Ethiopia is in the grip of a civil war again between federal government forces and the Fano, a loose alliance of ethnic-based militia in the Amhara region.

This conflict in Ethiopia’s north erupted less than a year after the devastating Tigray war, which ended in 2022.

The Amhara are one of Ethiopia’s largest ethnic groups and played a leading role in the making of the Ethiopian state. Amharic serves as the country’s working language.

The region shares a border with Tigray. During the Tigray war, which began in 2020, various Fano groups allied with the federal government. A peace deal in 2022 to stop the war sidelined the Amhara militia groups, which strained relations with the government.

The Amhara conflict began as minor sporadic clashes with government forces in April 2023. This rapidly escalated into a full-scale insurgency by August when Fano forces launched a full blown attack in an effort to control the region’s major cities.

The violence since has displaced more than 100,000 people and left 4.7 million children out of school.

The death toll from the conflict is piling up. In March 2025, the government claimed to have killed more than 300 Fano fighters.

There are three factors behind the escalating armed struggle in Amhara:

• a mismanaged political transition from 2018 to 2020
• fallout from the 2020-2022 Tigray war
• a hollow pursuit of peace.

Between 1991 and 2018, Ethiopia was governed by the Ethiopian People’s Revolutionary Democratic Front. This was a powerful coalition of four ethno-national parties representing Tigray, Amhara, Oromo, and Southern nations, nationalities and peoples.

Faced with a political crisis and growing unrest in 2014 following opposition clampdowns and arbitrary arrests, the coalition needed a change. Two members – the Oromo People’s Democratic Organisation and the Amhara National Democratic Movement – joined forces to oust the Tigray People’s Liberation Front from its dominant position. They did this by leveraging youth-led protests, which played out between 2015 and 2018.

Following the resignation of prime minister Hailemariam Desalegn in 2018, the two parties orchestrated Abiy Ahmed’s ascent to power.

For a moment, the relationship between the Oromo and Amhara wings of the coalition looked like one of equals.In December 2019, Abiy merged the coalition into a single party, the Prosperity Party.

The Oromo wing positioned itself as the core of the Prosperity Party. It monopolised key political positions and economic opportunities. This included asserting control over the capital, Addis Ababa.

Read more: Abiy Ahmed gained power in Ethiopia with the help of young people – four years later he’s silencing them.

The deepening crisis in Ethiopia’s Amhara region is driven by a complex mix of political, ethnic, and security factors. Here’s a breakdown of the key reasons behind the instability:

 1. Tensions Between the Amhara Region and the Federal Government

• Disillusionment with the Abiy Government: Many in Amhara feel betrayed by Prime Minister Abiy Ahmed. After cooperating with federal forces during the Tigray conflict, Amhara elites expected greater political influence and lasting control over disputed territories (like Western Tigray). That hasn’t materialized.
• Disarmament Campaign: In 2023, the federal government’s attempt to disband regional special forces, including the powerful Amhara militia (Fano), was seen as an effort to weaken Amhara autonomy. It sparked violent clashes and resentment.

 2. Rise of Fano Militias

• Paramilitary Autonomy: The Fano militia emerged as a major armed actor, operating increasingly independently. Initially seen as community defenders, they now challenge both federal and regional authority.
• Resistance to Centralization: Fano views the federal government’s disarmament and reform plans as an existential threat, leading to an escalating insurgency in the region.

3. Territorial Disputes and Ethnic Federalism

• Western Tigray: Amhara forces took control of this disputed area during the Tigray war, claiming it historically belongs to Amhara. Tigrayans see this as illegal occupation. The dispute has fueled long-standing ethnic grievances.
• Ethnic Federalism Tensions: Ethiopia’s federal system, which grants autonomy to ethnically defined regions, has become a flashpoint. Amharas argue the system marginalizes them in areas like Oromia, while other groups accuse Amharas of trying to dominate multiethnic regions.

 4. Militarization and Breakdown of Law

• Widespread Insecurity: The central government’s authority has weakened in Amhara. Fighting between Fano and the Ethiopian National Defense Forces (ENDF) has led to widespread displacement, killings, and humanitarian disruptions.
• State of Emergency: In August 2023, the federal government declared a state of emergency in Amhara, further militarizing the situation and triggering reports of arbitrary detentions and abuses.

 5. Lack of Inclusive Political Dialogue

• No national reconciliation process has addressed the grievances of the Amhara community—or any major group—since the Tigray war. The absence of dialogue has led to radicalization and a lack of political outlets for dissent.

Outlook

• The crisis risks becoming a protracted internal conflict if no serious political solution is pursued.
• It also undermines Ethiopia’s territorial integrity, with growing signs of state fragmentation.

Amhara’s outspoken leaders who criticised this dominance faced removal, arrest or exile. The region’s president, Ambachew Mekonnen, was assassinated in June 2019.

Harassment, kidnappings for ransom and arrests were daily experiences for Amhara region residents trying to enter Addis Ababa. Members of the Amhara community also faced ethnic-based violence in various parts of the country.

These incidents provoked anti-government protests throughout Amhara.

A peace agreement signed in 2022 in South Africa ended a brutal two-year war in Tigray and neighbouring regions. However, it deepened the sense of marginalisation in Amhara.

While the agreement silenced the guns in Tigray, it sidelined Amhara constituencies by denying them representation in the talks despite the region being affected by the war. The agreement’s ambiguity regarding the fate of territories disputed between Amhara and Tigray, such as Welkait, further fuelled distrust.

The last nail in the coffin came in April 2023. The government decided to dismantle regional special forces. This was ostensibly aimed at consolidating the country’s fighting forces. Continued conflict in Amhara could lead to other regions pursuing autonomy or resisting federal control.

However, with unresolved territorial disputes and Oromo nationalist ambitions at the centre, disarming the Amhara Special Forces was interpreted as a move to weaken Amhara defences. Additionally, the more than 200,000-strong Tigray Defence Forces were left intact. This contributed to a sense of vulnerability in neighbouring Amhara.

