside each name is a register of the make and model of computer they allegedly have, as well as monitors, hard drives, and serial numbers for each device. The “master boss,” who does not have a name listed, is apparently using a 34-inch monitor and two 500GB hard drives.

One “analysis” page in the data seen by SttyK, the security researcher, shows a list of types of work the group of fraudsters are involved in: AI, blockchain, web scraping, bot development, mobile app and web development, trading, CMS development, desktop app development, and “others.” Each category has a potential budget listed and a “total paid” field. A dozen graphs in one spreadsheet claim to track how much they have been paid, the most lucrative regions to make money from, and whether getting paid weekly, monthly, or as a fixed sum is the most successful.

“It’s professionally run,” says Michael “Barni” Barnhart, a leading North Korean hacking and threat researcher who works for insider threat security firm DTEX. “Everyone has to make their quotas. Everything needs to be jotted down. Everything needs to be noted,” he says. The researcher adds that he has seen similar levels of record keeping with North Korea’s sophisticated hacking groups, which have stolen billions in cryptocurrency in recent years, and are largely separate to IT worker schemes. Barnhart has viewed the data obtained by SttyK and says it overlaps with what he and other researchers were tracking.

“I do think this data is very real,” says Evan Gordenker, a consulting senior manager at the Unit 42 threat intelligence team of cybersecurity company Palo Alto Networks, who has also seen the data SttyK obtained. Gordenker says the firm had been tracking multiple accounts in the data and that one of the prominent GitHub accounts was previously exposing the IT workers’ files publicly. None of the DPRK-linked email addresses responded to WIRED’s requests for comment.

GitHub removed three developer accounts after WIRED got in touch, with Raj Laud, the company’s head of cybersecurity and online safety, saying they have been suspended in line with its “spam and inauthentic activity” rules. “The prevalence of such nation-state threat activity is an industry-wide challenge and a complex issue that we take seriously,” Laud says.

Google declined to comment on specific accounts WIRED provided, citing policies around account privacy and security. “We have processes and policies in place to detect these operations and report them to law enforcement,” says Mike Sinno, director of detection and response at Google. “These processes include taking action against fraudulent activity, proactively notifying targeted organizations, and working with public and private partnerships to share threat intelligence that strengthens defenses against these campaigns.”

“We have strict policies in place that prohibit the use of Slack by sanctioned individuals or entities, and we take swift action when we identify activity that violates these rules,” says Allen Tsai, senior director of corporate communications at Slack’s parent company Salesforce. “We cooperate with law enforcement and relevant authorities as required by law and do not comment on specific accounts or ongoing investigations.”

Another spreadsheet also lists members as being part of a “unit” called “KUT,” a potential abbreviation of North Korea’s Kim Chaek University of Technology, which has been cited in US government warnings about DPRK-linked IT workers. One column in the spreadsheet also lists “ownership” as “Ryonbong,” likely referring to defense company Korea Ryonbong General Corporation, which has been sanctioned by the US since 2005 and UN since 2009. “The vast majority of them \[IT workers\] are subordinate to and working on behalf of entities directly involved in the DPRK’s UN-prohibited WMD and ballistic missile programs, as well as its advanced conventional weapons development and trade sectors,” the US Treasury Department said in a May 2022 report.

Across the myriad of IT worker-linked GitHub and LinkedIn accounts, CVs, and portfolio websites that researchers have identified in recent years, there are often distinct patterns. Email addresses and accounts use the same names; CVs can look identical. “Reusing resume content is also something that we’ve seen frequently across their profiles,” says Benjamin Racenberg, a senior researcher who has tracked North Korean IT worker personas at cybersecurity firm Nisos. Racenberg says the scammers are increasingly adopting AI for image manipulation, video calls, and as part of scripts they use. “For portfolio websites, we’ve seen them use templates and use the same template over and over again,” Racenberg says.

