Category: News
Muslim Leaders In Italian City Demand Removal Of Plastic Pig From Deli Shop Window
Muslim Leaders In Italian City Demand Removal Of Plastic Pig From Deli Shop Window
A plastic pig displayed in the window of a newly opened delicatessen on the Piazza dei Signori in the Italian city of Padua has triggered a local controversy after a senior representative of the city’s Muslim community called for its removal, arguing that it is offensive and inappropriate.
The pig, placed in the window of the deli Mortadella… e Non Solo, is used to advertise the shop’s sandwiches and cured meats, which are primarily made from pork.
According to Il Giornale, Salim El Mauoed, the regional vice president of Padua’s Muslim community, urged both the shop’s owners and local authorities to intervene, describing the display as “in bad taste” and offensive to Muslims who pass through the area.
There is no legal basis requiring the business to remove the display.
The pig imagery is a central part of the shop’s branding and appears not only in the window but also in its logo, promotional materials, and merchandise shared publicly on social media.
El Mauoed’s request has drawn criticism from some politicians and residents, who argue that it amounts to interference with lawful commercial activity and undermines the principle of civil coexistence.
They contend that living together in a pluralistic society necessarily involves accepting visible expressions of different cultures, religions, and dietary traditions, particularly when those expressions are neither targeted nor discriminatory.
Il Giornale reports that some members of the local Muslim community believe symbols seen as contrary to Islamic religious precepts should be avoided in shared urban spaces.
Others, however, have warned that removing a legal and commonplace commercial symbol risks establishing a precedent in which religious objections could reshape long-established customs and everyday practices.
The newspaper also notes that the deli employs Muslim staff, some of whom have publicly defended the display, saying the plastic pig simply reflects the nature of the business and is not intended to offend anyone.
The pig remains on display for now.
Tyler Durden
Sat, 01/31/2026 – 08:10
Ukraine Moves To Purge Dostoevsky & Tolstoy From Public Mention
Ukraine Moves To Purge Dostoevsky & Tolstoy From Public Mention
In the latest escalation of Ukraine’s cultural purge and targeting of all things Russian, Ukraine’s Institute of National Memory has this month formally branded the famed classic Russian authors Fyodor Dostoevsky and Leo Tolstoy as vectors of “Russian imperial propaganda”.
This has included a call from the body which operates under the Cabinet of Ministers of Ukraine for all streets, monuments, and public institutions bearing their names be wiped from the map.
Image via Union of Orthodox Journalist-Ukraine
According to Interfax, commenting on the ruling, “the assignment of their names to geographical objects, names of legal entities and objects of property rights, objects of toponymy, as well as the establishment of monuments and memorial signs in their honor in Ukraine was the embodiment of Russification – Russian imperial policy aimed at imposing the use of the Russian language, promoting Russian culture as superior compared to other national languages and cultures, displacing the Ukrainian language from use, and narrowing the Ukrainian cultural and information space.”
In a January 20 statement, the Institute of National Memory’s ‘expert commission’ claimed the literary legacy of both writers is “directly connected to the glorification of Russian imperial policy.” The Ukrainian officials also asserted there are signs of “Ukrainophobia” in their books.
The move was met with complete silence in Western media, and the story has gone almost completely overlooked, despite Dostoevsky and Tolstoy having long been widely studied and appreciated across the globe, and in American colleges, literary programs, theaters – and among common avid readers.
Their works, from The Brothers Karamazov to the massive War and Peace have done much to shape Western culture and higher education in the 150 years of the works’ existence.
And yet the Ukrainian government-linked institute now claims the historic prominence of Dostoevsky and Tolstoy across Ukraine was not because it is literary art with universal appeal, but somehow part of a long-running Russification campaign designed to marginalize the Ukrainian language and culture.
Ukraine has in essence just labeled two of the world’s greatest historical authors, which far pre-date both the modern Russian Federation and Soviet Union of the 20th century, as ‘propaganda’.
Propaganda is the science of convincing an audience without appealing to reason. Russophobia, defined as the irrational fear of Russia, should be a key theme in the study of propaganda in the West as Russia has throughout history been assigned a diametrically opposite identity as… pic.twitter.com/bHYqI4avQC
— Glenn Diesen (@Glenn_Diesen) February 23, 2024
The following is an actual line from the original Interfax report: “The head of the UINP, Oleksandr Alferov, states that local authorities need to check the names of their streets with these lists.”
Tyler Durden
Sat, 01/31/2026 – 07:35
https://www.zerohedge.com/geopolitical/ukraine-moves-purge-dostoevsky-tolstoy-public-mention
Anticipation grows for new Chicago White Sox slugger Munetaka Murakami: ‘He’s going to fit right in’
Starter Davis Martin saw the international impact instantly after the Chicago White Sox added Japanese slugger Munetaka Murakami.
“I think we signed him and three days later I had someone from Japan send me my baseball card,” Martin said Friday at the Ramova Theatre in Bridgeport.
Murakami has been the most buzzed about move this offseason for the Sox. The signing of the two-time Nippon Professional Baseball Japanese Central League Most Valuable Player — who is in Japan finishing his visa application process — was a popular topic of conversation Friday at SoxFest Live, receiving a nice ovation from fans when his name was mentioned.
“I knew who he was because I watched him in the World Baseball Classic and I saw him tear it up,” shortstop Colson Montgomery said. “The fact that we have him on our team, I’m happy about that. I’d rather him be on our team than anyone else’s.
“I could just tell the excitement that he had with this group. You could see he’s very excited to be with this core group that we have.”
That group offensively includes returning players such as Montgomery, second baseman Chase Meidroth, catchers Kyle Teel and Edgar Quero and third baseman Miguel Vargas.
“I think you look at the guy — you look at his highlights in the 2023 WBC, you look at what he can do for a lineup — as a starting pitcher you’re drooling,” Martin said. “This guy can change the game in any swing at any time. To stick that in the lineup in between Teel, in between Meidroth, in between Colson, (Lenyn) Sosa, it’s kind of hard not to get fired up to watch it. We’re really excited. I think he’s going to fit right in and it’s going to be a lot of fun getting to know him and talk to him a lot.”
Murakami was featured in a video-highlight reel during Friday’s event, which included a message largely in Japanese from the first baseman. He wrapped up in English, saying “Go White Sox!”
“He just wants to get to Arizona,” general manager Chris Getz said Thursday. “This guy, he’s all about baseball. He’s working daily on his body, his craft, his offensive ability, his defensive ability. It’s really about getting to Arizona, getting comfortable with his surroundings.
“I have the utmost confidence that he’s going to be very comfortable with our group. I know that they chose us because of this young, developing group and knew that he was going to fit in seamlessly. And I anticipate that happening.”
Murakami, 25, joins the Sox after hitting 246 home runs over the last eight seasons with the Tokyo Yakult Swallows.
“Obviously the power is real, we’ve seen that from afar,” manager Will Venable said Thursday. “But he’s just someone that’s really committed to getting better. I think that’s been really apparent in the communication we’ve had with him.
“He talks a lot about his defense, he wants to be a great baserunner. Just to be on the ground floor with him and go to work and see him go about his business is going to be really exciting.”
Montgomery said Murakami will help the lineup “a lot.” The Sox hit 165 home runs last season, finishing 23rd in the majors. They were eighth in the big leagues in that department after the All-Star break with 89.
“He’s a guy that’s going to help us hit homers and I feel like the way the game is going, you’ve got to be able to hit some homers,” said Montgomery, who had 21 home runs in 71 games during his rookie season last year. “He’s going to bring a lot to our lineup, and I’m really excited.”
The Sox signed Murakami on Dec. 21, one of three two-year deals the team completed this offseason. The added starter Anthony Kay on Dec. 9 and finalized a deal with reliever Seranthony Domínguez on Thursday.
“I’m really happy to get an opportunity to be there and be with the team — a great city and great fans,” Domínguez said during a videoconference call Friday afternoon. “They are working to get better.”
Kay spent the last two seasons in Japan with the Yokohama BayStars, where he saw plenty of Murakami.
“Murakami’s a beast, I think he’s going to be really good over here,” Kay told the Tribune on Friday. “I faced him a bunch my first year, he had some success off of me. Thankfully I was able to keep him in the yard, but he had a lot of singles and doubles. I’m looking forward to him being on my team now.”
Martin, in general, liked the direction of the team’s offseason moves.
“I’d type in ‘White Sox’ every two or three weeks, kind of see what we were doing in the offseason,” he said. “Every time we’d sign one of these guys, you immediately know what kind of role they can fill and where they can fit in with our team. I think every single one of them is going to be a cornerstone of what we need to do and we have a lot of things going in the right direction.
“Those guys can boost the momentum that we already have.”
https://www.chicagotribune.com/2026/01/31/chicago-white-sox-munetaka-murakami-soxfest/
Next-Level Spying: How China Read The West’s Wiretaps For Years
Next-Level Spying: How China Read The West’s Wiretaps For Years
Authored by Shanaka Anslem Perera via Substack,
The four trillion dollars in institutional capital positioned for stable UK-China relations rests on an assumption that died in a Chengdu server room sometime around 2019. The assumption is that espionage between major powers operates within understood boundaries, that telecommunications infrastructure is contested but not compromised, that the surveillance systems Western governments built to watch their citizens cannot be turned around to watch them. The assumption has been falsified. What follows is the complete mechanism of how China’s Ministry of State Security achieved persistent access to the private communications of three British Prime Ministers’ closest advisers, the phones of a US President-elect, and the wiretap systems that were supposed to catch them doing it. The positioning implications are immediate. The framework is permanent.
On January 26, 2026, The Telegraph disclosed that Chinese hackers had penetrated right into the heart of Downing Street, compromising mobile communications of senior officials across the Johnson, Truss, and Sunak administrations. The story was buried on page seven, treated as a technology curiosity. It was, in fact, a solvency event for the Western intelligence alliance. Not because phones were hacked, which happens, but because of how they were hacked: by weaponizing the very surveillance infrastructure that Western governments mandated for their own intelligence agencies. The Communications Assistance for Law Enforcement Act in the United States and the Investigatory Powers Act in the United Kingdom require telecommunications carriers to build backdoors into their networks for court-ordered wiretapping. Chinese state hackers found those backdoors. And walked through them.
The intelligence value is almost impossible to overstate. For approximately four years, operators linked to the MSS’s Chengdu bureau had the capability to see not just who British officials were calling, but whom the FBI was investigating, which Chinese operatives were under surveillance, what the United States knew about Beijing’s activities, and when counterintelligence was getting close. They could geolocate millions of individuals. They could record phone calls at will. They compromised the surveillance of their own surveillers, achieving the counterintelligence equivalent of reading the other side’s playbook while the game was in progress.
What follows is the institutional playbook. The positions are already being built.
The Backdoor That Swung Both Ways
The story of Salt Typhoon is not fundamentally a story about hacking. It is a story about architecture. Specifically, it is a story about what happens when governments mandate that their surveillance systems include single points of failure, then assume those points will only fail in their favor.
In 1994, the United States Congress passed the Communications Assistance for Law Enforcement Act, requiring telecommunications carriers to design their networks with built-in capabilities for government wiretapping. The law emerged from FBI concerns that digital switching technology would render traditional surveillance impossible. CALEA’s solution was elegant in its naivety: force every carrier to build a standardized interface through which law enforcement could access communications pursuant to court order. The interface would be secure because it would be secret, protected by access controls, audited by compliance regimes. No adversary would find it because no adversary would know to look.
Twenty-two years later, the United Kingdom enacted the Investigatory Powers Act 2016, colloquially known as the Snooper’s Charter. It went further than CALEA, mandating that technology companies retain communications data and provide access mechanisms for intelligence agencies. The architecture was the same: centralized access points designed for authorized users, protected by the assumption that authorized users would be the only ones using them.
Salt Typhoon was the adversarial audit that the system failed.
The Chinese operators did not need to hack individual phones, which would have been noisy and detectable. They did not need to intercept communications in transit, which would have required breaking encryption. They hacked the wiretap system itself. Once inside the CALEA infrastructure at AT&T, Verizon, and Lumen Technologies, they had access to everything the FBI had access to: call metadata showing who contacted whom and when, geolocation data derived from cell tower triangulation, the actual content of unencrypted calls and texts, and most devastatingly, the database of active surveillance requests. They could see whom the United States government was watching. They could see if they themselves were being watched.
The vulnerability was not a bug in the architecture. It was the architecture.
For decades, cryptographers and privacy advocates warned that there is no such thing as a backdoor only good guys can use. A vulnerability is a vulnerability. If it exists, a sufficiently motivated and resourced adversary will find it. The NSA and GCHQ and FBI dismissed these warnings as theoretical, academic, disconnected from operational reality. Law enforcement’s access needs are legitimate. But Salt Typhoon demonstrated empirically that the risks of mandated backdoors extend to everyone, including the governments that mandated them.
The irony approaches the unbearable. As Salt Typhoon was being discovered in late 2024, the UK government was pressuring Apple to weaken iMessage encryption under the Investigatory Powers Act. The argument was the same one that produced CALEA: law enforcement needs access, and carefully controlled access can be kept secure. Apple reportedly disabled certain features for UK users rather than comply. At precisely the same moment, as The Telegraph would later reveal, Chinese operators were reading communications from the heart of Downing Street through the access points the UK government had mandated.
The technical community has a name for this: the security paradox. Systems designed to enable surveillance become targets for adversary surveillance. The more access points you create for your own agencies, the more attack surface you expose to foreign agencies. The debate between security and privacy was always a false binary. The real tradeoff was between surveillability by your government and surveillability by everyone’s government.
Salt Typhoon collapsed that tradeoff into a single devastating data point.
The Kill Chain That Cannot Be Killed
Understanding what happened requires understanding how telecommunications networks actually function, not how they appear in policy documents.
A modern telecom network is not a monolithic system but a layered architecture spanning edge devices that connect to the public internet, core routing infrastructure that moves packets between networks, administrative systems that manage configurations and access, billing and customer data platforms, and lawful intercept systems that process surveillance requests. Each layer has its own attack surface. Salt Typhoon targeted the layer that matters most: the edge devices that control everything else.
The primary intrusion vector was a pair of vulnerabilities in Cisco IOS XE, the operating system running on millions of enterprise routers and switches worldwide. CVE-2023-20198, with a perfect 10.0 CVSS severity score, allowed an unauthenticated remote attacker to create an administrator account with Level 15 privileges, the highest access level on Cisco devices. CVE-2023-20273 enabled command injection that elevated those privileges to root access on the underlying Linux operating system. Chain them together and an attacker can create a god-mode account on any exposed Cisco device, then execute arbitrary code with full system control.
The vulnerabilities were disclosed in October 2023. Cisco issued patches. Many telecommunications operators delayed patching due to operational constraints that made rapid remediation nearly impossible.
This dynamic is not incompetence, though it resembles incompetence. Telecommunications infrastructure operates under pressures that create structural patch delays. These networks run 24 hours a day, 365 days a year. Downtime is measured in lost revenue and regulatory penalties. Patching a core router requires scheduling maintenance windows, testing updates in lab environments, coordinating with interconnected carriers, and accepting the risk that the patch itself introduces instability. For many operators, the calculation becomes: known theoretical vulnerability versus certain operational disruption. They chose the theoretical vulnerability. Salt Typhoon chose them.
Recorded Future’s Insikt Group documented the campaign exploiting over one thousand Cisco devices globally between December 2024 and January 2025. But the truly alarming finding was that attackers also exploited CVE-2018-0171, a vulnerability in Cisco Smart Install that had been patched seven years earlier. Some devices in critical telecommunications infrastructure had not been updated since 2018. The attack surface was not the frontier of zero-day exploitation. It was the accumulated technical debt of an industry that treated security as a cost center.
Once inside, Salt Typhoon deployed a sophisticated persistence mechanism designed to survive exactly the remediation attempts carriers would eventually undertake. The primary implant, documented by Trend Micro researchers under the name GhostSpider, operated entirely in memory without touching disk, evading traditional antivirus that scans for malicious files. It used DLL hijacking to execute within the context of legitimate processes, bypassing application whitelisting. Communications with command-and-control servers were encrypted and disguised as normal HTTPS traffic, blending with legitimate web activity.
The deeper persistence came from Demodex, a kernel-mode rootkit that modified the Windows operating system at its lowest level. Demodex hooked into system calls to hide its own processes, network connections, and registry entries from administrators running diagnostic commands. An operator investigating a compromised system would see nothing amiss because the rootkit was filtering what they could see. The malware achieved what the cybersecurity industry calls god-mode persistence: invisibility so complete that the only certain remediation is physical hardware replacement.
On Cisco devices specifically, the attackers exploited the Guest Shell, a Linux container environment designed for running legitimate management scripts. By injecting malicious code into this trusted container, they achieved persistence that survived standard reboots and even operating system reimaging. The infection lived below the level that normal administrators could access. It was not hiding in the house. It had become part of the foundation.
The operational sophistication extended to exfiltration. Salt Typhoon deployed a custom tool called JumbledPath that enabled packet capture across multiple network hops while simultaneously clearing logs and disabling logging along the capture path. They could intercept traffic without leaving forensic evidence of the interception. They modified Access Control Lists on compromised switches to explicitly permit their command-and-control IP addresses, ensuring their backdoors remained reachable even as security teams updated firewall rules. They created Generic Routing Encapsulation tunnels to route stolen data through compromised infrastructure, making the exfiltration appear as legitimate network traffic.
According to Cisco Talos analysis, the average dwell time before discovery was 393 days. One environment showed attackers maintaining presence for over three years. Three years of access to telecommunications infrastructure that carries the communications of governments, corporations, and private citizens. Three years of watching the watchers.
Inside the Chengdu Hacker-for-Hire Marketplace
Attribution in cyber operations is notoriously difficult. Attackers route through compromised infrastructure in multiple countries, use commodity malware available to any buyer, and deliberately plant false flags suggesting different national origins. The intelligence community has learned hard lessons about premature attribution.
Salt Typhoon attribution does not suffer these ambiguities. It is among the most thoroughly documented cases of state-sponsored cyber operations in the public record.
The US Treasury Department sanctioned Sichuan Juxinhe Network Technology Co., Ltd. on January 17, 2025, identifying it as a Chengdu-based cybersecurity company with direct involvement in the Salt Typhoon cyber group. The language was unusually specific for a sanctions designation, which typically uses more cautious phrasing. Treasury stated that the Ministry of State Security has maintained strong ties with multiple computer network exploitation companies, including Sichuan Juxinhe. The implication was unmistakable: this was not a rogue actor tangentially connected to Chinese intelligence. This was an MSS operation executed through contractor infrastructure.
Chengdu has emerged as the primary hub of China’s offensive cyber contractor ecosystem, a distinction it shares with no other Chinese city to the same degree. The reasons are structural. Sichuan University and Chengdu University of Information Technology produce a steady pipeline of computer science graduates with the technical skills offensive operations require. The provincial government offers tax incentives for high-tech enterprises that attract cybersecurity firms. The MSS’s Chengdu bureau has historically been aggressive in recruiting and contracting local talent. The result is a geographic concentration of capability that the intelligence community has tracked for over a decade.
Sichuan Juxinhe is not an isolated entity but part of an interconnected ecosystem. Treasury’s designation also referenced Beijing Huanyu Tianqiong Information Technology Co., Ltd. and Sichuan Zhixin Ruijie Network Technology Co., Ltd. as associated entities. These firms share corporate registration patterns, overlapping personnel, and technical infrastructure in ways that suggest coordinated rather than independent operation.
The ecosystem became dramatically more visible in February 2024, when over five hundred internal documents from i-SOON (Sichuan Anxun Information Technology Co., Ltd.) appeared on GitHub in one of the most significant leaks of Chinese cyber operations ever recorded. The documents revealed a hacker-for-hire marketplace where private firms bid on government contracts to compromise specific targets. Price lists showed costs for different levels of access. Marketing materials advertised tools for hacking Twitter, Gmail, WeChat, and Telegram. Target lists included governments in India, Thailand, Vietnam, South Korea, and NATO member states. The operational picture was unmistakable: China’s cyber espionage apparatus operates significantly through private contractors who compete for MSS and PLA business.
The i-SOON leak provided a Rosetta Stone for understanding how Salt Typhoon operates. Domain registration patterns used by i-SOON matched those observed in Salt Typhoon infrastructure. Malware families overlapped. The corporate relationship between i-SOON and other Chengdu firms explained how capabilities and targeting information might flow between ostensibly separate entities.
The UK government reached the same conclusion. On December 9, 2025, Foreign Secretary Yvette Cooper announced sanctions against Integrity Technology Group and Sichuan Anxun Information Technology (i-SOON) for activities against the UK and its allies that impact our collective security. The 13-nation joint advisory released in August 2025 explicitly attributed the campaign to MSS-linked private contractors, co-signed by agencies from the United States, United Kingdom, Australia, Canada, New Zealand, Germany, Japan, and five other nations.
The evidence supporting attribution is overwhelming: convergent technical indicators across multiple intelligence services, targeting patterns aligned with MSS priorities rather than financial motivation, sanctions from two G7 governments naming specific companies, a leaked document trove revealing operational details, and multi-national intelligence consensus among powers with no incentive to coordinate false attribution.
Chinese Foreign Ministry spokesperson Guo Jiakun dismissed the allegations as unfounded and irresponsible smears and slanders, claiming China stands against hacking and fights such activities in accordance with the law. Chinese state media advanced the counter-narrative that Salt Typhoon accusations represent US efforts to secure congressional appropriations rather than genuine intelligence findings. The Global Times characterized the accusations as a farce of US smear tactics against China.
These denials represent diplomatic necessities. They do not survive contact with the documented evidence.
The Crown Jewels: Three Prime Ministers’ Inner Circles Exposed
The targeting profile of Salt Typhoon reveals strategic intent far beyond conventional espionage.
In the United States, nine telecommunications carriers have been confirmed compromised: Verizon, AT&T, T-Mobile, Lumen Technologies, Spectrum (Charter Communications), Consolidated Communications, Windstream, Viasat, and at least one additional unnamed provider. Senator Mark Warner, chairman of the Senate Intelligence Committee, characterized it as the worst telecom hack in our nation’s history. The scope comparison is instructive. SolarWinds, the Russian supply chain compromise discovered in December 2020, affected approximately 18,000 organizations with deep penetration of roughly 100. Salt Typhoon compromised over 200 companies across 80 countries.
The data accessed falls into two categories with very different strategic implications.
The first category is bulk metadata: call detail records showing who contacted whom, when, and for how long, plus geolocation data derived from cell tower connections. Former Deputy National Security Advisor Anne Neuberger confirmed that attackers gained capabilities to geolocate millions of individuals. Metadata reveals patterns invisible in content alone. If a senior Treasury official calls a specific BP executive three times in one night before a North Sea oil announcement, Beijing knows the policy shift before the Cabinet does. Mapping communication networks reveals the actual decision-making structure of governments, which often differs substantially from organizational charts.
The second category is targeted content interception. Fewer than 100 individuals had actual call content and text messages directly compromised, but those individuals included Donald Trump, JD Vance, and senior staff from the Harris campaign during the 2024 presidential election. Congressional staff from the House China Committee, Foreign Affairs Committee, Armed Services Committee, and Intelligence Committee were accessed in breaches detected in December 2025, according to the Financial Times. The targeting was not random. It was surgical.
The United Kingdom penetration, disclosed by The Telegraph on January 26, 2026, reached right into the heart of Downing Street. The National Cyber Security Centre confirmed observing a cluster of activity targeting UK infrastructure since 2021. Aides to Prime Ministers Boris Johnson, Liz Truss, and Rishi Sunak had their communications compromised across a three-year period that included the COVID-19 pandemic response, the Ukraine war’s escalation, and critical UK-China trade negotiations.
Whether the Prime Ministers’ personal devices were directly compromised remains publicly unclear. The distinction may matter less than it appears. In a telecom network intrusion, attackers do not need to compromise individual devices. They compromise the network itself, intercepting communications as they transit carrier infrastructure. The Prime Minister’s phone may have been perfectly secure. The calls it made were not.
The strategic timing compounds the damage. The 2021-2024 window included decisions on Huawei’s role in UK 5G infrastructure, the AUKUS security pact formation, Hong Kong sanctions policy, and bilateral trade negotiations with Beijing. Chinese intelligence had real-time visibility into British decision-making during discussions where China’s interests were directly at stake. The information asymmetry is staggering.
Australia was similarly targeted. ASIO Director-General Mike Burgess confirmed in November 2025 that Salt Typhoon attempted to access Australia’s critical infrastructure, including telecommunications networks. Canada experienced confirmed breach of at least one unnamed telecom in February 2025. The campaign extended beyond the Five Eyes core: a South African provider was reportedly compromised via Cisco platforms, Southeast Asian telecoms detected new malware variants, and European telecommunications organizations identified intrusion attempts as late as October 2025.
The counterintelligence implications are the most damaging aspect, though the least publicly discussed.
By accessing CALEA systems, Salt Typhoon operators could see the database of active wiretap requests. They knew whom the FBI was investigating. If MSS operatives in the United States were under surveillance, Beijing could pull them out before arrests occurred. If FBI investigations were approaching sensitive Chinese assets, Beijing could warn them. If counterintelligence operations were building cases against Chinese technology companies or influence operations, Beijing could see the evidence accumulating.
This is the counterintelligence nightmare: your surveillance apparatus becomes the adversary’s intelligence source. The FBI was not just failing to catch Chinese spies. It was showing China exactly where to find its exposed spies before the FBI could catch them.
The Hidden Correlation That Risk Models Never Saw
Systems approaching critical transitions exhibit a distinctive signature that financial risk models systematically miss. Surface metrics remain stable while underlying pressure accumulates. Correlations appear benign precisely because the stress is building uniformly across connected components. Then the transition happens not gradually but all at once, in a cascade that propagates faster than response mechanisms can activate.
The physics of phase transitions describes the phenomenon with precision. Water remains liquid as it cools, molecules slowing gradually, temperature dropping predictably. Then at exactly zero degrees Celsius, the system reorganizes instantaneously into a crystalline structure. The transition is discontinuous. Nothing in the gradual cooling predicted the sudden restructuring.
Salt Typhoon’s propagation through global telecommunications followed this pattern. The Global Cyber Alliance documented 72 million attack attempts from China-origin IP addresses against telecommunications infrastructure worldwide between August 2023 and August 2025. The number is not the important part. The distribution is. Rather than concentrating on a few high-value targets, the campaign probed systematically across the entire internet-facing surface of telecom networks in 80 countries. When one vector failed, others succeeded. The attack percolated through the network of networks, finding paths of least resistance through unpatched devices, legacy systems, and accumulated technical debt.
The 80-country spread was not a bug or scope creep. It was the exploitation of network topology itself. Telecommunications providers interconnect through peering relationships, shared vendors, inherited trust, and common infrastructure. Compromising one provider creates pivot points into connected providers. The attackers did not need to breach 80 countries independently. They needed to breach enough nodes that cascade dynamics carried the compromise further.
Financial risk models trained on historical correlations would have seen nothing unusual in the period before disclosure. Telecom stocks moved with normal volatility. Cybersecurity spending followed typical budget cycles. The correlation stability that risk managers found reassuring was measuring the pressure building uniformly, not the probability of release.
The parallel to credit markets before 2008 is instructive though imprecise. Mortgage-backed securities showed stable correlations because they were all exposed to the same underlying risk. The stability was the warning, not the comfort. When housing prices turned, the correlation snapped to one and everything moved together. The diversification that looked protective turned out to be concentration disguised.
Salt Typhoon exposed a similar hidden correlation in critical infrastructure. The assumption was that a breach of Verizon had no implications for BT, that American vulnerabilities were American problems, that European telecoms operated in a separate risk regime. The assumption was wrong. The same Cisco devices run everywhere. The same CALEA architecture creates the same vulnerability everywhere its analogues exist. The same contractor ecosystem targets everyone with the same tooling. The diversification across carriers and jurisdictions was illusory. They were all one network.
Five Eyes Fractures Under Pressure
The Five Eyes intelligence alliance, comprising the United States, United Kingdom, Canada, Australia, and New Zealand, represents the deepest and most institutionalized intelligence-sharing arrangement among Western democracies. Its origins in World War II signals intelligence cooperation have evolved into comprehensive collaboration on technical collection, analysis, and counterintelligence. Salt Typhoon tested this architecture as nothing has since its formation.
The initial response demonstrated the alliance’s coordination capabilities. The December 2024 Enhanced Visibility and Hardening Guidance for Communications Infrastructure was the first joint Five Eyes response to the breach. The August 2025 advisory expanded to 13 nations, co-sealed by 22 agencies attributing the campaign to specific Chinese companies with unprecedented multinational consensus. The coordination was real and consequential.
But the fractures were also visible.
UK officials pointedly stated that had American regulations matched British standards, we would have found it faster, we would have contained it faster. The criticism was technically accurate. The UK’s Telecommunications Security Act 2021 imposed security obligations on carriers that exceed CALEA requirements. But the same UK government pursuing those regulations was simultaneously pressuring Apple to weaken encryption under the Investigatory Powers Act, replicating exactly the architectural vulnerability that Salt Typhoon exploited. The internal contradiction was not resolved so much as ignored.
The regulatory divergence reflects deeper philosophical disagreements that Salt Typhoon intensified without settling. The FBI and CISA’s December 2024 recommendation that Americans use end-to-end encrypted messaging applications represented an extraordinary acknowledgment that carrier networks cannot be trusted. Yet both agencies have historically sought encryption backdoors for law enforcement access. The cognitive dissonance remained unaddressed: advocating for encryption to protect against foreign adversaries while seeking to weaken encryption for domestic law enforcement.
The FCC’s regulatory response exemplified the policy incoherence. In January 2025, the Commission proposed mandatory cybersecurity requirements including role-based access controls, multi-factor authentication, and vulnerability patching for telecommunications carriers. Then-Chairwoman Jessica Rosenworcel stated: In light of the vulnerabilities exposed by Salt Typhoon, we need to take action. In November 2025, the reconstituted FCC voted 2-1 to revoke those rules. Chairman Brendan Carr argued for an agile and collaborative approach over regulatory mandates. Commissioner Anna Gomez dissented: This FCC today is leaving Americans less protected than they were the day this breach was discovered.
The Cyber Safety Review Board investigation, established to provide an authoritative post-mortem on Salt Typhoon, was terminated in January 2025 when the incoming administration dismissed all members before their investigation concluded. The official lessons learned process stopped before identifying lessons.
Intelligence sharing itself became contested. Reports emerged in 2025 that DNI Tulsi Gabbard barred sharing certain intelligence with Five Eyes partners. While some former officials characterized concerns as faux outrage, noting that withholding occurs routinely, others warned of a chilling effect on critical intelligence sharing at precisely the moment coordination mattered most.
From a Chinese perspective, as expressed by state media and diplomatic channels, the sanctions and coordinated Western response represent political escalation that unnecessarily heightens tensions and contradicts stated commitments to engagement. Beijing has consistently framed the accusations as evidence of anti-China bias in Western intelligence assessments rather than legitimate security concerns.
Salt Typhoon revealed that even the world’s most sophisticated intelligence alliance, facing the world’s most aggressive cyber adversary, operates with fundamental coordination failures, regulatory incoherence, and philosophical contradictions that compound rather than contain the damage.
Why Hardware Must Replace Software
The most alarming aspect of Salt Typhoon is not what happened but what continues to happen.
CISA Executive Assistant Director Jeff Greene stated plainly: We cannot say with certainty that the adversary has been evicted, because we still don’t know the scope of what they’re doing. Senator Maria Cantwell’s December 2025 assessment was equally stark: Telecom companies infiltrated in the attack have failed to prove the Chinese hackers have been eradicated from their networks.
AT&T and Verizon announced in January 2025 that they had successfully expelled the attackers from their networks, with Mandiant providing independent verification. The claims met immediate skepticism from government officials and security experts. The skepticism has not been resolved. When Senator Cantwell demanded documentation, the carriers could not provide evidence that Chinese hackers had been fully removed.
The technical reasons for persistent access are well understood.
Salt Typhoon’s persistence mechanisms, including GRE tunnels on network devices, Demodex kernel rootkits, and modified authentication server configurations, can survive standard remediation procedures. The attackers’ average dwell time of 393 days before detection, with some environments compromised for over three years, demonstrates operational security sufficient to reestablish access even after apparent eviction. If the attackers anticipated discovery, they likely created backup persistence mechanisms that remediation teams have not found.
Read the rest here and consider subscribing.
Tyler Durden
Sat, 01/31/2026 – 07:00
https://www.zerohedge.com/geopolitical/next-level-spying-how-china-read-wests-wiretaps-years
Extremistas armados matan a decenas en el noreste de Nigeria
Por HARUNA UMAR
MAIDUGURI, Nigeria (AP) — Extremistas armados mataron a decenas de personas en el noreste de Nigeria a principios de semana en ataques separados contra una obra y una instalación militar, dijeron funcionarios de seguridad el sábado.
Pistoleros acabaron con la vida de al menos a 25 obreros durante una emboscada el jueves en la ciudad de Sabon Gari, en el estado de Borno, reportó un alto oficial del Comando de Policía del Estado de Borno a The Associated Press. El funcionario habló bajo condición de anonimato porque no estaba autorizado a informar a periodistas. Las autoridades nigerianas suelen declinar confirmar públicamente el número de víctimas mortales en los ataques, citando preocupaciones de seguridad.
“Es una pérdida devastadora, y las señales apuntan directamente a los insurgentes de Boko Haram, que se resisten desde hace mucho tiempo a los proyectos de desarrollo en estas zonas”, indicó el policía..
Boko Haram, un grupo yihadista autóctono de Nigeria, tomó las armas en 2009 para luchar contra la educación occidental e imponer su versión radical de la ley islámica.
La insurgencia incluye ahora una escisión del grupo extremista Estado Islámico conocida como Provincia del África Occidental. Se ha extendido a los vecinos al norte de Nigeria, como Níger, y según Naciones Unidas ha matando a unos 35.000 civiles y desplazó a más de dos millones.
Abdurrahman Buni, un alto mando de la Fuerza Civil Conjunta, un grupo de vigilantes voluntarios que ayuda al ejército a combatir a los grupos extremistas y las bandas armadas, confirmó que al menos 25 obrebros fueron asesinados durante el ataque del jueves.
De acuerdo con Buni y con el policía, los combatientes extremistas, respaldados por drones armados, asaltaron una base del ejército en otro ataque en la misma ciudad horas antes. El policía indicó que había nueve soldados y dos miembros de una fuerza civil muertos, mientras que unos 16 efectivos de seguridad heridos fueron evacuados para recibir tratamiento médico tras el intenso tiroteo.
Por el momento no estaba claro si el ataque a la base fue obra de Boko Haram o de su rival, Estado Islámico, ambos activos en la región.
Nigeria está inmersa en una compleja crisis de seguridad, con una insurgencia islámica en el noreste y un repunte en los número de secuestros para pedir rescate en el noroeste y centro-norte.
El mes pasado, Estados Unidos lanzó ataques aéreos en el norte de Nigeria contra combatientes de Estado Islámico, tras las acusaciones de que el país de África Occidental no logró controlar los ataques contra la población cristiana.
___
Esta historia fue traducida del inglés por un editor de AP con la ayuda de una herramienta de inteligencia artificial generativa.
Ataques israelíes en Gaza matan al menos a 29 palestinos, una de las peores jornadas desde la tregua de octubre
DEIR AL-BALAH, Gaza (AP) — Ataques israelíes en Gaza matan al menos a 29 palestinos, una de las peores jornadas desde la tregua de octubre.
Elena Rybakina se corona en Australia tras derrotar a la número uno del mundo, Aryna Sabalenka
Por JOHN PYE
MELBOURNE, Australia (AP) — Elena Rybakina conquistó el sábado el Abierto de Australia al imponerse 6-4, 4-6, 6-4 a la número uno del mundo, Aryna Sabalenka, vengando así su derrota en el partido por el título del primer major del año en 2023.
Hace cuatro años, ganó el primer set pero perdió la final en tres. Esta vez, después de romper el servicio de la bielorrusa en el primer juego y llevarse el primer set, remontó tras ceder el segundo set y comenzar el definitivo 3-0 abajo. Ganó cinco juegos consecutivos y selló el triunfo con un ace en su primer punto para el campeonato.
Es la segunda vez que Rybakina, quinta cabeza de serie, se alza con un título del Gran Slam tras acabar en lo más alto en Wimbledon en 2022. En su anterior final en Melbourne, era la única que tenía uno de los cuatro grandes en su palmarés.
Mientras Sabalenka despuntó y ganó otros tres majors —incluyendo triunfos consecutivos en Australia y el Abierto de Estados Unidos de 2024 y 2025—, los resultados de Rybakina empeoraron y no había alcanzado otra final importante hasta este torneo.
___
Esta historia fue traducida del inglés por un editor de AP con la ayuda de una herramienta de inteligencia artificial generativa.
Mokena Village Board OKs financial incentive for Midwest Furniture Liquidators
The Mokena Village Board approved a performance-based financial incentive agreement with Midwest Furniture Liquidators, a business with a Mokena store for 10 years, that could award the business up to $150,000 in sales tax revenue over the next five years.
The deal promises the furniture store a share of the sales tax money beginning Jan. 1, 2027, as long as the business brings in more revenue, which means the store’s revenue exceeds its average revenue over the past five years.
Brent Cann, Mokena community development director, said the incentive supports a major reinvestment and expansion at the company’s store at 9100 W. 191st St.
Cann said the agreement is designed to encourage redevelopment along the 191st Street corridor, enhance the customer experience and strengthen the village’s sales tax base.
Amjad Hamdan, head of operations for Midwest Furniture Liquidators, said in November that his renovation plans will be a “little twist of a new image for the business.” Midwest Furniture Liquidators also has a Chicago area store in Schaumburg.
Hamdan said he plans to invest about $450,000 in improvements to modernize and expand its existing facility from its industrial-style building into a more retail-oriented customer-friendly showroom.
The showroom space will be expanded by about 20,000 square feet using adjacent space previously occupied by volleyball courts for Velocity All Sport, according to John Tomasoski, village administrator.
A few of the other planned upgrades include replacing loading dock doors with showroom windows, installing new canopies, lighting and wall signs, and completing landscaping and parking lot improvements, according to Cann.
A new entrance and pedestrian access from 191st Street will be added, aiming to further improve site accessibility and visibility, Cann said.
Hamdan said in November the company plans to increase the company’s marketing budget by 25% and spend more funds on costs like electrical work, lighting, flooring, new entrances and demolishing walls.
He said he expects these combined efforts to increase sales by at least 30% in the first year following the end of renovations.
If Hamdan does increase sales, he could be awarded funding under the incentive.
A rendering of new Midwest Furniture Liquidators building, as of Jan. 30, 2026. (Mokena Village)
The village would then pay the store half of that extra revenue through money from the village’s portion of the sales tax.
The payments would continue until either the store has received $150,000, or five years have passed, whichever comes first, Cann said. He also said the Village Board may extend the incentive to 10 years or adjusting the incentive cap number.
Hamdan said the incentive allows him to begin renovations sooner. Normally, he said, he would have waited several years to save enough money to cover the full cost, but with the incentive in place, he feels confident moving forward now. He expects as his sales increase after the renovations, the village will reimburse him for part of those costs through the incentive program.
Hamdan also said the incentive helps the company during a particularly challenging time.
He said in November that the U.S. tariffs imposed under President Donald Trump’s administration in January and July increased costs for the products his company was buying from overseas. He said these increased costs pushed the company to buy more products from U.S. furniture sources in order to stay competitive in the market and still offer affordable prices. He said these changes have been hard, and the village’s support is helpful.
Hamden said the village has welcomed his business and that he is excited to expand operations in Mokena.
Midwest Furniture Liquidators’ Mokena store at 9100 W. 191st St., before renovations began in 2026. (Village of Mokena)
Cann said that the project aligns with broader economic development goals by reinvesting in an underutilized commercial site, enhancing the visual appeal of a major corridor and promoting sustained local revenue generation.
He said construction and site improvements are expected to move forward in phases as the showroom expansion and exterior upgrades are completed.
awright@chicagotribune.com
https://www.chicagotribune.com/2026/01/31/mokena-approves-incentive-midwest-furniture-liquidators/
Community news: Triton exhibit highlights ‘Crowns of Excellence,’ Super Bowl party in La Grange, more
Triton exhibit highlights ‘Crowns of Excellence’
“Crowns of Excellence,” a photo exhibit honoring the rich cultural tradition of Black hairstyles, opened to the public Feb. 2 and continues through the end of the month in the upper level of the library at Triton College, 2000 5th Ave. in River Grove.
The show is a collaborative effort by Visual Communications, Triton College Library and Cosmetology and Barber programs. About 20 photographs of students, alumni, staff and faculty will be shown. Students in the colleges’ new Cosmetology and Barber program provided hairstyling services for participants, and the Triton College Foundation provided a grant.
“The photos you’ll see highlight the beauty and pride of our Triton community, and making this happen is thanks to so many on campus who provided their support,” Shekinah Lawrence, Triton College library chairman, shared via a news release.
The exhibit’s name comes from the CROWN Act, or Creating a Respectful and Open World for Natural Hair, which “affirms the right to wear natural hair and prohibits discrimination based on hair texture or styles associated with race,” the release noted.
Student Ethan Frazier, who took many of the photos in the show, said he was focused on “conveying the confidence of the models and pride in their hair,” the release shared. “And being able to also help convey an identity that I’ve carried my entire life and to represent a community that I’ve been born into is really uplifting,” he said.
The library, in the A Building, is open from 8 a.m. to 8 p.m. Monday through Thursday and 8 a.m. to 4 p.m. Fridays.
La Grange American Legion Post hosts Super Bowl party
A Super Bowl watch party is planned for Feb. 8 at American Legion Robert E. Coulter Jr. Post 1941, 900 S. La Grange Road in La Grange.
Doors open at 4:30 and kick-off is at 5:30 p.m. Appetizers, a buffet and dessert are included in the fee, which is $21 for adults and $12 for children. Pull tabs, a cash bar and raffles will be available.
Tickets and information are at www.al1941.org/events-one or 708-354-3300.
Concordia University hosts symphony concert
The Symphony of Oak Park & River Forest and the Symphony Chorus will present a performance of Brahms’ “Schicksalslied” at 4 p.m. Feb. 15 in the Chapel of Our Lord at Concordia University, 7400 Augusta St. in River Forest.
Other pieces featured during the concert are Mahler’s “Des Knabenwunderhorn” and the fourth movement of his “Symphony No. 4, and Copland’s “Quiet City” and “Outdoor Overture.”
A preconcert talk begins at 3 p.m. and a free reception follows the concert. Tickets cost $30 through Feb. 14 but got up to $35 on the day of the concert; students through college can attend for free. Free parking is available at 1124 Bonnie Brae. Tickets are sold via SymphonyOPRF.org or by calling 708-218-2648.
Seed swap planned in Franklin Park
Area residents who enjoy growing plants from seeds are invited to a swede swap from 11 a.m. to 12:30 p.m. Feb. 14 at the Community Center, 9560 Franklin Ave. in Franklin Park.
Participants can exchange seeds with attendees, although plenty will be on hand to share for those who don’t have any to swap.
The free event is offered by the Park District of Franklin Park. For details, call 847-455-2852.
League explores climate change
“Debra Shore Looks at Climate Change in the Great Lakes Region” is the title of a talk from 7 to 8:30 p.m. Feb. 12 sponsored by the League of Women Voters of the La Grange Area with the La Grange Public Library at 10 W. Cossitt Ave. in La Grange.
Shore, who has been an environmental protection advocate for more than three decades, will discuss how climate change has affected the region, including the Great Lakes, lead lines, flooding and drinking water, as well as how to contribute to a healthier planet and life.
The program, which is free and open to the public, requires registration at lagrange.library.calendar.com. Information is at league@lagrangearealwv.org or www. lagrangearealwv.org.
The league is an organization that encourages informed and active participants in government without supporting specific political parties or candidates.
Send news to pioneerwest@tribpub.com.
Biblioracle: What’s up with ‘Heated Rivalry’?
As a known and publicly available book person who is also an avowed hockey fan, I’ve been asked this question several times recently, so I’m going to answer it.
What’s up with “Heated Rivalry”?
For those not in the know, “Heated Rivalry” is a show from Canadian streamer Crave that’s now available on HBO Max. It tells the story of two professional hockey players (Shane and Ilya) who play for rival teams, but soon fall into a sexual relationship that moves from casual to something more.
The television show is based on the Game Changers series of hockey romance novels by Rachel Reid. “Heated Rivalry,” first published in 2019, is the second book in the series, introducing Shane and Ilya. One direct sequel to “Heated Rivalry,” “The Long Game,” came out in 2022. A second direct sequel (“Unrivaled”) is set to be published later in 2026.
The show is a phenomenon and the books are selling in mass numbers. What explains such an amazing, seemingly out-of-the-blue occurrence?
I’m going to offer a controversial, out-of-the-box take here that people may need to sit with for a minute to wrap their heads around, but here goes: “Heated Rivalry,” both the book and the show, are popular because they are well-executed examples of a genre that millions of people love.
“Heated Rivalry” is a romance. Romance is, by a fair margin, the most popular genre of book in terms of sales year after year after year. Romance fans who know their stuff — I am not an expert here — say that the books are excellent. “Heated Rivalry” follows one of the classic formats of the genre (enemies to lovers) and executes it well.
What should be so surprising about a popular book series being turned into a popular television show? Is this not something of a common occurrence? Yes, it’s about hockey and the characters are gay, but the power of romance is the power of romance, my friends. Combine that with strong execution and you get a phenomenon.
I sense that some of the public wondering is wrapped up in the fact that this is a story about two gay men, but romance readers are, by and large, uncaring about who (or in some cases, what) is experiencing the romance. The magic is in the connection, even when the connection is not the byproduct of magic.
What concerns me on the publishing side is the inevitable attempts to co-opt “Heated Rivalry” for other purposes. The “hockey romance” is already a well-established subgenre, but this level of mainstream attention invites copycats ported to other audiences. I can just imagine some executive rubbing their hands together, looking for something that allows them to pitch a book as “Heated Romance” meets “Gone Girl,” or something like that.
The spate of inferior copies following the publishing of “Gone Girl” is the cautionary tale here. Books are not made in a lab where you mix ingredients together as a kind of science. The best books are birthed out of the unique sensibilities of the individual authors.
It’s only in hindsight that a “trend” emerges and those who glom onto the trend often have much less to offer than the original.
What’s going on with “Heated Rivalry” is what went on with “Gone Girl” or “Fifty Shades of Grey” or Colleen Hoover, or every other phenomenon.
Some human being wrote something that connected with other human beings. How and when this happens is simultaneously hugely straightforward and also infinitely mysterious, which is why publishers try to chase trends.
But the smarter play is to keep looking for the fresh thing that connects.
John Warner is the author of books including “More Than Words: How to Think About Writing in the Age of AI.” You can find him at biblioracle.com.
Book recommendations from the Biblioracle
John Warner tells you what to read based on the last five books you’ve read.
1. “Fire Weather: On the Front Lines of a Burning World” by John Vaillant
2. “Farewell Summer” by Ray Bradbury
3. “The Road to Character” by David Brooks
4. “The Fire Next Time” by James Baldwin
5. “The Three Escapes of Hannah Arendt” by Ken Krimstein
— Bob H., Chicago
For Bob, I’m recommending a satire imagining Hitler waking up in contemporary Germany only to have everyone thinking he’s just a committed impersonator. Can’t imagine why this book (“Look Who’s Back” by Timur Vermes) is on my mind.
1. “The Trees” by Percival Everett
2. “The Briar Club” by Kate Quinn
3. “Killing with Confetti” by Peter Lovesey
4. “Fatal Remedies” by Donna Leon
5. “Joan Is Okay” by Weike Wang
— Ruthann S., Darien
Hmm… lots of different possible directions here. I’m going mystery with compelling characters you want to spend time with, “Case Histories” by Kate Atkinson.
1. “Ball Four” by Jim Bouton
2. “Big Swiss” by Jen Beagin
3. “Why Christians Should be Leftists” by Phil Christman
4. “Dinosaurs” by Lydia Millet
5. “Oreo” by Fran Ross
— Linus T., Chicago
OK, this is a list close to my own heart, so I want to try to give Linus something he’d never have even known about except for me, but that will fit well with this array, “Under the Frog” by Tibor Fischer.
Get a reading from the Biblioracle
Send a list of the last five books you’ve read and your hometown to biblioracle@gmail.com.
https://www.chicagotribune.com/2026/01/31/biblioracle-heated-rivalry-rachel-reid/











