InfiniteEyes News (2025)

21/07/2025

DefenseNews: A jamming attack in March was triangulated to the harbor town of Baltiysk, which is also home to the Russian Baltic Fleet and its electronic-warfare complex, a military facility packed with antennas and mobile EW units, although the triangulation appeared to resolve to a point southwest of the city, closer to the harbor.
GPS jammers and spoofers can be very small, even those with a large range, and might be easily overlooked in satellite imagery. Ziebold, a German researcher, said his team had purchased jammers the size of a shoe box that had a range of many kilometers.
This also means that they can be mobile. The jammer that has been plaguing Estonia, for example, appears to have moved from southwest of Saint Petersburg to northwest of the city.
This emerges from data shared by open-source intelligence researcher auonsson, who is part of a network of social media activists examining the jamming saga on a technical level. The person behind the social media handle spoke Defense News on the condition of remaining anonymous.
Auonsson used aircraft-transmitted data to create a heatmap of possible jammer locations around Russia’s imperial city. The flight information transmitted by planes and used for live airplane tracker maps also contains information about the quality of GPS data; when an aircraft’s GPS quality suddenly drops, this suggests that a jammer has come up over the plane’s horizon. By plotting the horizons of thousands of flights when they first encountered jamming, a heat map can be created, allowing for an approximate idea of where the offending transmitter might be located. The source code for this experiment is available on GitHub, (github.com/jpajala/GpsJammerLocator) and the data (airplanes.live) on which the investigation is based is publicly available.
“I don’t consider the exact source very relevant for the public discussion,” the person behind the auonsson handle said. “The country is, though,” they added, referring to Russia.
——
See infiniteeyesnews.substack.com for full sources and analysis including the scope of GNSS disruptions, how R-Mode is becoming critical to navigational security, and Russia’s Baltic EW capabilities.

05/07/2025

Full article and sources: infiniteeyesnews.substack.com

——/1
Last Sunday, the last pro-democracy party in Hong Kong, the League of Social Democrats, disbanded, along with other crucial civil society organizations amongst a wave of new disappearances under the city’s new National Security law. Under the law, police have arrested around 330 individuals, prosecuted 189, and secured convictions against 165 under opaque justification.
Privacy and civil liberties are taking a massive hit as well as China’s policing surveillance dragnet expands to the shores of Europe, Iran, and Hong Kong. iFlyTek is funding research from York and Queen’s universities in Canada, while Hikvision, ZTE, Huawei, Tiandy provide CCTV backbones. iFlyTek voice pattern recognition, national biometrics databases, AI pattern detection models can retroactively track movement on a persistent basis.
The Chinese government has been investing heavily in AI-driven biometric data capturing over the past decade. Facial recognition, thermal cameras, AI object and movement detection, and surveillance technologies such as “smart cities,” integrate into the CCP’s Sharp Eyes program, which can monitor all aspects of an individual’s public life are all on the docket, according to Wenhao Ma of VOA’s China Division. Hong Kong authorities used evidence from AI surveillance cameras installed last year to prosecute six people for monkey feeding, while using thermal cameras and AI data aggregation to target rat populations.
——/1

17/06/2025

Full sources and commentary: infiniteeyesnews.substack.com.
——/
The simmering geopolitical tensions between Iran and Israel have metastasized into a persistent and escalating cyber conflict that is destabilizing critical infrastructure, economic stability, and regional digital sovereignty. Recent attacks, attribution intelligence, and strategic assessments paint a clear picture: cyberspace is no longer a supporting front—the hybrid is becoming a primary domain of modern warfare, targeting families, using infrastructure used by civilians every day, creating an atmosphere where no one is safe.
Both states have intensified their cyber operations, with Iran’s OilRig and MuddyWater groups targeting Israeli entities, hacktivists affecting satellite and military communications, and suspected Israeli actors deploying tailored cyberweapons to degrade Iranian infrastructure, surveillance networks, implementing agit prop tools, while anti-regime Iranian actors Lab Dookhtegan disrupts communications of 116 Iranian commercial vessels. Reformists are largely sidelined, hardliners fractured. The field is open for a post-Khamenei government. Who will be the next Al-Jolani?