That all points to some day-to-day drudgery for the IT workers tasked with running the criminal schemes for the Kim regime. “It’s a lot of copy and paste,” Unit 42’s Gordenker says. One suspected IT worker Gordenker has tracked was spotted using 119 identities. “He Googles Japanese name generators—spelled wrong of course—and then over the course of about four hours, just fills out spreadsheets just full of names and potential places \[to target\].”

The detailed documentation also serves another purpose, though: tracking the IT workers and their actions. “There’s a lot of moving parts once the money gets into the actual hands of leadership, so they're going to need accurate numbers,” DTEX’s Barnhart says. Employee monitoring software has been seen on the scammers’ machines in some instances and researchers claim North Koreans in job interviews won’t answer questions about Kim.

SttyK says they saw dozens of screen recordings in Slack channels showing the workers daily activity. In screenshots of a Slack instance, the “Boss” account sends a message: “@channel: Everyone should try to work more than at least 14 hrs a day.” The next message they sent says: “This time track includes idling time, as you know.”

“Interestingly, their communication has been all English, not Korean,” SttyK says. The researcher, along with others, speculates this may be for a couple of reasons: first, to blend into legitimate activity; and secondly, to help improve their English skills for applications and interviews. Google account data, SttyK says, shows they were frequently using online translation to process messages.

Beyond a glimpse at the ways in which the IT workers track their performance, the data SttyK obtained gives some limited clues about the day-to-day lives of the individual scammers themselves. One spreadsheet lists a volleyball tournament the IT workers apparently had planned; in Slack channels, they celebrated birthdays and shared inspirational memes from a popular Instagram account. In some screen recordings, SttyK says, they can be seen playing _Counter-Strike_. “I felt there was a strong unity among the members,” SttyK says.

Leak Reveals the Workaday Lives of North Korean IT Scammers

We found a host of blogspot pages involved in a malware campaign to promote their own content by using a LikeJack Trojan.

As the use of age verification to access adult websites increases in various countries around the world, shady websites with adult content have started a timely malware-fueled campaign to promote links to their own websites.

During our daily rounds on Facebook, looking for the latest scams, we noticed something odd about some posts pointing to adult websites. We found that several of the sites promoted in this way were hosted on blogspot\[.\]com, and that these sites linked to other similar sites.

Here’s one example:

Most of these sites promise the visitor explicit pictures of celebrities, most of which will undoubtedly turn out to be generated by Artificial Intelligence (AI).

This in itself is not uncommon. However, what did stand out was that a few of the Facebook posts had a lot of Likes. Most people don’t like that type of content on Facebook since everyone can see who the Likes are from.

A high number of Likes for a post is great for the accounts posting these links, because when a Facebook profile or post gets more Likes it is more likely to show up in people’s feeds, which is basically more advertising for the same money.

So, how do the posts get these Likes?

It turns out the criminals use a Trojan to promote their posts and profiles. When clicking through links displayed on the adult sites some—selected–visitors will download a Scalable Vector Graphics (SVG) image file. So while surfing from one of these sites to the next one, sometimes, not always, it triggers a download.

Now, the cybercriminals are banking on the fact that SVG is not a filetype that will set off an alarm for most people, given that most people see it as an image file. But SVG files are not always simply image files.They are written in XML, and this allows them to contain HTML and Javascript code, which means that the cybercriminals can use them to get up to no good.

Here is the one provided by the adult sites:

Despite the heavy obfuscation of the second part of the script, for anyone able to read the code it is pretty clear this file is up to no good. In fact, it actually downloads another malicious javascript file, but it was hard to figure out which one.

Because the code in the SVG file uses a technique called “hybrid JSFuck” (how fitting) to hide its intentions we immediately assumed that it was malicious. From the easier to read parts of the script we can deduct that the script downloads and executes a malicious script from the domain crhammerstein\[.\]de, which was blocked by Malwarebytes.