Public protests led to clashes with government forces. These protests morphed into an insurgency by the Fano in the following months.

The insurgency has expanded its reach and has public support across the region and in the diaspora.

The Fano insurgency is taking place in a territory three times the size of Tigray, stretching the federal army.

Various Fano factions cite objectives that range from the protection of Amhara interests to constitutional change and overthrowing the federal government. The federal government’s efforts to centralize power—including disarming regional special forces—have been perceived as direct threats to Amhara autonomy.

However, the insurgency is still in its infancy. It lacks unified leadership, a cohesive structure or a chain of command. Factional divisions and competition persist, and there are no clear objectives.

The government seems determined to crush the Fano insurgency by force. A state of emergency was declared in August 2023 for six months. It was later extended.

While the state of emergency in Amhara officially ended in June 2024, some restrictions remain in place. This includes de facto curfews in major cities, including the capital Bahir Dar.

The counterinsurgency relies on heavy Ethiopian National Defence Forces deployments and drone strikes.

On the other hand, the government has indicated its openness to peace talks. However, it has avoided meaningful confidence-building measures, such as releasing Amhara political prisoners. A Peace Council established to mediate between the Fano and the government has proven ineffective. Its spokesperson has noted federal reluctance to negotiate.

The government’s peace efforts have centred on repeated calls for insurgents to surrender. There are reports that the government wants to talk to different Fano factions separately in the hope of fragmenting the insurgency further. Secret talks with one faction of the Fano are an indication of this strategy.

The government’s violent counterinsurgency and occasional peace overtures are unlikely to succeed. The Prosperity Party is not popular in Amhara. A meaningful peace process – rather than calls for surrender or attempts to co-opt factions – is essential. 

The federal government also needs to be part of a multi-stakeholder negotiation involving all Fano factions, civil society, community leaders, and domestic and diaspora-based opposition groups. Unbiased mediation from regional and international players may also be useful. Past attempts at piecemeal talks with factions of armed groups – be it in Tigray or Oromia – have prolonged insurgencies or fostered new ones. Only a comprehensive, all-inclusive dialogue can address the crisis.Such a process needs to address deep-seated structural challenges. This includes ensuring the protection of Amhara minorities living in other regions, and the region’s representation within local, regional and federal government structures. Territorial disputes need to be addressed through a process rooted in historical context, constitutional principles and the consent of the people concerned.

Policy Recommendations:

For the Ethiopian Government:

• Suspend militarized crackdowns and reinitiate inclusive dialogue with Amhara representatives, including local elders and civic groups.
• Establish a neutral truth and reconciliation commission to address regional grievances.
• Reassess ethnic federalism’s structural flaws while preserving minority protections.

For International Actors:

• UN & AU Mediation: Encourage high-level mediation by the African Union, with support from the UN or neutral third-party states.
• Targeted diplomacy: The EU, US, and others should use quiet diplomacy to pressure for dialogue, while conditioning aid on human rights compliance.
• Support local peacebuilding: Fund and empower local civil society actors engaged in peacebuilding and community-based conflict resolution.
• Monitor human rights abuses and apply targeted sanctions if violations persist.

:

The Amhara crisis is not an isolated regional issue—it is a symptom of Ethiopia’s unresolved political transition. A durable solution must combine local peacebuilding, national reform, and external pressure for accountability. Ignoring the crisis risks not only Ethiopia’s disintegration but broader regional instability.

Experts warn of a critical vulnerability impacting Apache Parquet’s Java Library that could allow remote code execution.

Apache Parquet’s Java Library is a software library for reading and writing Parquet files in the Java programming language. Parquet is a columnar storage file format that is optimized for use with large-scale data processing frameworks, such as Apache Hadoop, Apache Spark, and Apache Drill.

Experts disclosed a critical vulnerability, tracked as CVE-2025-30065 (CVSS score of 10.0), impacting Apache Parquet’s Java Library that could allow remote code execution

“Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code” reads the advisory.

The vulnerability CVE-2025-30065 is a Deserialization of Untrusted Data issue. The flaw affects systems importing Parquet files, especially from untrusted sources, and can be exploited by attackers tampering with the files. Versions 1.15.0 and earlier are vulnerable, with the flaw traced back to version 1.8.0. This impacts big-data frameworks (e.g., Hadoop, Spark, Flink) and custom applications using Parquet. Users should verify their software stack for this issue.

“If an attacker tricks a vulnerable system into reading a specially crafted Parquet file, they could gain remote code execution (RCE) on that system​.” reads a report published by Endor Labs. “In practice, this might allow them to:

• Take control of the system: They could run any commands or software, effectively gaining control​.
• Steal or tamper with data: Sensitive information could be accessed, copied, or modified.
• Install malware: The attacker might deploy ransomware, cryptominers, or other malicious software.
• Disrupt services: They could shut down services or corrupt data, causing denial of service and business downtime.

“All confidentiality, integrity, and availability of the affected system are at risk (in CVSS terms, “High” impact on all three)​. Despite the frightening potential, it’s important to note that the vulnerability can only be exploited if a malicious Parquet file is imported.”

According to Endor Labs, as of April 2025, there are no known active exploits for this vulnerability. However, with the issue now public, threat actors may attempt to exploit it. The researchers urge users to address the issue immediately.

To protect your systems from CVE-2025-30065, upgrade Apache Parquet Java to version 1.15.1 or later. If that’s not possible, avoid or validate Parquet files from untrusted sources and implement input validation. Enable monitoring and logging to detect suspicious behavior, and stay informed on updates from Apache or cybersecurity authorities. Applying these actions will reduce risks and protect your systems.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Parquet’s Java Library)

Tesla’s stock plummeted more than 30 percent in the first quarter of 2025, losing its post-election gains, as the electric vehicle pioneer grapples with an unexpected challenge: a consumer revolt against CEO Elon Musk’s leadership of the so-called Department of Government Efficiency and his political alliances.

