joshuark shares a report from BleepingComputer: The FBI has seized the notorious RAMP cybercrime forum, a platform used to advertise a wide range of malware and hacking services, and one of the few remaining forums that openly allowed the promotion of ransomware operations. Both the forum's Tor site and its clearnet domain, ramp4u[.]io, now display a seizure notice stating, "The Federal Bureau of Investigation has seized RAMP."

While there has been no official announcement by law enforcement regarding this seizure, the domain name servers have now been switched to those used by the FBI when seizing domains. If so, law enforcement now has access to a significant amount of data tied to the forum's users, including email addresses, IP addresses, private messages, and other potentially incriminating information. In a forum post to the XSS hacking forum, one of the alleged former RAMP operators known as "Stallman" confirmed the seizure.

An anonymous reader quotes a report from Politico: The interim head of the country's cyber defense agency uploaded sensitive contracting documents into a public version of ChatGPT last summer, triggering multiple automated security warnings that are meant to stop the theft or unintentional disclosure of government material from federal networks, according to four Department of Homeland Security officials with knowledge of the incident. The apparent misstep from Madhu Gottumukkala was especially noteworthy because the acting director of the Cybersecurity and Infrastructure Security Agency had requested special permission from CISA's Office of the Chief Information Officer to use the popular AI tool soon after arriving at the agency this May, three of the officials said. The app was blocked for other DHS employees at the time.

None of the files Gottumukkala plugged into ChatGPT were classified, according to the four officials, each of whom was granted anonymity for fear of retribution. But the material included CISA contracting documents (PDF) marked "for official use only," a government designation for information that is considered sensitive and not for public release. Cybersecurity sensors at CISA flagged the uploads this past August, said the four officials. One official specified there were multiple such warnings in the first week of August alone. Senior officials at DHS subsequently led an internal review to assess if there had been any harm to government security from the exposures, according to two of the four officials. It is not clear what the review concluded.

When asked directly whether people actually like Experian, Alex Lintner, the credit bureau's CEO of Software and Technology, offered an unusual defense in an interview: "First of all, we're not Palantir, so we don't do reputation scores." Speaking on The Verge's podcast, Lintner conceded that consumers who have poor credit scores through "life's circumstances" sometimes direct their frustration at Experian, though he argued the company enables vital access to credit for 247 million Americans.

The 10-year company veteran said Experian has built its own large language model and about 200 AI agents for internal use, but consumer data remains entirely walled off from public AI systems. On security, Lintner said Experian hasn't experienced a data breach in a decade -- the last occurred two weeks into his tenure. When competitor Equifax suffered its massive breach, Equifax actually paid Experian to help protect affected consumers' identities.

There are reports that a legitimate Microsoft email address -- which Microsoft explicitly says customers should add to their allow list -- is delivering scam spam. ArsTechnica: The emails originate from no-reply-powerbi@microsoft.com, an address tied to Power BI. The Microsoft platform provides analytics and business intelligence from various sources that can be integrated into a single dashboard. Microsoft documentation says that the address is used to send subscription emails to mail-enabled security groups. To prevent spam filters from blocking the address, the company advises users to add it to allow lists.

According to an Ars reader, the address on Tuesday sent her an email claiming (falsely) that a $399 charge had been made to her. âoeIt provided a phone number to call to dispute the transaction. A man who answered a call asking to cancel the sale directed me to download and install a remote access application, presumably so he could then take control of my Mac or Windows machine (Linux wasn't allowed)," she said.

Online searches returned a dozen or so accounts of other people reporting receiving the same email. Some of the spam was reported on Microsoft's own website. Sarah Sabotka, a threat researcher at security firm Proofpoint, said the scammers are abusing a Power Bi function that allows external email addresses to be added as subscribers for the Power Bi reports. The mention of the subscription is buried at the very bottom of the message, where it's easy to miss.

A data breach at SoundCloud exposed information tied to 29.8 million user accounts, according to Have I Been Pwned. While SoundCloud says no passwords or financial data were accessed, attackers mapped email addresses to public profile data and later attempted extortion. BleepingComputer reports: The company confirmed the breach on December 15, following widespread reports from users who were unable to access SoundCloud and saw 403 "Forbidden" errors when connecting via VPN. SoundCloud told BleepingComputer at the time that it had activated its incident response procedures after detecting unauthorized activity involving an ancillary service dashboard. "We understand that a purported threat actor group accessed certain limited data that we hold," SoundCloud said. "We have completed an investigation into the data that was impacted, and no sensitive data (such as financial or password data) has been accessed. The data involved consisted only of email addresses and information already visible on public SoundCloud profiles."

While SoundCloud didn't provide further details regarding the incident, BleepingComputer learned that the breach affected 20% of all SoundCloud users, roughly 28 million accounts based on publicly reported user figures (SoundCloud later published a security notice confirming the information provided by BleepingComputer's sources). After the breach, BleepingComputer also learned that the ShinyHunters extortion gang was responsible for the attack, with sources saying that the threat group was also attempting to extort SoundCloud. This was confirmed by SoundCloud in a January 15 update, which said the threat actors had "made demands and deployed email flooding tactics to harass users, employees, and partners."

France will replace the American platforms Microsoft Teams and Zoom with its own domestically developed video conferencing platform, which will be used in all government departments by 2027, the country said. From a report: The move is part of France's strategy to stop using foreign software vendors, especially those from the United States, and regain control over critical digital infrastructure. It comes at a crucial moment as France, like Europe, reaches a turning point regarding digital sovereignty.

"The aim is to end the use of non-European solutions and guarantee the security and confidentiality of public electronic communications by relying on a powerful and sovereign tool," said David Amiel, minister for the civil service and state reform. On Monday, the government announced it will instead be using the French-made videoconference platform Visio. The platform has been in testing for a year and has around 40,000 users.

Microsoft has quietly suppressed an unexplained anomaly on its network that was routing traffic destined for example.com -- a domain reserved under RFC2606 specifically for testing purposes and not obtainable by any party -- to sei.co.jp, a domain belonging to Japanese electronics cable maker Sumitomo Electric.

The misconfiguration meant anyone attempting to set up an Outlook account using an example.com email address could have inadvertently sent test credentials to Sumitomo Electric's servers. Under RFC2606, example.com resolves only to IP addresses assigned to the Internet Assigned Names Authority. Microsoft confirmed it has "updated the service to no longer provide suggested server information for example.com" and said it is investigating.

Security researcher Dan Tentler of Phobos Group noted the company appears to have simply removed the problematic endpoint rather than fixing the underlying routing -- "not found" errors now appear where the JSON responses previously occurred. Tinyapps.org, which noted the behavior earlier this month, said the misconfiguration had persisted for five years. Microsoft has not explained how Sumitomo Electric's domain entered its configuration. The incident follows 2024's revelation that a forgotten test account with admin privileges enabled Russia-state hackers to monitor Microsoft executives' email for two months.

Longtime Slashdot reader schwit1 shares a report from PCMag: A lawsuit claims that WhatsApp's end-to-end encryption is a sham, and is demanding damages, but the app's parent company, Meta, calls the claims "false and absurd." The lawsuit was filed in a San Francisco US district court on Friday and comes from a group of users based in countries such as Australia, Mexico, and South Africa, according to Bloomberg.

As evidence, the lawsuit cites unnamed "courageous whistleblowers" who allege that WhatsApp and Meta employees can request to view a user's messages through a simple process, thus bypassing the app's end-to-end encryption. "A worker need only send a 'task' (i.e., request via Meta's internal system) to a Meta engineer with an explanation that they need access to WhatsApp messages for their job," the lawsuit claims. "The Meta engineering team will then grant access -- often without any scrutiny at all -- and the worker's workstation will then have a new window or widget available that can pull up any WhatsApp user's messages based on the user's User ID number, which is unique to a user but identical across all Meta products."

"Once the Meta worker has this access, they can read users' messages by opening the widget; no separate decryption step is required," the 51-page complaint adds. "The WhatsApp messages appear in widgets commingled with widgets containing messages from unencrypted sources. Messages appear almost as soon as they are communicated -- essentially, in real-time. Moreover, access is unlimited in temporal scope, with Meta workers able to access messages from the time users first activated their accounts, including those messages users believe they have deleted." The lawsuit does not provide any technical details to back up the rather sensational claims.
See also: "WhatsApp End-to-End Encryption Allegations Questioned By Some Security Experts, Lawyers."

Apple has launched a new AirTag 2 that features improved range, a speaker that's 50% louder, and expanded Apple Watch-based tracking. Pricing stays the same at $29 (or $99 for four). 9to5Mac reports: The new AirTag comes with an upgraded second-generation Ultra Wideband chip for improved range, including when using Precision Finding. From Apple Newsroom: "Apple's second-generation Ultra Wideband chip -- the same chip found in the iPhone 17 lineup, iPhone Air, Apple Watch Ultra 3, and Apple Watch Series 11 -- powers the new AirTag, making it easier to locate than ever before. Using haptic, visual, and audio feedback, Precision Finding guides users to their lost items from up to 50 percent farther away than the previous generation. And an upgraded Bluetooth chip expands the range at which items can be located. For the first time, users can use Precision Finding on Apple Watch Series 9 or later, or Apple Watch Ultra 2 or later, to find their AirTag, bringing a powerful experience to the wrist."