JSFuck is a form of obfuscation that encodes JavaScript using only six characters: “\[ \] ( ) ! +”. There are several online deobfuscators available for pure JSFuck obfuscation, but the criminals used a hybrid method by adding the String.fromCharCode elements which is not that easy to unravel.

Opening the SVG file opens an empty Edge tab titled Process Monitor. This happens because SVG files on Windows are opened by Edge, even if the user has another browser set as their default.

In the end we managed to figure out that the downloaded script was another javascript, detected as Trojan.JS.Likejack. This Trojan, also written in Javascript silently clicks a ‘Like’ button for a Facebook page without the user’s knowledge or consent, in this case the adult posts we found above. The user will have to be logged in on Facebook for this to work, but we know many people keep Facebook open for easy access.

Once we knew how this campaign worked, we found a huge amount of blogspot\[.\]com pages involved in this campaign:

**Conclusion**

Now that governments are imposing age verification upon adult sites that play by the rules, they are driving those interested in that type of content into the arms of those that don’t care about the rules, even to the extent that they are willing to deploy Trojans to get visitors to their sites.

An alternative is that those trying to access content use a VPN to visit the sites from locations that don’t impose these restrictions. Given those options we would obviously recommend using a VPN.

To be protected against this type of campaigns, it’s worth considering using real-time malware protection. Malwarebytes blocks the domains associated with this campaign.

**We don’t just report on threats—we remove them**

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

 Adult sites trick users into Liking Facebook posts using a clickjack Trojan 

A string of US armory break-ins, kept quiet by authorities for months, points to a growing security crisis—and signs of an inside job.

A string of previously undisclosed break-ins at Tennessee National Guard armories last fall marks the latest in a growing series of security breaches at military facilities across the United States, raising fresh concerns about the vulnerability of US armories to theft and intrusion.

A confidential memo from the Tennessee Fusion Center reviewed by WIRED details four break-ins at Tennessee National Guard armories over a seven-week span. In one incident, thieves made off with night vision goggles, laser target locators, and thermal weapons sights, among other equipment. At others, intruders breached fences, tripped alarms, and gained access to supply rooms discovered in the aftermath to have been unlocked.

At least some of the break-ins seem to point to potential insider help. In Covington, Tennessee, for example, evidence suggests intruders may have known in advance the location of a secure key control box. At other sites, attempts were made to bypass alarms and entry points.

The memo, which was intended solely for law enforcement use, does not indicate that any weapons were stolen; however, a government anti-terrorism coordinator is quoted as saying: “These events are concerning not only due to the stolen items being sensitive in nature but also because of the indicators for some insider knowledge being needed for successful breach and theft.”

The document, first obtained by the nonprofit watchdog group Property of the People, was shared exclusively with WIRED.

The break-ins remain under active investigation and have drawn the attention of the Pentagon’s Office of the Provost Marshal General—the US Army’s leading law enforcement authority. A senior police source informed WIRED on Tuesday that the Federal Bureau of Investigation is leading the investigation. The FBI declined to confirm.

“FBI policy prohibits confirming or denying an investigation unless in rare circumstances when publicity would help the investigation, such as in seeking a missing child or trying to identify a bank robber,” Elizabeth Clement-Webb, an FBI public affairs officer, says. “The matter you’re inquiring about does not meet that exception, so it would not be appropriate to comment.”

The Pentagon referred questions to the National Guard. The Guard did not respond to a request for comment.

Initially regarded as isolated incidents, the memo cites years’ worth of FBI and Defense Department reporting on what agents call “domestic violent extremists,” or DVEs, discussing plans to raid armories for weapons and gear, leading analysts to suspect organized activity. Domestic intelligence has consistently flagged violent militia members and racially motivated extremists eyeing armories as soft targets.