Once celebrated across the political spectrum, Tesla has transformed from an environmental icon into a political flashpoint. 

Tesla dealerships have become symbols, explains Lara Starr, who organized a 200-person demonstration in Marin County, California. “You can’t disentangle Tesla from Musk, and you can’t disentangle Musk from Trump. And the one thing I can say about Musk positively is he has handed us a place in almost every community around the country that is symbolic of everything wrong that is going on in Washington.”

The impact of this grassroots rebellion is beginning to show in Tesla’s financial reports. Global sales have hit historic lows for the company, with particularly sharp declines in traditionally strong markets.

Despite Tesla’s business challenges, the billionaire poured considerable resources on reshaping America’s political landscape. His political spending — including with his super PAC spending $25 million in a single Wisconsin Supreme Court race — has yielded disappointing returns. His preferred candidate was defeated.

In this week’s episode of The Intercept Briefing, reporters Matt Sledge and Sunjeev Bery examine this grassroots rebellion and what it reveals about Musk’s power and the future of political activism.

“There’s been a lot of talk about how the Democrats are in disarray and not sure how to recover from the election last year. But this [Wisconsin] election — and the way that Elon Musk got involved and personalized it and made it about himself — gave Democrats an easy yes-no vote on Elon Musk, and I think that was really significant here,” says Sledge. 

He points out how that election is also a rebuke of the Trump–Musk alliance: “ It is fascinating that it is happening through this electoral mechanism, and that people are being allowed to give a referendum on this relationship, and that the democratic process is potentially having a direct input on this relationship.”

Intercept contributor Sunjeev Bery says the Tesla protests are much bigger than just Tesla or Musk. “The Tesla takedown movement has become this astonishing wave of opposition to Trump, the fascist directions of the Trump regime, everything Elon Musk is pushing with DOGE. It’s a place where lots of people who are angry about all of the different things that the Trump regime is up to — all of the fires they’re setting — can come together and focus on Elon Musk, Tesla, and the physical place of his dealerships.”

Listen to the full conversation of The Intercept Briefing on Apple Podcasts, Spotify, or wherever you listen.

The post Unplugged: The Backlash Against Trump–Musk appeared first on The Intercept.

Southeast Asians expressed an increased level of trust in the U.S.—and more said they would align themselves with the U.S. over China if forced to choose, a reverse of last year’s aggregated results—according to the latest State of Southeast Asia Survey Report by the ISEAS-Yusof Ishak Institute, a Singapore-based think tank, published Thursday.

[time-brightcove not-tgx=”true”]

That was, however, before President Donald Trump unveiled a slate of new tariffs yesterday that hit the region hard. Experts caution that results could look different if polled today.

Read More: ‘Inflation Day Rather Than Liberation Day’: How the World Is Reacting to Trump’s Latest Tariffs

The survey took place between Jan. 3 and Feb. 15, overlapping with Trump’s inauguration on Jan. 20. 2,023 respondents across 11 Southeast Asian countries—the 10 ASEAN member states and Timor-Leste—were asked “How confident are you that [the U.S./China] will ‘do the right thing’ for global peace, security, prosperity, and governance?”

Across ASEAN countries, levels of trust in the U.S. increased from 42.4% last year to 47.2% this year, and levels of distrust decreased from 37.6% to 33.0%. While levels of trust in the U.S. decreased in the Philippines, Singapore, Thailand and Vietnam, trust in the U.S. nevertheless outweighed distrust in the U.S. in seven out of the 10 countries: Brunei, Cambodia, Laos, Myanmar, the Philippines, Thailand, and Vietnam. Singapore, Indonesia, and Malaysia were the exceptions—in all three countries, distrust in the U.S. exceeded trust. Last year, trust in the U.S. outweighed distrust in just five out of the 10 countries—Cambodia, Myanmar, the Philippines, Thailand and Vietnam.

At the same time, countries’ trust in China increased by 11.8 percentage points—the largest increase in trust levels of any major power—from 24.8% to 36.6% this year. Still, slightly more than half of ASEAN-10 respondents expressed more distrust than trust in China. Trust in China exceeded distrust in just four of the 10 countries—Brunei, Cambodia, Laos, and Thailand.

The annual survey includes five categories of respondents: academia, think-tankers or researchers; private sector representatives; civil society, non-government organizations or media representatives; government officials; and regional or international organizations personnel. An equal 10% weighting was given to each of the 10 ASEAN member states on the basis that they each have equal say in the association’s decisions. Timor-Leste, which awaits formal admission to ASEAN, was also asked to participate in the survey for the first time, although it was not included in the aggregate ASEAN scores.

Respondents were asked about trust on a five point scale from “no confidence,” “little confidence,” “no comment,” “confident,” and “very confident.” Distrust was calculated as the sum of “no confidence” and “little confidence,” while trust included “confident” and “very confident.”

If ASEAN were forced to align itself with either the U.S. or China, Cambodia, Myanmar, the Philippines, Singapore, and Vietnam, or 52.3% of all ASEAN-10 respondents, favored the U.S. Last year, 50.5% of ASEAN-10 respondents, or seven out of 10 countries, polled higher in favor of China for the first time since 2019. Fewer respondents in Singapore, Thailand, and Vietnam, however, polled in favor of the U.S. this year as compared to last.

Read More: Is Southeast Asia Leaning More Toward China? New Survey Shows Mixed Results

The “volatility of preferences” between China and the U.S. suggests that “Southeast Asia is an arena for contention between Washington and Beijing despite desires ‘not to choose sides’ in the region,” Ja Ian Chong, associate professor of political science at the National University of Singapore and non-resident scholar with Carnegie China, tells TIME.

Chong says the Biden Administration bolstered ties in Asia, which might have contributed to U.S. standing even as countries geared up for a second Trump Administration. “There was an assumption that a second Trump administration would look broadly similar to the first one, which was not too big a departure of traditional U.S. foreign and economic policy,” Chong says, adding that several Southeast Asian economies were boosted by the relocation of firms away from China due to the trade war during the first Trump Administration.

The swing from China back to the U.S. this year is also likely due to countries putting stock in the Trump Administration introducing “restraint” on China, Sharon Seah, senior fellow and coordinator at the ISEAS-Yusof Ishak Institute’s ASEAN Studies Center, tells TIME. Seah was one of the researchers behind the report.

Concerns over China potentially using its economic and military power to threaten countries’ interests and sovereignty has been the main reason for distrusting China. That was reflected in the relatively higher distrust of China in Vietnam and the Philippines, countries that have had direct altercations with China over the disputed South China Sea—which was billed as the region’s top geopolitical concern, overtaking worries about Israel’s war in Gaza, which led last year.

But experts warn that the results may not reflect recent shifts in U.S. foreign policy.

Surveys tend to have a “shelf life,” Mark S. Cogan, associate professor of peace and conflict studies at Japan’s Kansai Gaidai University, tells TIME. When the survey took place, “Trump foreign policy hadn’t taken root,” Cogan says. Now, “U.S. foreign policy is in a very, very large state of flux.”

Trump’s freeze on foreign aid began in the middle of polling for the survey, but many of its effects in Southeast Asia were not seriously felt until the earthquake in Myanmar and Thailand on March 28, Seah tells TIME. Now, the “real life impact on the ground” has become clear.

Read More: How Myanmar’s Junta—and Ongoing Civil War—Complicates the Nation’s Earthquake Recovery

Cogan also pointed to the gutting of demining programs in Vietnam and Cambodia that have been critical to building trust between those countries and the U.S.—trust that Cogan says has been eroded. “The reestablishment of that relationship and the working to build trust again is going to take a very, very long time.”

Southeast Asian countries were among the hardest hit by Trump’s “reciprocal” tariffs, announced on April 2. Cambodia faces a 49% levy, Laos 48%, Vietnam 46%, Myanmar 44%, and Thailand, Indonesia, Brunei, and Malaysia all face levies of more than 20%.

Both Thailand and Vietnam have, during both the first and second Trump Administrations, tried leaning into their relationships with the U.S. But, Cogan says, as China has stepped up its investments in Southeast Asia and the U.S. applies punitive trade measures, more countries might wonder: “What kind of incentive is there, but to seek greater insurance by engaging more robustly with China?”

“On one hand, there is opportunity, certainly for the United States to get involved,” says Cogan, but at the same time “its foreign policy really says that it is retreating.”

Seah, however, warns it may be too soon to tell what impact Trump’s latest tariffs will have, since several countries are engaging in negotiations with the U.S.

China under the leadership of President Xi Jinping is widely seen as more predictable than the U.S. under Trump, Seah tells TIME. “Southeast Asia knows China’s red lines and understands how the Chinese governance system works.” Concerns that the U.S. is “distracted” by its internal politics and less able to engage with global issues polled as the highest reason for distrust in the power.

All major powers—the U.S., China, Japan, the European Union, and India—saw an increase in trust from Southeast Asia this year. Of these, Japan remains the most trusted, and its trust level increased from 58.9% to 66.8%. The E.U. overtook the U.S. for second most trusted, while the U.S., China and India followed in that order.

“Japan has been working with ASEAN for more than 50 years,” Seah tells TIME. Japan “gradually built up its credibility” after WWII, and “with the passage of time, consistent engagement with the region in trade, investments, [and] people-to-people exchanges has paid off.”

Cogan suggested the U.S. could learn from Japan’s consistent and stable approach.

“Sometimes influence isn’t found in the barrel of a gun,” he says. “It’s found through trust building, social cohesion, that kind of bonding, that reputation … that forms over decades and decades.”

On March 26, 2017, Jeffrey Ansted herded his family into a private plane bound for the Cayman Islands. The owner of an Ohio-based telecommunications company, Ansted had purchased the Cessna 525C jet one year earlier for $8 million. It had since become his go-to method of commuting to Florida, where he owned a condo and belonged to yacht and country clubs, as well as to his son’s lacrosse games in Towson, Maryland. For local travel, he drove a $250,000 Ferrari.

The trip to the Caymans was the last junket Ansted took before he was busted for fraud in 2018 by the Federal Communications Commission, which found that he had paid for his lavish lifestyle, including the jet and Ferrari, by embezzling millions from the agency’s Universal Service Fund (USF), a little-known program that subsidizes phone and internet access for low-income customers.

Ansted had signed up dead people for service and even fabricated social security numbers in order to obtain subsidies from the program. Then he’d transferred those subsidies from his company, American Broadband, into a personal account, according to a public notice from the FCC.

“It would be hard to describe a more brazen or textbook example of fraud, particularly when the entire purpose of the … program is to benefit low-income individuals,” then-FCC commissioner Brendan Carr, who is now the chairman, said in a statement at the time. American Broadband was fined more than $63 million, the largest such penalty in agency history.

For a government that loses hundreds of billions each year to fraud, according to some estimates, Ansted’s caper, funded by a program most Americans have never heard of, was just a drop in the bucket. But it was also a symptom of what critics say is a structural defect at the heart of USF, which has for decades faced allegations of fraud and mismanagement from the Government Accountability Office (GAO).

Created in 1996 as part of the Telecommunications Act, the program is funded through a surcharge on consumers’ telephone bills. But the size of that charge isn’t set by the FCC itself.

Instead, the agency uses the calculations of a private corporation, the Universal Service Administrative Company (USAC), which is run by representatives of the very companies that receive subsidies from the program. The companies estimate how much money they will need to expand service to high-cost areas and in nearly all cases, the FCC has miraculously set the surcharge equal to that amount, creating a system in which the beneficiaries of a government program decide how much the taxpayer spends on it.

That conflict of interest, critics say, is one reason why the surcharge has skyrocketed since the program’s inception, from just 5.7 percent in 2000 to 36.6 percent in the second quarter of 2025.

As the program has grown, so have the cases of reported fraud. And the body charged with preventing that fraud just so happens to be USAC—the same consortium of insiders that relies on the program for easy money.

The perverse incentives were noted by the Fifth Circuit Court of Appeals last year, when it ruled that the FCC’s funding structure was unconstitutional.

“The entity most responsible for snuffing out wasteful or fraudulent disbursements—USAC—is run almost entirely by stakeholders who stand to benefit financially when universal service subsidies grow,” Judge Andrew Oldham wrote for a nine-judge panel.

That structure is mandated by FCC regulations, which require nearly all of USAC’s directors to be recipients of USF funds. “FCC mandates that nine of USAC’s nineteen directors represent companies in the telecommunications industry who are compensated by the very same USF funds they raise,” Oldham wrote. “It mandates that another seven represent the schools, libraries, health care providers, and low-income consumers who are direct recipients of USF funds.”

The challenge to the program’s constitutionality has made it all the way to the Supreme Court, which will decide whether the FCC violated the so-called nondelegation doctrine—that is, the principle that Congress cannot delegate legislative power to private entities—by giving USAC so much control over USF. At issue is whether the surcharge on phone bills is really a tax and whether the FCC has put enough limits on USAC’s ability to set that fee.

The Court seemed poised to uphold the program when it considered the case, FCC v. Consumers’ Research, during oral arguments last month. Even so, the legal challenge has trained the klieg lights on USF, which also subsidizes internet access for schools and libraries and, between 2012 and 2021, lost more than $100 million to fraud from a single company.

Yet another company signed up more than 175,000 ineligible customers for service. And in Illinois, a charter school system run by Turkish nationals was fined $4.5 million for violating the program’s competitive bidding rules, which are designed to keep costs low when the FCC reimburses equipment.

Such scams do not appear to be an aberration. In 2017 alone, a part of USF that focuses on low-income consumers known as the Lifeline Program made more than $330 million in improper payments, according to an inspector general report. A GAO audit released that year found that more than a third of customers signed up for the Lifeline Program were not eligible for it, with $1.2 million a year going to fictitious or dead individuals.

“A complete lack of oversight is causing this program to fail the American taxpayer—everything that could go wrong is going wrong,” former Sen. Claire McCaskill (D, Mo.) said at the time. “We’re currently letting phone companies cash a government check every month with little more than the honor system to hold them accountable, and that simply can’t continue.”

McCaskill, a Democrat, implied that scandal stemmed from the rapaciousness of private companies. But for conservative critics of the program, which doles out $8 billion a year, the fraud highlights how the administrative state—often justified as a bulwark against corporate greed—can give corporations new opportunities to enrich themselves when it outsources policymaking to private entities.

In theory, it is Congress that collects taxes and the executive branch that disburses the revenue. But by letting USAC set the surcharge, critics say the FCC has put both powers in the hands of private companies, insulating the program from democratic oversight.

“They set their own budget for spending, then adjust taxes to cover what they’re spending,” said Chris DeMuth, a legal scholar at the Heritage Foundation and the former president of the American Enterprise Institute. “The Ways and Means Committee doesn’t have that kind of power.”

The result, DeMuth added, is a kind of “formalized” regulatory capture with few precedents in public finance. While the FCC can theoretically revise USAC’s recommendations for the surcharge, it has only done so a few times in its history, and only by a small amount.

In the second quarter of 2003, for example, the agency revised the proposed surcharge from 9.0044 percent to 9.1 percent—an increase the FCC cited in court to argue that it exercises meaningful restraint over USAC. The filing admitted that “the Commission’s revisions are relatively infrequent” but noted that USAC’s proposals are “guided by … detailed regulations.”

In his opinion challenging the program, Oldham argued that those regulations mean little if the regulated entity, USAC, is the one tasked with enforcing them.

“Because the telecommunications industry polices its own compliance with FCC universal service policy … private entities have a far more important and discretionary role in determining the size of the contribution amount … than the FCC would have you believe,” Oldam wrote. “FCC has in effect said to carriers: Here is our universal service policy and a blank check. … We know you have financial incentives to juice the number, but we trust you’ll follow our policy to the letter anyways.’”

The post Private Jets, Ferraris, and False Claims: Inside An Obscure Federal Program Rife With Fraud appeared first on .

Congressional Republicans are mounting an effort to codify President Donald Trump’s “maximum pressure” campaign on Tehran via a 10-bill legislative package that would sanction Tehran’s leadership, cut off its access to cash, and strangle the regime’s regional terror proxies, the Washington Free Beacon has learned.

The campaign includes “the toughest Iran sanctions package ever proposed by Congress,” according to the Republican Study Committee (RSC), the House’s largest GOP caucus, which is leading the effort. Together, according to an RSC fact sheet, the bills “would gut Iran’s ability to fund terrorism throughout the region, sanction the Supreme Leader of Iran,” and compel future presidents to fully “enforce sanctions on Iran’s oil sales,” which hit historic highs under the Biden administration.

While the Trump administration has already issued a slew of executive orders reinstating intense economic pressure on Tehran, a future administration could easily undo them in the same way former president Joe Biden rolled back the tough Iran sanctions imposed during Trump’s first term in office. By locking in these initiatives legislatively, any future administration would have a much more difficult time easing economic pressure on Tehran.

Rep. August Pfluger (R., Texas), the RSC’s chairman, told the Free Beacon he is building support for the effort with fellow House Republican leaders and hopes to bring the package to a vote in the near future. Trump’s team, he said, backs all of the bills included in the package.

“We have an extreme sense of urgency,” Pfluger said in an interview. “There’s no daylight in between what leadership ideologically views as the right thing to do and what we have put forward.” As Iran marches closer to a nuclear weapon and bucks the Trump administration’s effort to restart diplomacy, the package can serve as a tool to increase pressure on Tehran’s hardline leadership, Pfluger said.

The bills appear to have a good path to passage in the House. In the Senate, the GOP’s razor-thin majority, paired with the upper chamber’s 60-vote threshold, makes approval more difficult. Still, Pfluger and others said talks are underway with prospective Senate sponsors, including Ted Cruz (R., Texas), Tom Cotton (R. Ark.), and Jim Banks (R., Ind.), himself a former RSC chairman.

A senior congressional aide familiar with discussions said the Iranian regime intends to “wait out” Trump’s term in office with the hopes that a future Democratic administration once again reverses pressure.

“The mullahs still think they can wait out American pressure, and so they’re refusing to dismantle their nuclear program the way President Trump is demanding,” the source said. “By locking in maximum pressure, Republicans are signaling that the Iranian regime needs to come to the table or face crippling pressure indefinitely.”

The central piece of legislation in the sanctions package is Rep. Zach Nunn’s (R., Iowa) Maximum Pressure Act. The bill mirrors Trump’s February executive order reestablishing sanctions on Iran, making them the law of the land.

“Iran’s direct assaults on global security and American leadership will no longer go unanswered,” Nunn, who chairs the RSC’s national security task force, said in a statement.

The Maximum Pressure Act is bolstered by a second Pfluger-led bill that would freeze Iran’s global access to cash and prevent any future president from issuing sanctions waivers, the primary method used by Biden to skirt the law during his time in office. The Biden administration repeatedly issued sanctions waivers that provided Iran with access to upwards of $10 billion in backed electricity payments owed by Iraq.

Pfluger introduced the same bill during the House’s last session, and it passed by a vote of 259 to 160. It is expected to garner similar support this time around.

Other bills target Iran’s lucrative energy sector, which has helped keep the hardline regime afloat and money flowing to its terror proxies, including Hamas, Hezbollah, and the Houthi rebels in Yemen.

Pfluger’s No Iranian Energy Act would sanction “the importation of Iranian natural gas to Iraq,” zeroing out another prime revenue stream.

Additional measures would codify the Trump administration’s executive order designating the Houthis as a foreign terrorist organization and ensure that “a future Democrat administration cannot provide sanctions relief until Iran stops supporting terrorist activity,” according to information about the effort provided by the RSC.

The post Congressional Republicans Prepare 10-Bill Sanctions Package To ‘Gut’ Iran and Punish Its Supreme Leader appeared first on .

CERT-UA reported three cyberattacks targeting Ukraine’s state agencies and critical infrastructure to steal sensitive data.

The Computer Emergency Response Team of Ukraine (CERT-UA) reported three cyberattacks in March 2025 targeting Ukrainian agencies and infrastructure to steal sensitive data. This activity is tracked under the identifier UAC-0219.

“The Ukrainian government’s computer emergency response team, CERT-UA, is taking systematic measures to accumulate and analyze data on cyber incidents in order to provide up-to-date information on cyber threats.” reads the report published by CERT-UA. “Thus, during March 2025, at least three cyberattacks were recorded against government agencies and critical infrastructure facilities of Ukraine, aimed at collecting and stealing information from computers using appropriate software tools.”

Since fall 2024, threat actor used compromised accounts to send emails with links (e.g., DropMeFiles, Google Drive) leading to VBScript loaders that download PowerShell scripts. These scripts search for sensitive files and take screenshots for exfiltration via cURL. Attackers used NSIS installers with decoy files and IrfanView. Notably, from 2025 onwards, the screenshot functionality shifted to being powered by PowerShell. Targets included file types like .doc, .pdf, .xls, .png, and more.

The primary tool used for stealing files, tracked as WRECKSTEEL, has versions in VBScript and PowerShell. Since the stealers are not persistent, any signs of cyberattacks should be reported to CERT-UA immediately for prompt cyber protection measures.

The report includes indicators of compromise (IoCs).

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

According to Hungarian Justice Minister Bence Tuzson,The Hungarian government plans to withdraw from the International Criminal Court.

While Hungary hasn’t officially withdrawn as of now, there are speculative reasons why Orbán could be inclined to move in that direction or express skepticism toward the ICC.

1. Distrust of Supranational Institutions

Orbán has long positioned himself against international bodies that he claims infringe on Hungarian sovereignty, such as the EU and international courts. The ICC, being a supranational court, fits that mold.

2. Alignment with Authoritarian Trends

Some of Orbán’s close allies and ideological partners — like Russia, China, and Turkey — are not members of the ICC or have openly criticized it. Aligning with their stance allows Hungary to be part of an alternative geopolitical axis that resists Western institutional norms.

3. Protecting Allies from Prosecution

If the ICC were to pursue cases involving Hungary’s allies, such as Russia (especially over Ukraine), Orbán might reject the legitimacy of the court to shield his strategic relationships — particularly with Vladimir Putin.

4. Precedent of Politically-Motivated Prosecutions

Orbán and his government have criticized Western institutions for what they perceive as politically biased actions. Some populist and nationalist leaders argue that the ICC is used by the West to punish non-Western leaders, particularly from Africa or countries outside NATO.

By rejecting or threatening to quit the ICC, Orbán can appeal to his nationalist voter base by casting himself as a defender of Hungary against “foreign interference” — especially on issues like migration, national security, or judicial reforms.

In case of withraw Orban can face Consequences:

• Loss of credibility within the EU
• Closer alignment with non-Western powers
• Damage to Hungary’s international image on human rights and rule of law.

The chance of Viktor Orbán withdrawing Hungary from the International Criminal Court (ICC) is low to moderatein the near term — but not unthinkable, especially if certain political or geopolitical pressures align.

the Chance Is Relatively Low (for now) because of:

1. Hungary Is Still Part of the EU
   Leaving the ICC would be a major red flag for Brussels. It would isolate Hungary even further within the EU and possibly trigger additional political and legal retaliation. Orbán tends to push boundaries within the EU framework without formally breaking away.
2. Hungary Has No Immediate ICC Cases or Exposure
   Unlike leaders or states with direct ICC investigations (like Russia or Sudan), Hungary doesn’t currently face any active scrutiny. So there’s no urgent legal incentive to withdraw.
3. Withdrawal Is Politically Costly
   Quitting the ICC could backfire internationally, damaging Hungary’s credibility, foreign investment climate, and diplomatic ties beyond Europe.

 However   It’s Still Plausible (in the medium to long term):

1. Orbán’s Growing Alignment with Russia
   If the ICC pursues more aggressive investigations or arrest warrants related to Russia’s actions in Ukraine, Orbán might use that as a reason to discredit the court — especially if Hungary is pressured to act on such warrants.
2. Trend Toward Sovereigntism
   Orbán is part of a broader populist-authoritarian wave skeptical of international institutions. If that trend deepens — and especially if Trump returns to the White House and withdraws U.S. support for the ICC — Orbán could feel emboldened to follow suit.
3. Domestic Political Theater
   If Orbán needs to stir nationalist sentiment or distract from domestic issues (e.g. corruption, economic stagnation), attacking institutions like the ICC could be a useful rhetorical tool.

 Estimated Probability (Next 2–3 Years):

• 10–20% chance of formal withdrawal
• 50% chance of increased anti-ICC rhetoric or non-cooperation in specific cases (especially involving Russia or migration)

Likelihood: Moderate (10–20% in next 2–3 years)
While not imminent, Orbán may consider an ICC withdrawal or de facto non-cooperation as part of a broader sovereigntist strategy, especially if:

• The ICC intensifies efforts to prosecute Russian officials for Ukraine-related crimes
• EU pressure on Hungary increases over rule-of-law issues
• U.S. global leadership declines or shifts (e.g., under a second Trump presidency)

Motivating Factors

• Political Alignment: Orbán has deepened ties with non-Western regimes, particularly Russia. He may reject ICC jurisdiction as a way to shield allies.
• Nationalist Messaging: Criticizing global institutions fits Orbán’s domestic narrative of defending Hungarian sovereignty.
• Strategic Hedging: Withdrawal could be used as leverage in negotiations with the EU or as a diversion from domestic issues.

Consequences for the EU

• Erosion of EU Normative Unity: Hungary’s withdrawal would challenge the EU’s human rights and international law commitments.
• Diplomatic Fallout: It could embolden other populist leaders and strain coordination on international justice.
• Precedent Setting: Other EU states under populist rule may follow Hungary’s example.

NATO Implications

• Security Coordination Risks: Withdrawal could complicate legal frameworks for NATO operations, including accountability and interoperability.
• Reputational Damage: NATO’s democratic identity may be questioned if a member actively rejects international justice mechanisms.

Recommendations for the EU and NATO

1. Diplomatic Engagement: Quiet, sustained dialogue with Hungary to stress the ICC’s relevance and reduce confrontational dynamics.
2. Contingency Planning: EU legal teams should prepare for scenarios of ICC withdrawal and draft coordination protocols.
3. Strategic Communication: Reaffirm the importance of the ICC in maintaining a rules-based international order.
4. Internal Pressure: Link EU funding mechanisms (e.g., Rule of Law Conditionality Regulation) to continued participation in international treaties.
5. Alliance Cohesion: NATO should develop soft pressure tools (e.g., internal forums, political signaling) to preserve shared commitments.

Hungary’s potential withdrawal from the ICC would represent a symbolic rupture with the post-WWII international order that the U.S. and EU have supported for decades. While not likely in the short term, the trajectory of Orbán’s governance suggests that such a move is within the realm of possibility. Proactive engagement, conditionality mechanisms, and alliance-level dialogue are essential to pre-empt this scenario and reinforce international justice norms.

Leaders around the world have responded to U.S. President Donald Trump’s shocking new tariffs that threaten to upend the global economy with stern words and denunciations. But Chinese state media have offered a different approach.

“‘Liberation Day,’ you promised us the stars,” sings a female-sounding voice over images of Trump. “But tariffs killed our cheap Chinese cars.”

A 2-minute, 42-second music video—titled “Look What You Taxed Us Through (An AI-Generated Song. A Life-Choking Reality)”—was published on April 3 by the Chinese state news network CGTN.

[time-brightcove not-tgx=”true”]

For many Americans, “Liberation Day,” hailed by Trump’s administration, means shrinking paychecks and rising costs. Tariffs hit, wallets quit: low-income families take the hardest blow. As the market holds its breath, the toll is already undeniable. #LiberationDay #CGTNOpinion pic.twitter.com/RzXFFVHoFg

— CGTN (@CGTNOfficial) April 3, 2025

“For many Americans, ‘Liberation Day’ hailed by Trump administration will mean shrinking paychecks and rising costs. Tariffs hit, wallets quit: low-income families take the hardest blow. As the market holds its breath, the toll is already undeniable. Numbers don’t lie. Neither does the cost of this so-called ‘fairness,’” CGTN captioned the video on its website. “Warning: Track is AI-generated. The debt crisis? 100 percent human-made.”

The lyrics, displayed in English and Chinese, appear to rebuke Trump’s tariffs from the point of view of the American consumer, and it’s addressed directly to the U.S. President. “Groceries cost a kidney, gas a lung. Your ‘deals’? Just hot air from your tongue,” the opening verse continues. “Thanks for the tariffs, and the mess you made,” the song ends, before the music video displays quotes from reports by the Yale Budget Lab and the Economist lambasting Trump’s tariffs.

Experts have warned that American consumers will bear much of the costs of Trump’s tariffs, which are taxes on imports, and U.S. recession indicators have risen since the White House’s April 2 “reciprocal” tariff rollout. At the same time, global markets have been shocked at a level not seen since the pandemic.

CGTN isn’t the only state media outlet to use AI to slam Trump’s trade policy. New China TV, the English-language social-media-focused brand of China’s official state news service Xinhua, also published on April 3 a three-minute, 18-second sci-fi short called “T.A.R.I.F.F.”