Another key upgrade with the new AirTag is an improved speaker, which should also make the accessory easier to find. Apple says: "With its updated internal design, the new AirTag is 50 percent louder than the previous generation, enabling users to hear their AirTag from up to 2x farther than before." Apple also touts privacy and security improvements with the new AirTag: "Designed exclusively for tracking objects, and not people or pets, the new AirTag incorporates a suite of industry-first protections against unwanted tracking, including cross-platform alerts and unique Bluetooth identifiers that change frequently."

Nike says it is investigating a potential data breach, after a group known for cyber attacks reportedly claimed to have leaked a trove of data related to its business operations. From a report: "We always take consumer privacy and data security very seriously," Nike said in a statement. "We are investigating a potential cyber security incident and are actively assessing the situation."

The ransomware group World Leaks said on its website that it had published 1.4 terabytes of data from Nike.

An anonymous reader shared this article from the blog Linuxiac In a blog post, Alan Pope, a longtime Ubuntu community figure and former Canonical employee who remains an active Snap publisher... [warns of] a persistent campaign of malicious snaps impersonating cryptocurrency wallet applications. These fake apps typically mimic well-known projects such as Exodus, Ledger Live, or Trust Wallet, prompting users to enter wallet recovery phrases, which are then transmitted to attackers, resulting in drained funds.
The perpetrators had originally used similar-looking characters from other alphabets to mimic other app listings, then began uploading "revisions" to other innocuous-seeming (approved) apps that would transform their original listing into that of a fake crypto wallet app.

But now they're re-registering expired domains to take over existing Snap Store accounts, which Pope calls "a significant escalation..." I worked for Canonical between 2011 and 2021 as an Engineering Manager, Community Manager, and Developer Advocate. I was a strong advocate for snap packages and the Snap Store. While I left the company nearly five years ago, I still maintain nearly 50 packages in the Snap Store, with thousands of users... Personally, I want the Snap Store to be successful, and for users to be confident that the packages they install are trustworthy and safe.

Currently, that confidence isn't warranted, which is a problem for desktop Linux users who install snap packages. I report every bad snap I encounter, and I know other security professionals do the same — even though doing so results in no action for days sometimes... To be clear: none of this should be seen as an attack on the Snap Store, Canonical, or the engineers working on these problems. I'm raising awareness of an issue that exists, because I want it fixed... But pretending there isn't a problem helps nobody.

Trend Micro's Zero Day Initiative sponsored its third annual Pwn2Own Automotive competition in Tokyo this week, receiving 73 entries, the most ever for a Pwn2Own event.

"Under Pwn2Own rules, all disclosed vulnerabilities are reported to affected vendors through ZDI," reports Help Net Security, "with public disclosure delayed to allow time for patches." Infotainment platforms from Tesla, Sony, and Alpine were among the systems compromised during demonstrations. Researchers achieved code execution using techniques that included buffer overflows, information leaks, and logic flaws. One Tesla infotainment unit was compromised through a USB-based attack, resulting in root-level access. Electric vehicle charging infrastructure also received significant attention. Teams successfully demonstrated exploits against chargers from Autel, Phoenix Contact, ChargePoint, Grizzl-E, Alpitronic, and EMPORIA. Several attacks involved chaining multiple vulnerabilities to manipulate charging behavior or execute code on the device. These demonstrations highlighted how charging stations operate as network-connected systems with direct interaction with vehicles.
There's video recaps on the ZDI YouTube channel — apparently the Fuzzware.io researchers "were able to take over a Phoenix Contact EV charger over bluetooth."

Three researchers also exploited the Alpitronic's HYC50 fast-charging with a classic TOCTOU bug, according to the event's site, "and installed a playable version of Doom to boot." They earned $20,000 — part of $1,047,000 USD was awarded during the three-day event.

More coverage from SecurityWeek: The winner of the event, the Fuzzware.io team, earned a total of $215,500 for its exploits. The team received the highest individual reward: $60,000 for an Alpitronic HYC50 EV charger exploit delivered through the charging gun. ZDI described it as "the first public exploit of a supercharger".

"NASA remains confident it has a handle on the problem and the vehicle can bring the crew home safely," reports CNN.

But "When four astronauts begin a historic trip around the moon as soon as February 6, they'll climb aboard NASA's 16.5-foot-wide Orion spacecraft with the understanding that it has a known flaw — one that has some experts urging the space agency not to fly the mission with humans on board..."

The issue relates to a special coating applied to the bottom part of the spacecraft, called the heat shield... This vital part of the Orion spacecraft is nearly identical to the heat shield flown on Artemis I, an uncrewed 2022 test flight. That prior mission's Orion vehicle returned from space with a heat shield pockmarked by unexpected damage — prompting NASA to investigate the issue. And while NASA is poised to clear the heat shield for flight, even those who believe the mission is safe acknowledge there is unknown risk involved. "This is a deviant heat shield," said Dr. Danny Olivas, a former NASA astronaut who served on a space agency-appointed independent review team that investigated the incident. "There's no doubt about it: This is not the heat shield that NASA would want to give its astronauts." Still, Olivas said he believes after spending years analyzing what went wrong with the heat shield, NASA "has its arms around the problem..."

"I think in my mind, there's no flight that ever takes off where you don't have a lingering doubt," Olivas said. "But NASA really does understand what they have. They know the importance of the heat shield to crew safety, and I do believe that they've done the job." Lakiesha Hawkins, the acting deputy associate administrator for NASA's Exploration Systems Development Mission Directorate, echoed that sentiment in September, saying, "from a risk perspective, we feel very confident." And Reid Wiseman, the astronaut set to command the Artemis II mission, has expressed his confidence. "The investigators discovered the root cause, which was the key" to understanding and solving the heat shield issue, Wiseman told reporters last July. "If we stick to the new reentry path that NASA has planned, then this heat shield will be safe to fly."

Others aren't so sure. "What they're talking about doing is crazy," said Dr. Charlie Camarda, a heat shield expert, research scientist and former NASA astronaut. Camarda — who was also a member of the first space shuttle crew to launch after the 2003 Columbia disaster — is among a group of former NASA employees who do not believe that the space agency should put astronauts on board the upcoming lunar excursion. He said he has spent months trying to get agency leadership to heed his warnings to no avail... Camarda also emphasized that his opposition to Artemis II isn't driven by a belief it will end with a catastrophic failure. He thinks it's likely the mission will return home safely. More than anything, Camarda told CNN, he fears that a safe flight for Artemis II will serve as validation for NASA leadership that its decision-making processes are sound. And that's bound to lull the agency into a false sense of security, Camarda warned.
CNN adds that Dr. Dan Rasky, an expert on advanced entry systems and thermal protection materials who worked at NASA for more than 30 years, also does not believe NASA should allow astronauts to fly on board the Artemis II Orion capsule.

And "a crucial milestone could be days away as Artemis program leaders gather for final risk assessments and the flight readiness review," when top NASA brass determine whether the Artemis II rocket and spacecraft are ready to take off with a human crew.

TechCrunch reports: On Wednesday, Anthropic released a revised version of Claude's Constitution, a living document that provides a "holistic" explanation of the "context in which Claude operates and the kind of entity we would like Claude to be...." For years, Anthropic has sought to distinguish itself from its competitors via what it calls "Constitutional AI," a system whereby its chatbot, Claude, is trained using a specific set of ethical principles rather than human feedback... The 80-page document has four separate parts, which, according to Anthropic, represent the chatbot's "core values." Those values are:

1. Being "broadly safe."
2. Being "broadly ethical."
3. Being compliant with Anthropic's guidelines.
4. Being "genuinely helpful..."

In the safety section, Anthropic notes that its chatbot has been designed to avoid the kinds of problems that have plagued other chatbots and, when evidence of mental health issues arises, direct the user to appropriate services...

Anthropic's Constitution ends on a decidedly dramatic note, with its authors taking a fairly big swing and questioning whether the company's chatbot does, indeed, have consciousness. "Claude's moral status is deeply uncertain," the document states. "We believe that the moral status of AI models is a serious question worth considering. This view is not unique to us: some of the most eminent philosophers on the theory of mind take this question very seriously."
Gizmodo reports: The company also said that it dedicated a section of the constitution to Claude's nature because of "our uncertainty about whether Claude might have some kind of consciousness or moral status (either now or in the future)." The company is apparently hoping that by defining this within its foundational documents, it can protect "Claude's psychological security, sense of self, and well-being."

The White House doubled down after posting a digitally altered photo of Minnesota protester Nekima Levy Armstrong, dismissing it as a "meme" despite objections from her attorney and comparisons to reality-distorting propaganda. "YET AGAIN to the people who feel the need to reflexively defend perpetrators of heinous crimes in our country I share with you this message: Enforcement of the law will continue. The memes will continue. Thank you for your attention to this matter," White House spokesperson Kaelan Dorr wrote in a post on X. The Hill reports: The statement came after Homeland Security Secretary Kristi Noem posted a photo of Armstrong's arrest Thursday showing Armstrong with what appears to be a blank facial expression. However, the White House later posted an altered version of the same photo that shows Armstrong crying.