“Although DVEs previously have stolen some lower-level military gear, the FBI has not identified any instances in which a DVE successfully raided an armory to steal heavy military equipment,” the memo reads. “To circumvent such a raid, FBI and DoD are enhancing liaison with local armories and military facilities to address gaps in reporting about current plots to exploit armory vulnerabilities and increase opportunities to detect and prevent DVE theft of military equipment.”

Between 2020 and 2024, the memo says, at least four FBI subjects discussed raiding military facilities for heavy weapons, including .50-caliber firearms and machine guns. Three had confirmed military backgrounds. One—a former Guard member—identified specific armories that he had served in, while describing how best to exploit their security. It’s unclear whether any charges were brought.

Extremist chatter cited by the document echos these ambitions. In early 2024, a militia-linked Telegram user proposed assessing armory vulnerabilities with help from sympathetic firefighters and sought military or law enforcement recruits for inside information. In another case, an active-duty tank commander claimed he could sway an armorer to hand over weapons, while a former Air Force contractor talked about raiding a Guard facility to seize mortars and secure land.

Together, these incidents point to a persistent and ideologically varied interest in exploiting armory weaknesses. The Tennessee break-ins, meanwhile, preceded several other armory breaches around the country, underscoring a broader trend in security threats.

"Especially when coupled with more recent events, the document makes clear that violent neo-Nazis and far-right militia groups continue to pose a serious and ongoing threat—and that state governments are failing in their duty to secure dangerous military hardware,” says Ryan Shapiro, executive director of Property of the People.

This year alone, thieves stole three Humvees and other military gear from an Army Reserve center in Tustin, California; raided storage containers at a Colorado National Guard facility; and allegedly attempted to steal body armor and communications gear from a US Army Ranger site in Washington. In the latter case, law enforcement claim the suspects used their status as veterans to gain entry to the base, highlighting ongoing concerns about insider access.

Similarly, a break-in at a Massachusetts Army Reserve center in 2015—during which numerous rifles and pistols were stolen—was carried out by a former service member, later sentenced to 11 years in prison. Their familiarity with the facility’s security systems and physical layout reportedly enabled the robbery.

For decades, US military stockpiles have been prime targets for high-stakes theft. In the 1970s, arms traffickers raided facilities in California, escaping with caches of powerful weapons. A 1976 heist at a Massachusetts armory turned up a shoulder-fired missile launcher. And in 1995, a former soldier commandeered a tank in San Diego, leading police of a destructive, city-wide chase.

Despite repeated policy changes and years of heightened scrutiny, the nation's thousands of armories remain vulnerable to both external intruders and those with insider access. Modern security improvements have done little to deter interest in breaching them. In Tennessee alone, the fusion center memo notes that state officials have received at least 25 suspicious activity reports over the past decade, detailing attempted surveillance and theft.

Luke Baumgartner, a former Army officer and extremism researcher at George Washington University, says the Tennessee armory break-ins do appear to bear the hallmarks of an inside job—assuming suspicions about the intruders knowing the locations of secure keys are accurate.

“It’s not an uncommon occurrence,” he says, pointing to the recent thefts at Washington’s Joint Base Lewis-McChord. In June, the FBI arrested two former service members for their alleged involvement in the thefts and the hammer assault of a soldier on base. The FBI recovered a stockpile of weapons found in the suspects’ home, amid an assortment of Nazi iconography and white supremacist literature.

Extremist ties to the military can run in both directions, Baumgartner explains: Some groups actively recruit veterans, contractors, and even active-duty troops to exploit their skills and access. Others will join the military explicitly to gain tactical training, weapons experience, and insider knowledge they can later pass on.

Weapons, meanwhile, aren’t the only concern. “There’s sensitive equipment in there,” he says. “There’s secure radios. There’s equipment that contains classified information. You have to have a certain level of clearance to access some of that.”

Such heists could also carry symbolic weight for anti-government extremists, Baumgartner says, by casting the federal government as weaker than it appears. “To the casual observer, what it signals is that even institutions we think of as being shielded from this sort of action are not actually immune.”

Tag

#intel