Today, all databases of Sepah Bank, one of the largest central banks in Iran, were erased in a major cyber attack. All its ATMs are non-functional and customers can’t withdraw cash. IDF has proposed a strong media blackout during attacks, specifically surrounding impact sites. Gaza has internet connectivity blackouts due to disrupted telecommunication lines from June 12-15, and is again disrupted on June 17. Iran’s own internet shutdowns, designed to limit dissent and shield state activity, are backfiring economically and tactically. Iran’s reliance on domestic infrastructure like the National Information Network (NIN) and “halal internet” has created a brittle system, costing them $1m a day in lost business, per a new report from Internet Society. Kurdistan seeing daily scheduled internet shutdowns for public school exams until June 29. Minor hacktivist spillover defacement attacks from both pro-Israel and pro-Iran clusters. There are currently 83 groups active, with 3 Russian groups supporting Iran.
——/1

16/05/2025

Full article and sources: infiniteeyesnews.substack.com

——/1 Picture this: you’re wearing headphones that whisper secrets of self-mastery and productivity into your skull, a soft signal gently coaxes you into meditative bliss, your dreams then become advertising space and somewhere in a galaxy far, far away, or maybe just a floor above some server farm—your brainwaves are being commodified like pork futures. Welcome to “neurocapitalism”, what could go wrong? The human mind—the final black box—is being opened with gold-plated crowbars. At the Zhongguancun Forum, at ad agencies in Manhattan, at VR arcades in Seoul, the same future is unfolding: our thoughts as data points. Our emotions as metrics. Our free will as an illusion optimized for ad delivery.
The age of privacy is over. The age of thought-mining has begun.
As consumer neurotechnology moves from science fiction to everyday reality, a comprehensive April 2024 and a recent symposium by the Neurorights Foundation has raised urgent red flags about the unchecked collection and misuse of neural data. Synchron and Apple are making new partnerships, while China’s innovation sector gets more and more public about its goals. Neurorights Foundation’s report, titled “Safeguarding Brain Data: Assessing the Privacy Practices of Consumer Neurotechnology Companies,” evaluates the data privacy policies of 30 global neurotech firms and finds a disturbing lack of transparency, user control, and consent mechanisms surrounding the use of brain data.
29 out of 30 companies (96.67%) have access to consumers’ neural data without meaningful limitations.
Only 22 companies (73.33%) have privacy policies related to their neurotechnology products available on their websites. The remaining 8 companies (26.67%) lack publicly accessible policies specific to their neurotechnology offerings.
While all companies provide a contact method, only 11 (36.67%) responded to inquiries. Just 4 companies (13.33%) meet all standards for transparency, including providing relevant policy documents, responsive communication channels, and notifications of policy changes.

/1

03/05/2025

Fully story and simulated war game with weaponized chatbots, subscribe for free: infiniteeyesnews.substack.com.
(For educational purposes only, *insert nervous chuckle*)
——/1
In the modern era of hybrid warfare, forums are soft targets — digital watering holes where ideas are formed and loyalties tested. China’s People’s Liberation Army (PLA), as well as entities affiliated with Russia’s Internet Research Agency, have long been accused of seeding misinformation online. But the evolution of AI chatbots supercharges this playbook. AI chatbots, particularly those powered by LLMs, can simulate persuasive and coherent conversation at scale. When integrated into coordinated influence operations, they become instruments of manipulation, disinformation, and societal disruption. This weaponization manifests in several key domains including disinformation campaigns, phishing social engineering, “flooding and drowning” or poisoning the well, and targeted manipulation through psychographic profiling.
Imagine a forum thread discussing vaccine safety, crypto, or regional politics. Imagine the type of demographic browsing these forums. A single well-tuned chatbot can post in favor of a specific angle, engage with dissenters, simulate consensus, and shift the Overton window—all without being flagged by typical moderation filters. At scale, this becomes a weaponized consensus engine.
Already, open-source tools like Auto-GPT and GPT-Agents have shown how autonomous AI actors can be configured to perform persistent, goal-driven tasks online. An adversarial state could unleash thousands of such agents into targeted forums to influence diaspora communities, sway regional elections, or destabilize activist organizing spaces.
A recent study by researchers at the University of Zurich has reignited concern over these ghosts in the threads, showing that even today’s publicly available AI tools can pass as convincing forum participants. But what happens when such tools fall into the hands of nation-states, extremists, or information warfare units?
——/1