Armstrong's attorney Jordan Kushner said in an interview with CNN that an agent was recording Armstrong's arrest on their cellphone. "I've never seen anything like it. It's so unprofessional," Kushner said. "He was ordered to do it because the government was looking to make a spectacle of this case. I observed the whole thing. She was dignified, calm, rational the whole time." Kushner went on to call the move to alter the photo "a hallmark of a fascist regime where they actually alter reality."

An anonymous reader quotes a report from NPR: TikTok has finalized a deal to create a new American entity, avoiding the looming threat of a ban in the United States that has been in discussion for years. The social video platform company signed agreements with major investors including Oracle, Silver Lake and MGX to form the new TikTok U.S. joint venture. The new version will operate under "defined safeguards that protect national security through comprehensive data protections, algorithm security, content moderation and software assurances for U.S. users," the company said in a statement Thursday. American TikTok users can continue using the same app. [...] Adam Presser, who previously worked as TikTok's head of operations and trust and safety, will lead the new venture as its CEO. He will work alongside a seven-member, majority-American board of directors that includes TikTok's CEO Shou Chew.

[...] In addition to an emphasis on data protection, with U.S. user data being stored locally in a system run by Oracle, the joint venture will also focus on TikTok's algorithm. The content recommendation formula, which feeds users specific videos tailored to their preferences and interests, will be retrained, tested and updated on U.S. user data, the company said in its announcement. The algorithm has been a central issue in the security debate over TikTok. China previously maintained the algorithm must remain under Chinese control by law. But the U.S. regulation passed with bipartisan support said any divestment of TikTok must mean the platform cuts ties -- specifically the algorithm -- with ByteDance. Under the terms of this deal, ByteDance would license the algorithm to the U.S. entity for retraining.

The law prohibits "any cooperation with respect to the operation of a content recommendation algorithm" between ByteDance and a new potential American ownership group, so it is unclear how ByteDance's continued involvement in this arrangement will play out. Oracle, Silver Lake and the Emirati investment firm MGX are the three managing investors, who each hold a 15% share. Other investors include the investment firm of Michael Dell, the billionaire founder of Dell Technologies. ByteDance retains 19.9% of the joint venture.

The European Parliament is calling on the European Commission to reduce dependence on U.S. tech giants by prioritizing EU-based cloud, AI, and open-source infrastructure. The report frames "European Tech First," public procurement reform, and Public Money, Public Code as necessary self-defense against growing U.S. control over critical digital infrastructure. Heise reports: In terms of content, the report focuses on a strategic reorientation of public procurement and infrastructure. The compromise line adopted stipulates that member states can favor European tech providers in strategic sectors to systematically strengthen the technological capacity of the Community. The Greens even called for a stricter regulation here, where the use of products "Made in EU" should become the rule and exceptions would have to be explicitly justified. They also pushed for a definition for cloud infrastructure that provides for full EU jurisdiction without dependencies on third countries.

With the decision, the MEPs want to lay the foundation for a European digital public infrastructure based on open standards and interoperability. The principle of Public Money, Public Code is anchored as a strategic foundation to reduce dependence on individual providers. Software specifically developed for administration with tax money should therefore be made available to everyone under free licenses. For financing, the Parliament relies on the expansion of public-private investments. A "European Sovereign Tech Fund" endowed with ten billion euros was discussed beforehand, for example, to specifically build strategic infrastructures that the market does not provide on its own. The shadow rapporteur for the Greens, Alexandra Geese, sees Europe ready to take control of its digital future with the vote. As long as European data is held by US providers subject to laws such as the Cloud Act, security in Europe is not guaranteed.

Half the world's 100 largest cities are experiencing high levels of water stress, with 38 of these sitting in regions of "extremely high water stress," new analysis and mapping has shown. The Guardian: Water stress means that water withdrawals for public water supply and industry are close to exceeding available supplies, often caused by poor management of water resources exacerbated by climate breakdown. Watershed Investigations and the Guardian mapped cities on to stressed catchments revealing that Beijing, New York, Los Angeles, Rio de Janeiro and Delhi are among those facing extreme stress, while London, Bangkok and Jakarta are classed as being highly stressed.

Separate analysis of NASA satellite data, compiled by scientists at University College London, shows which of the largest 100 cities have been drying or getting wetter over two decades with places such as Chennai, