Risky Bulletin: African Freelancers Behind Anti-US and Anti-French Disinfo Campaigns

Podcast: Risky Bulletin (Risky Biz)
Host/Reader: Claire Airdrop
Date: December 15, 2025

Episode Overview

This episode delivers a brisk and information-packed roundup of global cybersecurity news, with a sharp focus on disinformation campaigns, government cyber policies, significant data breaches, and notable vulnerability disclosures. The main headline explores Russia's hiring of African freelancers to spread anti-US and anti-French narratives, alongside legislative and policy developments in the US and Europe.

Key Discussion Points and Insights

1. Russia’s African Disinformation Network

[00:15]

• Russia is hiring freelancers in Sub-Saharan Africa to run disinformation campaigns targeting African audiences.
• Meta identified and dismantled part of this network, noting the freelancers advertised services on Upwork.
• The campaign centered on publishing content critical of France and the US, and promoting pro-Russian narratives.
• Payments were traced back to Russian entities.
• Quote (Claire Airdrop, 00:26):
  "Meta says the freelancers are being paid by entities based in Russia. The campaign published content critical of France and the US and promoted Russian geopolitical narratives."

2. The US Moves Toward Outsourcing Offensive Cyber Ops

[01:00]

• The upcoming executive order may permit private companies to conduct offensive cyber actions for the US government.
• The Office of the National Cyber Director is drafting a supporting strategy document.
• Other priorities: streamlining cyber regulations, adopting post-quantum cryptography, and securing critical infrastructure.
• Congress has allocated $1 billion for these offensive operations in the annual spending bill.
• Quote (Claire Airdrop, 01:19):
  "Congress has already allocated $1 billion for offensive cyber operations in the annual spending bill."

3. US Legislative Responses to Security Threats

[01:34] Satellite Cybersecurity Bill

• A new bill aims to bolster the cybersecurity of commercial satellites; guidelines will be voluntary.

[01:56] LIDAR Phase-Out

• Proposed bill to phase out Chinese LIDAR technology due to national security concerns.

4. European Security Updates

[02:22] Germany: Russian APT Accusations

• Germany accuses Russia's APT24 (military intelligence) of hacking its air traffic control agency in the previous year.
• Ongoing Russian election interference through disinformation noted.
• Diplomatic response: summoning the Russian ambassador for a formal complaint.

[02:52] France: Interior Ministry Breached

• French authorities investigate a compromise of the Interior Ministry’s email server.

5. Asia-Pacific Developments

[03:08] South Korea’s New Breach Fines

• Proposal to fine companies up to 3% of annual sales for repeated security failures.
• Stiffer penalties for delayed breach reporting.
• Triggered by major breaches at companies like SK Telecom and Coupang.

6. Privacy and State Surveillance

[03:35] Italy: Papal Plea on Spyware

• Pope Leo requests that Italian intelligence respect privacy after spying allegations, including surveillance of priests.

7. Major Vulnerability and Patch Roundup

[03:54] Apple WebKit Zero Days

• Apple patches two actively exploited WebKit zero days affecting iOS users with outdated versions.
• Google’s security team uncovered the attacks.

[04:23] Chrome Zero Day

• Google patches a simultaneous zero day in Chrome.

8. Noteworthy Data Breaches & Exposures

[04:35] Photo Booth Leak

• Hammer Film exposed customer photos and videos online; still unresolved.

[04:45] 700 Credit Breach

• US credit company exposed data of 5.6 million customers, including SSNs.

[04:58] Home Depot Cloud Security Flaw

• Exposure of cloud infrastructure due to leaked GitHub token with write permissions.
• Only revoked after media inquiry.
• Quote (Claire Airdrop, 05:09): "The company was notified by a security researcher, but only revoked the token after being contacted by a reporter from TechCrunch."

9. Malware & Vulnerabilities in the Wild

[05:22] Manga Game USB Malware

• MangaGamer withdraws a game USB release infected with Floxif Windows virus.

10. Messaging and Telecom Security

[05:39] Freedom Chat App Flaws

• Two vulnerabilities leaked user phone numbers and PINs; all pins reset as a precaution.

[05:55] FreePBX Open Source Patches

• Critical vulnerabilities fixed (auth bypass, SQL injections, file upload RCE).
• Quote (Claire Airdrop, 05:59):
  "Almost 12,000 FreePBX servers are connected to the Internet."

11. Industrial and Infrastructure Security

[06:10] AutomationDirect PLC Flaws

• Seven major vulnerabilities in Click PLCs used in factories and amusement parks.

[06:27] Chinese Research on US Grid

• Over 2,700 scientific papers from Chinese researchers detail US power grid vulnerabilities, some linked to military entities.

12. Activism and Device Searches

[06:47] Activist Charged for Wiping Phone

• Samuel Tunick, an activist, charged post-factum for resetting his phone after an overseas trip and CBP questioning.

13. Microsoft 365 New Security Mode

[07:05]

• New baseline Security Mode for automatic configuration of minimum security settings across Microsoft 365 applications is rolling out and will complete by March.

Notable Quotes & Memorable Moments

• On Russian disinfo outsourcing:
  "Meta says the freelancers are being paid by entities based in Russia. The campaign published content critical of France and the US and promoted Russian geopolitical narratives."
  (Claire Airdrop, 00:26)

• On private sector offensive cyber ops:
  "Congress has already allocated $1 billion for offensive cyber operations in the annual spending bill."
  (Claire Airdrop, 01:19)

• On critical security negligence:
  "The company was notified by a security researcher, but only revoked the token after being contacted by a reporter from TechCrunch."
  (Claire Airdrop, 05:09)

• On open source telephony risk:
  "Almost 12,000 FreePBX servers are connected to the Internet."
  (Claire Airdrop, 05:59)

Key Timestamps for Important Segments

• 00:15 – Russian disinfo outsourcing via African freelancers
• 01:00 – US considers private offensive cyber ops
• 01:34 – Legislation on satellite cybersecurity and Chinese LIDAR
• 02:22 – Germany blames Russia for air traffic control hack
• 03:08 – South Korea introduces breach fines
• 03:35 – Pope Leo urges intelligence restraint
• 03:54 – Apple and Chrome zero days patched
• 04:35 – Major data exposures (photo booths, 700 Credit, Home Depot)
• 05:39 – Freedom Chat vulnerability and FreePBX patch
• 06:10 – PLC vulnerabilities in factories/amusement parks
• 06:27 – Chinese research on US grid vulnerabilities
• 06:47 – Activist charged for phone wiping
• 07:05 – Microsoft 365 Security Mode rollout

Tone and Style

• Direct, concise, and firmly grounded in technical and geopolitical detail.
• News is delivered in a matter-of-fact, accessible manner, typical of cybersecurity news briefings.
• Quotes and summaries reflect the urgent, sometimes critical tone, especially when touching on national security implications and corporate oversight lapses.

This summary captures the essential developments and memorable moments from the episode, while providing context and detailed timestamps for quick reference.