02/05/2025

Full article: infiniteeyesnews.substack.com
——/1
One of the most insidious dimensions of China’s cyber ecosystem lies in its weaponization of spyware against domestic and diasporic targets. The Integrated Joint Operations Platform (IJOP) in Xinjiang (exposed in the International Consortium of Independent Journalists’ 2017 China Cables releases) - a big-data policing system deployed in the region, collects real-time surveillance data on individuals’ movements, communications, and behavior patterns. It is supported by spyware implanted in Android apps disguised as prayer guides, job boards, or educational tools, and these apps have seen a resurgence of spyware in recent months.
The UK’s National Cyber Security Centre (ACSC), alongside its Five Eyes intelligence partners, issued a stark advisory confirming the resurgence of two highly sophisticated spyware frameworks: BadBazaar and Moonshine. Both have been directly implicated in campaigns targeting Uyghur, Tibetan, and Taiwanese individuals, with BadBazaar being primarily deployed on Android devices and Moonshine affecting both Windows and Android platforms. These spyware tools have capabilities that go far beyond basic surveillance. Once installed, BadBazaar can harvest contact lists, track real-time location data, monitor SMS and messaging apps, record phone calls, and upload files to remote servers—essentially turning the user’s phone into a 24/7 spy device. Moonshine, which often spreads via malicious websites or pirated software, similarly allows for full system compromise and ongoing data exfiltration.

MOONSHINE has extensive surveillance capabilities such as:
    •    location data including real time tracking
    •    live audio and photo capture
    •    downloading files from device
    •    retrieving device information
    •    playing audio on the device
(Continued in comments)

18/04/2025

Full article and direct source material, confirmed attendee lists, internal research papers, Wikileaks files, investigations etc. : infiniteeyesnews.substack.com

——1/
At the peak of the tariff craze leading up to the inauguration of US President Donald Trump, Canadian Prime Minister Justin Trudeau stepped down and handed the reigns to former governor of both Bank of England and Canada, Mark Carney, a longstanding World Economic Forum & Bilderberg Group attendee since 2011 (listed on its Steering Committee until his election announcement), resulting in a massive shake-up in the polls.
The surprising part is, Trump doesn’t seem to mind. After all, they share similar Manhattan finance and Bilderberg circles. Mark Carney and Palantir, Anduril founder Peter Thiel both held positions on the Bilderberg Steering Committee, along with current Palantir CEO Alex Carp, Anduril CEO Palmer Luckey in attendance, along with Canadian Minister of Finance François-Philippe Champagne. If you went to bilderbergmeetings.org before January of 2025, you would see Carney on the Steering Committee list, now removed - optics is everything, after all. While seemingly ideologically opposed, a stage is set with a protagonist and an antagonist, and a decades-old narrative is revived. This post is not about speculation and theorizing over “New World Order” narratives, instead, how key figures directly shape society’s Overton window and social contracts from the top down, impacting everything from finance, to energy, to defence. We will discuss the transnational entities involved at face value for their reason to exist, as well as a non-speculative, analytical approach to key literature, direct quotes, and internal research by these entities.

CARNEY & BILDERBERG
Why Bilderberg Group matters:
In 1954, in a major evolution of transnational networks, the Council on Foreign Relations founded the transatlantic Bilderberg group, or at least the American branch of it. David Rockefeller, being the most senior CFR member, would also continue visiting Bilderberg (almost) annually until 2013. Prime Minister Carney has been in annual attendance since 2011, and on its Steering Committee until January,2025

10/03/2025

infiniteeyesnews.substack.com:

In recent months, both Canada and the United States have expanded their lists of designated terrorist organizations to address evolving global security threats. On June 19, 2024, Canada listed the Islamic Revolutionary Guard Corps (IRGC) as a terrorist entity under the Criminal Code, citing the group’s involvement in terrorist activities and associations with other listed entities such as Hezbollah and Hamas. Subsequently, on October 15, 2024, Canada designated Samidoun, also known as the Palestinian Prisoner Solidarity Network, due to its close ties with the Popular Front for the Liberation of Palestine (PFLP), a group already recognized as a terrorist entity in Canada.
Further, on December 2, 2024, Canada added Ansarallah, commonly referred to as the Houthis, to its terrorist list, highlighting the group’s insurgency in Yemen and attacks targeting civilian and naval vessels in the Red Sea. In parallel, the United States reinstated the designation of Yemen’s Iran-backed Houthi group as a “foreign terrorist organization,” responding to the group’s attacks on commercial and U.S. vessels in the Red Sea and Gulf of Aden. Additionally, on February 19, 2025, the U.S. Department of State designated eight Latin American drug cartels, including the Sinaloa Cartel and Tren de Aragua, as Foreign Terrorist Organizations, aiming to enhance legal measures against these groups and those supporting them.
Intelligence sharing between Canada and Mexico has increased, while the CIA has
In February 2025, the United States formally designated eight Latin American criminal organizations as Foreign Terrorist Organizations (FTOs), aiming to intensify efforts against their illicit activities, with Canada following close behind. These groups include:
• Sinaloa Cartel
• Jalisco New Generation Cartel (CJNG)
• Gulf Cartel
• Northeast Cartel
• La Nueva Familia Michoacana
• United Cartel
• Mara Salvatrucha (MS-13)
• Tren de Aragua

Multiple crime groups operate out of Manzanillo and Vancouver ports to facilitate illicit laundering, labor trafficking, and trafficking of harmful precursors. Read more at infiniteeyesnews.substack.com

——/1

10/03/2025

Full article: infiniteeyesnews.substack.com

——/1
In recent months, both Canada and the United States have expanded their lists of designated terrorist organizations to address evolving global security threats. On June 19, 2024, Canada listed the Islamic Revolutionary Guard Corps (IRGC) as a terrorist entity under the Criminal Code, citing the group’s involvement in terrorist activities and associations with other listed entities such as Hezbollah and Hamas. Subsequently, on October 15, 2024, Canada designated Samidoun, also known as the Palestinian Prisoner Solidarity Network, due to its close ties with the Popular Front for the Liberation of Palestine (PFLP), a group already recognized as a terrorist entity in Canada.
Further, on December 2, 2024, Canada added Ansarallah, commonly referred to as the Houthis, to its terrorist list, highlighting the group’s insurgency in Yemen and attacks targeting civilian and naval vessels in the Red Sea. In parallel, the United States reinstated the designation of Yemen’s Iran-backed Houthi group as a “foreign terrorist organization,” responding to the group’s attacks on commercial and U.S. vessels in the Red Sea and Gulf of Aden. Additionally, on February 19, 2025, the U.S. Department of State designated eight Latin American drug cartels, including the Sinaloa Cartel and Tren de Aragua, as Foreign Terrorist Organizations, aiming to enhance legal measures against these groups and those supporting them.
Intelligence sharing between Canada and Mexico has increased, while the CIA has
In February 2025, the United States formally designated eight Latin American criminal organizations as Foreign Terrorist Organizations (FTOs), aiming to intensify efforts against their illicit activities, with Canada following close behind. These groups include:
• Sinaloa Cartel
• Jalisco New Generation Cartel (CJNG)
• Gulf Cartel
• Northeast Cartel
• La Nueva Familia Michoacana
• United Cartel
• Mara Salvatrucha (MS-13)
• Tren de Aragua

There are multiple crime groups still operating out of America and Canada that have yet to receive elevated INTERPOL warrants or terror designations. Read more at infiniteeyesnews.substack.com

——/1

06/03/2025

——/large incoming post on cartel cyber capabilities and Canada/ US security and response capabilities (early access for subscribers tomorrow, release Monday):

infiniteeyesnews.substack.com

——/1
In a landmark international operation, law enforcement agencies across 19 countries have arrested 25 individuals suspected of producing and distributing child sexual abuse material generated through artificial intelligence (AI). Dubbed Operation Cumberland, this initiative was spearheaded by Danish authorities with support from Europol and marks one of the first major crackdowns on AI-generated exploitative content.
Starting in November 2024, the arrest of a Danish national accused of operating an online platform that disseminated AI-generated abusive imagery initiated Operation Cumberland. Subscribers worldwide could access this illicit content for a nominal fee. Subsequent probes identified 273 suspects globally, leading to coordinated arrests and searches across multiple nations, including Australia, the United Kingdom, and Germany.
AI-generated child sexual abuse material presents unique challenges for law enforcement due to its synthetic nature and the absence of specific legislation in many jurisdictions. Catherine De Bolle, Europol’s Executive Director, highlighted that the ease of creating such content exacerbates its proliferation, complicating efforts to identify offenders and protect potential victims.
Despite the lack of real victims in these AI-generated images, authorities emphasize that their existence contributes to the objectification and sexualization of children, perpetuating harmful behaviors and societal norms. The European Union is currently examining regulatory measures to address this emerging threat and enhance child protection mechanisms.
Operation Cumberland underscores the critical need for international collaboration and updated legal frameworks to combat the evolving landscape of digital crimes facilitated by advancements in artificial intelligence.
——/infiniteeyesnews.substack.com
——/1

24/02/2025

——/ full article and BlackBastaGPT tailored to leaked chat logs: infiniteeyes.substack.com

newsNearly two hundred thousand chat logs were leaked out of notorious ransomware threat actor group BlackBasta, following internal discord following the targeting of Russian banking infrastructure. The BlackBasta Ransomware-as-a-Service (RaaS) operation emerged in April 2022, very likely in the ashes of Russian FSB-tied Conti ransomware, and has claimed many high-profile victims worldwide, including healthcare companies and government contractors. According to joint research from Corvus Insurance and Elliptic, the ransomware gang collected an estimated $100 million in ransom payments from over 90 victims until November 2023.
Some of their victims include German defense contractor Rheinmetall, Hyundai’s European division, BT Group(formerly British Telecom), U.S. healthcare giant Ascension, government contractor ABB, the American Dental Association, U.K. tech outsourcing firm Capita, the Toronto Public Library, and Yellow Pages Canada, via BleepingComputer.
BlackBasta affiliates breached over 500 organizations between April 2022 and May 2024, according to and FBI and CISA joint investigation. BlackBasta didn’t discriminate—much. The FBI and CISA pegged it as hitting over 500 organizations worldwide by mid-2024, with a penchant for critical infrastructure—think healthcare giants like Ascension and UK utilities like Southern Water. But the leaks, first spotted by Dutch threat intelligence firm Prodaft, reveal a group teetering on the edge after nearly 200 thousand messages were liked by user “ExploitWhispers” due to a group decision to target Russian banking entities. Avoiding Russian entities grant Russo-centric threat actors “Persona Non-Grata” status as useful Kremlin proxies, now no longer a cover for BlackBasta.

——/1

27/01/2025

access the archives, join the free mailing list: infiniteeyesnews.substack.com

——/1

The NSA developed Security Enhanced Linux (SELinux), which has “been part of the mainline kernel for two decades to provide a security module implementing access control security policies and is now widely-used for enhancing the security of production Linux servers and other systems (and organizations)”. Those that haven’t been involved with Linux for a long time may be unaware that SELinux originates from the US National Security Agency (NSA). Since Linux 6.6, the NSA references have been removed.

In an increasingly interconnected world, open-source software holds the promise of democratizing technology—but only if its spirit of openness is genuinely honored. Whether it’s a startup revolutionizing AI or a nation shaping its technological destiny, the true power of OSS lies in its ability to unite and empower individuals toward a common goal. Maintaining that balance will determine whether open-source software remains a beacon of innovation or a tool for exploitation. China expert close to InfiniteEyes,
Sino Talk
gave the statement that “It’s more like DeepSeek understands it can’t compete with OpenAl so they decided to make it open source so foreigners can improve on it. They’ll undoubtedly be able to use those improvements to advance their Al models underdevelopment”. He is probably correct. Own your AI, or it could own you.

In the comments, we are going to compare DeepSeek and OpenAI’s fastest models, explore the paradigm of physics generated pre-trained transformers (or GPT’s), as well as what open-source software means for the sectors of innovation, and (hopefully informed) speculation on the way the global Grand Chess Board has now opened up.
\1

InfiniteEyes News

21/07/2025

05/07/2025

17/06/2025

16/05/2025

03/05/2025

02/05/2025

18/04/2025

10/03/2025

10/03/2025

06/03/2025

24/02/2025

27/01/2025

Address

Website

Alerts

Contact The Business

Shortcuts

Share