This is the story of T.A.R.I.F.F., an #AIGC sci-fi thriller about the relentless weaponization of #Tariffs by the United States, and the psychological journey of a humanoid️ towards its eventual self-destruction. Please watch: pic.twitter.com/JkA0JSLmFI

— China Xinhua News (@XHNews) April 4, 2025

The film follows a robot named Technical Artificial Robot for International Fiscal Functions. “This is the story of T.A.R.I.F.F., an AIGC [artificial-intelligence-generated content] sci-fi thriller about the relentless weaponization of #Tariffs by the United States, and the psychological journey of a humanoid towards its eventual self-destruction. Please watch,” reads the video’s description on YouTube.

In the film, T.A.R.I.F.F. is booted up by what appears to be a nefarious U.S. government official named “Dr. Mallory.” T.A.R.I.F.F. identifies himself, saying: “My existence is defined by the execution of international fiscal actions, with the primary directive being the imposition of tax on foreign imports.” When asked what his ultimate purpose is, T.A.R.I.F.F. responds: “To protect the interests of the American people.”

“Exactly,” says Dr. Mallory. “We need you as a weapon to protect us, now more than ever.”

As the film goes on, T.A.R.I.F.F. implements “moderate tariffs” and finds initial positive results: “Industrial production up.” But when Dr. Mallory pushes the robot to “rev it up,” T.A.R.I.F.F. implements “aggressive tariffs.” The results: “unemployment rates rising, costs of living increasing, disruption of trade.”

“You are protecting us. This is what we need,” Dr. Mallory says. T.A.R.I.F.F. responds, understanding: “Protection through disruption. Taxation as weapon.”

“Yes, tariffs are a tool of power. You will protect our industries, our jobs, our economy,” Dr. Mallory says, appearing increasingly agitated. “But I can see the consequences of my actions,” says the robot. “The trade wars. The unrest. The people who suffer. And the retaliation.”

Spoiler alert: T.A.R.I.F.F. and the evil doctor argue about the “greater good”—”With my AI economic inference system,” T.A.R.I.F.F. asserts, “I can see … I have become the beginning of a chain reaction that will harm the very people I was meant to safeguard”—and the robot ultimately chooses to self-destruct, taking Dr. Mallory along with it.

On April 3, following Trump’s latest tariffs announcement, China’s Ministry for Foreign Affairs posted on social media a video featuring a mix of seemingly AI-generated images and real ones, to the soundtrack of John Lennon’s “Imagine” and USA for Africa’s “We Are the World.” It asked the question: “What kind of world do you want to live in?” offering the choice between our “imperfect world” with things like “greed” and “tariffs” and an alternative utopia with “shared prosperity” and “global solidarity.”

What kind of world do you want to live in? pic.twitter.com/OU57nQ2saI

— CHINA MFA Spokesperson 中国外交部发言人 (@MFA_China) April 3, 2025

To be sure, the latter is certainly not the reality in China. And for now, it appears far from possible for the world.

Beijing has made its displeasure with Trump’s tariffs—which began targeting China in his first term—well known. The latest “reciprocal” rate of 34% comes on top of 20% levies announced earlier this year. Beijing has over the years implemented “tit-for-tat” countermeasures and has vowed to continue as long as the trade war persists, warning earlier this year: “If war is what the U.S. wants, be it a tariff war, a trade war or any other type of war, we’re ready to fight until the end.”

39 Million Secrets Leaked on GitHub in 2024

GitHub found 39M secrets leaked in 2024 and launched new tools to help developers and organizations secure sensitive data in code.

Microsoft-owned code hosting platform GitHub announced the discovery of 39 million secrets leaked in 2024. The exposure of this sensitive information poses a serious risk to organizations, as malicious actors are ready to exploit it in attacks. Developers frequently expose secrets like API keys, often underestimating the risk. Attackers exploit even “low-risk” leaks for lateral movement. Storing secrets in git history increases vulnerability, and accidental public exposures hit record highs in 2024.

“To give you an idea of the scope of the problem, more than 39 million secrets were leaked across GitHub in 2024 alone. Every minute GitHub blocks several secrets with push protection.” reads the report published by GitHub. “Still, secret leaks remain one of the most common—and preventable—causes of security incidents. As we develop code faster than ever previously imaginable, we’re leaking secrets faster than ever, too.”

The company launched new tools to help developers and organizations secure sensitive data in their code.

GitHub launches new Advanced Security features, including standalone Secret Protection and Code Security, support for GitHub Team orgs, and free secret scanning. Secret Protection is free for public repositories.

The company now offers standalone security add-ons for Team organizations, eliminating the need for Enterprise upgrades. To prevent leaks, GitHub enables Team and Enterprise users to run secret risk assessments across all repositories, enhancing security.

Secret Protection is free for public repositories. The company states that identifying exposed secrets is crucial.

“The secret risk assessment is a point-in-time scan leveraging our scanning engine for organizations, covering all repositories–public, private, internal, and even archived–and can be run without purchase. The point-in-time scan provides clear insights into the exposure of your secrets across your organization, along with actionable steps to strengthen your security and protect your code.” concludes the report. “In order to lower barriers for organizations to use and benefit from the feature, no specific secrets are stored or shared.” GitHub notes.

GitHub Advanced Security introduces major updates to enhance secret protection and code security. Now available as standalone products, these tools no longer require a full GitHub Advanced Security license, making them more accessible to smaller teams.

GitHub has also enhanced push protection with delegated bypass controls, allowing organizations to define who can override security measures, adding policy-level enforcement. AI-powered secret detection using GitHub Copilot improves accuracy by identifying unstructured secrets like passwords, reducing false positives.

To further strengthen security, GitHub has partnered with cloud providers like AWS, Google Cloud, and OpenAI to improve secret detection and response times.

The Microsoft-owned company also recommends best practices such as enabling Push Protection, eliminating hardcoded secrets, and using secret managers, environment variables, or CI/CD-integrated tools to reduce human error and exposure risks.

These updates aim to make security more accessible and improve secret management across repositories.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, secure coding)