St. Patrick’s Day is almost here, and Brooklyn is ready to go green! Whether you’re gearing up for a lively parade, sipping a pint of Guinness at your go-to pub, or getting swept up in a Celtic celebration with a side of Irish dance, there’s no shortage of fun.
From rowdy bar crawls to lively performances, we’ve got your ultimate guide to making the most of this lucky day — and month — in Brooklyn.
Celebrate a quarter-century of queer joy at Ginger’s Bar with a three-day St. Patrick’s Day bash from March 14 to March 16! Enjoy live Irish music, DJ sets, Irish dancing, and special guest appearances straight from Ireland. With a focus on queer joy, resistance, and community, this anniversary celebration promises a weekend of unforgettable fun. Limited tickets will be available at the door, but secure your spot with presale tickets.
March 14–16, times vary. Ginger’s Bar, 236 Underhill Ave. in Prospect Heights. gingerbrooklyn.com.
Join Tipsy Scoop for a fun and boozy ice cream-making class this St. Patrick’s Day! Learn to make whiskey-infused ice cream and a boozy sorbet cocktail using a commercial ice cream machine. Enjoy tasting seasonal flavors, hear about the company’s history, and take home two pints of your creations in an insulated Tipsy Scoop tote.
Get your green on and join the fun at Time Out Market New York for a St. Patrick’s Day celebration! Enjoy all-day drink specials, including Sam Adams and Angry Orchard buckets, plus Sam Adams Cold Snap. At 6:30 p.m., head to the rooftop for a special performance by the Brooklyn Irish Dance Company, showcasing traditional Irish stepdancing.
The luck of the Irish has far from run out for Brooklyn’s three St. Patrick’s Day Parades. The Celtic Knot of Gaelic marches will kick off later this month, each celebrating a milestone anniversary.
Join in the festivities at the oldest St. Patrick’s Day Parade in Brooklyn! The parade kicks off at 1 p.m. on March 16, starting at Bartel-Pritchard Square at 14th Street and Prospect Park West in Park Slope. Established in 1975, this parade features a vibrant procession through Park Slope, with the route stretching from Prospect Park West & 15th St. to 7th Ave & Garfield Place, then back to the starting point for a celebration from 2 to 5 p.m.
Stick around for the after-party at Holy Name of Jesus Church, where you can enjoy a corned beef and cabbage dinner, beer, soda, and live music by Celtic Justice for $50 (RSVP required).
March 16, parade steps off at 1 p.m. at Bartel-Pritchard Square at Prospect Park West and 15th Street. After-party from 5-9 p.m. at Holy Name of Jesus Church, 245 Prospect Park West.
Get ready to paint the town green at the 30th Annual Bay Ridge St. Patrick’s Day Parade on Sunday, March 23, starting at 1 p.m. This lively procession kicks off at Marine Avenue and Third Avenue, making its way down the bustling thoroughfare to 67th Street. The parade will feature marching bands, Irish dance troupes, and community groups, plus plenty of Irish pride. Leading the march this year is Deacon Kevin McCormack as grand marshal, with the Reilly family celebrated as the Irish Family of the Year.
March 23, parade steps off at 1 p.m at Third Avenue and Marine Avenue in Bay Ridge.
St. Patrick’s Day fun continues on through March with the 15th Annual Gerritsen Beach St. Patrick’s Day Parade.on Saturday, March 29! This neighborhood favorite celebrates Irish pride with a hometown twist, featuring lively floats, local bands, and all the green you can handle. While the big NYC parade takes over Fifth Avenue earlier in the month, Gerritsen Beach will be keeping the party going, bringing its own spirited take on the holiday to Brooklyn.
March 29, parade steps off at 1 p.m. at the Veterans of Foreign Wars Post at Whitney and Gerritsen Avenues in Gerritsen Beach.
North Korea-linked APT group ScarCruft used a new Android spyware dubbed KoSpy to target Korean and English-speaking users.
North Korea-linked threat actor ScarCruft (aka APT37, Reaper, and Group123) is behind a previously undetected Android surveillance tool named KoSpy that was used to target Korean and English-speaking users.
ScarCruft has been active since at least 2012, it made the headlines in early February 2018 when researchers revealed that the APT group leveraged a zero-day vulnerability in Adobe Flash Player to deliver malware to South Korean users.
Kaspersky first documented the operations of the group in 2016. Cyber attacks conducted by the APT37 group mainly targeted government, defense, military, and media organizations in South Korea.
Lookout researchers attributed the spyware to the ScarCruft group with medium confidence. The researchers state that the threat is a relatively new malware family with early samples going back to March 2022. The most recent samples detected by the cybersecurity firm are dated March 2024.
“KoSpy has been observed using fake utility application lures, such as “File Manager”, “Software Update Utility” and “Kakao Security,” to infect devices.” reads the report published by the researchers. “The spyware leveraged the Google Play Store and Firebase Firestore to distribute the app and receive configuration data. All the apps mentioned in the report have been removed from Google Play, and the associated Firebase projects have been deactivated by Google.”
KoSpy collects SMS, calls, location, files, audio, and screenshots via plugins. The surveillance tool
The spyware masquerades as five different apps: 휴대폰 관리자 (Phone Manager), File Manager, 스마트 관리자 (Smart Manager), 카카오 보안 (Kakao Security) and Software Update Utility.
The experts noticed that the app disguises itself as utility apps with basic functions, except Kakao Security, which tricks users with a fake permission request.
Before activation, KoSpy checks if it is running in a virtualized environment and confirms that the current date is past the hardcoded activation date to avoid analysis and detection.
Upon execution, the spyware retrieves an encrypted configuration from Firebase Firestore, controlling activation and the C2 server address. This setup allows attackers to enable, disable, or change servers for stealth and resilience.
KoSpy communicates with its C2 servers through two request types: one for downloading plugins and another for retrieving surveillance configurations. The configuration request, sent as an encrypted JSON, controls parameters like C2 ping frequency, plugin URLs, and victim messages. The spyware uses a unique IT for each victim that is calculated through a hardware fingerprint. While some C2 domains remain online, they do not respond to client requests. The spyware transmits the encrypted data via AES to multiple Firebase projects and C2 servers for further exploitation.
Lookout researchers found connections between KoSpy and North Korean threat groups APT43 and APT37. One of C2 domains, st0746[.]net, links to an IP address in South Korea previously associated with malicious Korea-related domains. These include naverfiles[.]com and mailcorp[.]center, linked to Konni malware used by APT37, and nidlogon[.]com, part of APT43’s infrastructure. The shared infrastructure suggests KoSpy may be part of broader cyber-espionage operations targeting Korean users.
“In addition to its ties to APT37, this KoSpy campaign also has ties to infrastructure used by APT43 – another North Korean hacking group. North Korean threat actors are known to have overlapping infrastructure, targeting and TTPs which makes attribution to a specific actor more difficult.” concludes the report. “Based on the aforementioned shared infrastructure, common targeting and connection recency, Lookout researchers attribute this KoSpy activity to APT37 with medium confidence.”
Last spring, a Cameroonian-flagged cargo ship, the Barbaros, steamed through Istanbul’s Bosphorus Strait. The Barbaros had begun its journey in Russia and was en route to a port in eastern Libya controlled by a warlord whose forces have been accused of crimes against humanity by a U.N. fact-finding mission.
As the Barbaros crossed the Bosphorus in April, an eagle-eyed observer — Yörük Işık, who runs a consultancy analyzing maritime activity on the strait — got a view of its cargo. Isik posted photographs of the Barbaros on X, describing it as a “ship of interest” carrying trucks that are often used in military missions and that are manufactured by a sanctioned Russian company.
A flurry of law enforcement activity followed, according to leaked documents from a European Union naval mission called Operation Irini. The mission attempts to track and block weapons shipments to Libya, which are banned under an international arms embargo.
The documents show how commercial vessels — known as a ghost fleet — employed a range of tricks to avoid detection as they shipped Russian equipment to Libya. They also highlight growing European concerns about Russia’s influence in the country, which officials believed was part of a broader strategy by Moscow to project power in the Mediterranean and several African countries.
After Isik posted the photographs, Interpol prepared a report on the Barbaros that found the vessel had manipulated its Automatic Identification System (AIS), the device that transmits information about a ship’s location, in an attempt to conceal its position. The report also found the ship had changed its name three times and had registered itself under the flag of a different country at least 10 times since 2013. The report assessed that the ship “may be carrying firearms destined for Libya” and recommended that authorities closely monitor it.
Russian Minister of Defense Sergei Shoigu, left, meeting with head of the Libyan National Army Khalifa Haftar in August 2017. Image: Ministry of Defense of the Russian Federation
The Barbaros was bound for the Libyan port of Tobruk, which is ruled by Khalifa Haftar, a military leader who dominates the eastern part of the country.
Russia’s ghost fleet has enriched Moscow by helping it evade Western sanctions on its oil sales, according to the United States and European Union. Whether carrying oil or arms, these vessels often manipulate their AIS to avoid detection. In dozens of reports produced in 2024, European authorities tracked how vessels turned off their AIS when passing near the Syrian port of Tartus, where Russia maintains a naval base. Sometimes, these ships also spoofed their AIS data to appear in a different place than where they actually were. In another case, according to a report included in the leaked documents, a vessel suspected of shipping arms from Syria to Libya manipulated its location to appear offshore the Lebanese capital of Beirut — but mistakenly transmitted its location as on dry land at the airport, rather than the maritime port.
On May 1, 2024, Operation Irini, the European naval mission, boarded the Barbaros and found 115 Russian-made trucks. While the trucks were of a type regularly used by militaries, they had not been specifically modified for military use and thus did not violate the arms embargo, so the ship was allowed to continue its journey to Tobruk. Nevertheless, the EU naval mission wrote in its internal report that the shipment represented “a confirmation of a trend of militarization of the region.”
Officials from Operation Irini did not respond to questions from ICIJ for this story.
For nearly a decade, Moscow has supported Haftar with weapons, money and military personnel, gradually cultivating him as its most important ally in Libya. A U.N.-appointed mission reported in 2023 that forces under Haftar’s control were guilty of “crimes against humanity,” and a report from Amnesty International accused a militia led by his son of engaging in murder, torture and rape.
The elder Haftar, a dual U.S.-Libyan citizen who resided in northern Virginia for two decades, faced multiple civil lawsuits in the United States that accused his forces of killing Libyan civilians. The cases were dismissed last year after a judge ruled that she lacked jurisdiction over the cases. An appeal to that ruling is scheduled to be heard by a U.S. court in May.
Even so, Western officials have not made Haftar an international pariah. In August 2024, three months after the Barbaros arrived in Italy, the commander of U.S. Africa Command and a top U.S. diplomat met with Haftar in Libya.
It’s a testament to Western strategic negligence,
— Anas El Gomati, director of the Sadeq Institute
European officials have also cited Russia’s growing influence in eastern Libya as a reason to increase engagement with institutions under Haftar’s control. “What we don’t do in the East, Russia will do,” said EU Ambassador to Libya Nicola Orlando, according to minutes of an October 2024 meeting at the EU naval mission’s headquarters.
The EU delegation to Libya and spokespeople from the EU’s diplomatic service did not respond to requests for comment from ICIJ.
Anas El Gomati, director of the Tripoli-based Sadeq Institute, said Russia’s presence in Libya gives it control over migrant trafficking routes to Europe and creates a hub for naval operations a few hundred nautical miles from European shores.
“Russia has a partnership with Haftar, but its presence in Libya is much more about the West,” he said. “Ukraine is the eastern flank of NATO, and Libya is the southern flank — it’s Europe’s soft underbelly.”
‘An immediate security issue for Europe’
Russia’s intervention in Libya, partly enabled by the operations of its ghost fleet, has expanded significantly since early 2024, according to European officials.
According to a leaked briefing document, the head of the EU naval mission was advised in June that the number of Russian flights to Libya in the first half of 2024 matched the total for all of 2023, and that the mission had observed “a formalization of the Russian presence” over the past year. The document also described an increase of Russian military shipments to the country. “A Russian naval presence in the Mediterranean is a fact and we see regular navy visits to [Libya],” the briefing document stated.
Mercenaries from the Wagner Group, a Russian private military company that had been operating in Libya since at least 2018, were supplanted in 2024 by the Africa Corps, a unit under the direct control of Russia’s military, the leaked documents reported.
Do you have a story about corruption, fraud, or abuse of power?
ICIJ accepts information about wrongdoing by corporate, government or public services around the world. We do our utmost to guarantee the confidentiality of our sources.
Russian arms shipments not only fuel the conflict in Libya but serve to expand its influence across an unstable, resource-rich region in Africa. Moscow is using Libya as an “entry point for its logistical route to the Sahel,” reads an internal summary created by the EU naval mission following a meeting with the German envoy to Libya. The envoy did not respond to requests for comment from ICIJ.
Moscow has reaped financial and political rewards from its intervention in this broad region, which encompasses 10 countries. In Niger, for example, the Russian military has supported a military junta — and the junta subsequently invited Russian firms to invest in mining the country’s uranium. In the Central African Republic, Russian mercenaries have strengthened the president’s grip on power in exchange for control over gold and diamond mines.
Russia is far from the only country to violate the arms embargo on Libya. A 2020 BBC documentary tracked how Turkish “ghost ships” transported weapons to its allies in the country, employing similar tactics to those used by Moscow.
But the fall from power in December of Syrian President Bashar Assad, a close ally of Russia, has seemingly provided an impetus for Moscow to expand its involvement in Libya. Later that month, Italy’s defense minister said Russia was transferring arms from its naval base in Syria to Libya. In January, Ukrainian military intelligence named specific Russian vessels that it said were preparing to move arms from Syria to Libya.
A spokesperson for Ukraine’s military intelligence told ICIJ that Russian military officials reached an agreement with Haftar in late 2024 to transfer some Russian units from Syria to Libya, and to modernize the aviation infrastructure in eastern Libya. They said the Russian air force has flown at least 20 missions to move military personnel and equipment from Syria to the Libyan territory under Haftar’s control, and that roughly 3,000 Russian soldiers are currently stationed in Libya.
Libya represents “an immediate security issue for Europe” because of Russia’s presence there and the African nation’s role as a migration route, according to the internal summary following the meeting with the German envoy.
“It’s a testament to Western strategic negligence,” said El Gomati, the Sadeq Institute director. “Russia has been constructing a military node that is not only capable of destabilizing Libya but also threatens European security 400 miles from NATO’s shores.”
Editor’s Note: This story contains discussions of child abuse that may be disturbing. Reader discretion is advised. If you suspect a child is being abused, find out how to report it in your state here. To connect with a counselor, you can call the National Child Abuse Hotline at 1-800-422-4253.
Morris, who previously served as a spiritual adviser to President Donald Trump, has been charged with five counts of lewd or indecent acts with a child, the attorney general’s office said.
The 63-year-old resigned from his role as senior pastor of Gateway Church in 2024 after Cindy Clemishire accused him of sexually abusing her starting in 1982.
Clemishire said Morris was staying in Hominy, Oklahoma, with her family at the time of the abuse.
“There can be no tolerance for those who sexually prey on children,” said Oklahoma Attorney General Gentner Drummond. “This case is all the more despicable because the alleged perpetrator was a pastor who exploited his position. The victim in this case has waited far too many years for justice to be done.”
Gateway Church, based in the Dallas suburb of Southlake, was founded by Morris in 2000. The church said in a statement Wednesday that its members are praying for Clemishire and “all of those impacted by this terrible situation.”
During his 2016 presidential campaign, Trump named Morris as a member of his evangelical advisory board.
Trump visited Gateway Church’s Dallas campus in 2020, the Dallas Morning News reported, during a trip that included a fundraising dinner.
The Associated Press and NewsNation’s Cassie Buchman contributed to this report.
(NewsNation) — Former Transportation Secretary Pete Buttigieg announced he will not run for Michigan’s vacant Senate seat in 2026.
Buttigieg, who grew up near the Michigan border in South Bend, Indiana, said in a social media post that he has “decided against competing in another race.”
Buttigieg was a candidate for the Democratic nomination for president in 2020, despite his highest elected office being the mayor of his hometown. He parlayed that into a role in President Joe Biden’s administration.
Buttigieg did not rule out a run for president in 2028.
Lynda Tran, the former senior adviser to Buttigieg when he was Biden’s transportation secretary, said since he lives in Michigan, he’s talking to “ordinary, everyday folks on a regular basis.”
“I can tell you one thing about my old boss is he will find a way to serve, he will find a way to be relevant, and he will remain part of the conversation,” Tran said on NewsNation’s “The Hill” Thursday. “These things are going to take time to percolate.”
Researchers warn of a “coordinated surge” in the exploitation attempts of SSRF vulnerabilities in multiple platforms.
Threat intelligence firm GreyNoise observed Grafana path traversal exploitation attempts before the Server-Side Request Forgery (SSRF) surge on March 9, suggesting the attackers may be leveraging Grafana as an initial entry point for deeper exploitation.
The experts believe the attempts are the result of a coordinated attack, threat actors first scan exposed infrastructure before escalating their efforts. In past attacks, attackers exploited Grafana vulnerabilities to access configuration files and internal network details, reinforcing the possibility of reconnaissance-driven targeting.
“On March 9, GreyNoise observed a coordinated surge in SSRF exploitation, affecting multiple widely used platforms.” reads the advisory published by GreyNoise. “At least 400 IPs have been seen actively exploiting multiple SSRF CVEs simultaneously, with notable overlap between attack attempts. “
Most Server-Side Request Forgery exploitation attempts targeted entities in the United States, Germany, Singapore, India, Lithuania, Japan, and Israel.
The experts warn that attackers leverage SSRF for pivoting and reconnaissance and cloud exploitation.
GreyNoise observed a significant rise in SSRF exploitation on March 9, with around 400 unique IPs actively targeting 10 SSRF vulnerabilities. Many of these IPs are attempting to exploit multiple vulnerabilities simultaneously rather than targeting a single flaw. This pattern suggests an automation or pre-compromise reconnaissance, rather than typical botnet activity.
Below is the list of SSRF vulnerabilities being exploited in the attacks observed by the experts:
Organizations should promptly patch and secure affected systems, apply mitigations for targeted CVEs, and restrict outbound access to necessary endpoints. Additionally, they should monitor for suspicious outbound requests by setting up alerts for any unexpected activity.
A U.S. influencer has drawn anger and criticism in Australia, including from the country’s Prime Minister, after she was filmed taking a baby wombat in the wild, separating it from its mother.
The video purportedly shows influencer Sam Jones, who has over 90,000 followers on Instagram under the handle “samstrays_somewhere.” Per her Instagram bio, she’s an“outdoor enthusiast & hunter,” who hails from Montana. The video in question, filmed in an unknown locationin Australia, shows Jones running across the road to a car, with the baby wombat in her hands, and the baby’s mother running behind. After the wombat hisses, seemingly in distress, Jones eventually returns the animal to the bush.
[time-brightcove not-tgx=”true”]
The video has since been deleted, and Jones has now made her Instagram profile private.
Despite the original video being deleted, the footage continues to be shared across social media, drawing ire worldwide. Australian Prime Minister Anthony Albanese has also joined the criticism against Jones.
“To take a baby wombat from its mother… is just an outrage,” Albanese said in a press conference on Thursday. “I suggest to this so-called influencer, maybe she might try some other Australian animals. Take a baby crocodile from its mother and see how you go there. Take another animal that can actually fight back.”
This comes after a statement from Home Affairs Minister Tony Burke, who said that Jones’ travel visa will be under review to see if she violated the terms of her stay in the country.
“Given the level of scrutiny that will happen if she ever applies for a visa again, I’ll be surprised if she even bothers,” he said in an email statement, according to CNN. “I can’t wait for Australia to see the back of this individual, I don’t expect she will return.”
Animal advocacy groups have also spoken out about the footage. Per TheGuardian, Dr. Di Evans, a senior scientific officer at RSPCA Australia, said of the video: “The distress caused by the callous act is obvious with the joey screeching for their mother and the mother being extremely anxious. Removing a joey from their mother is extremely distressing and any separation is harmful.”
CNN notes that according to Australian broadcaster the ABC, Jones spoke out about the incident before switching her social media channels to private, saying the baby wombat was “carefully held for one minute in total and then released back to mom.”
There is also now an online petition to ban Jones from Australia, which is “to send a message to Australian politicians and legal officers to not let this case go” according to the petition organizer in the description.
On February 28th, 2025, Global China Hub associate director Matt Geraci was quoted in a Liga.net article on China’s strategic interests in the Russian invasion of Ukraine.
The world is smaller than ever. The global proliferation of video on social media has made other cultures more accessible, tempting travelers to venture farther and do more, whether to experience what they saw online or to find something novel and authentic beyond the grid. The tourism industry rebounded to pre-pandemic levels in 2023, and surged ahead in 2024, setting consumer-spending records and accounting for an estimated 9% to 10% of global GDP, and this year, it looks to pull in even more money.
[time-brightcove not-tgx=”true”]
For our annual list of the World’s Greatest Places, TIME sought out one-of-a-kind spots and experiences around the globe. In Lima, Peru, we found AWA, a restaurant popularizing traditional Amazonian cuisine. In Zimbabwe, locally owned luxury resort Mbano Manor Hotel overlooks Victoria Falls, just outside Zambezi National Park. In Flagstaff, Ariz., The Lowell Observatory—famous as the site of Pluto’s discovery—now features an open-air planetarium, where visitors can get live commentary on that night’s sky from the comfort of heated seats. And chugging through Europe, the L’Observatoire carriage on the Venice Simplon-Orient Express—designed with precise detail by French artist JR, complete with puzzles and hidden surprises, and observation windows for taking in the scenery—is part of a resurgence of luxury train travel.
Buy your copy of the World’s Greatest Places issue here
Each year, TIME solicits nominations of places—including hotels, cruises, restaurants, attractions, museums, parks, and more—from its international network of correspondents and contributors, as well as through an application process, with an eye toward those offering new and exciting experiences. The result: 100 extraordinary destinations to stay and to visit this year.
An East New York mother has been indicted in connection with the death of her 6-year-old daughter, who was found unresponsive in a bathtub last month, Brooklyn District Attorney Eric Gonzalez announced Wednesday.
Karla Espinal, 26, appeared before Brooklyn Supreme Court before Justice Donald Leo on March 12 to face charges of second-degree assault, second-degree reckless endangerment, and endangering the welfare of a child, prosecutors said.
Prosecutors allege that Espinal submerged her daughter, Madeline, underwater in a bathtub. Emergency responders were called to Espinal’s Elton Street home around 1:30 p.m. on Feb. 7 following a 911 call from the child’s father.
The father arrived home to find his daughter unresponsive in the bathtub with Espinal nearby, officials said. The child was transported to Brookdale Hospital, where she was pronounced dead at 2:42 p.m.
DA Gonzalez said the case could be superseded once the Medical Examiner completes its investigation and determines the final cause and manner of Madeline’s death.
“This innocent child had her whole life ahead of her when the person she depended on allegedly drowned her in a bathtub,” Gonzalez said. “This is a distressing and unspeakable case, which we continue to investigate to ensure that this defendant is held fully accountable. My thoughts are with the child’s heartbroken father and other family members at this time.”
Following the incident, police took Espinal to a station house for questioning before charging her with felony assault, child endangerment, and reckless endangerment. At her March 12 court appearance, she was ordered held without bail. Espinal is due back in court on May 15.
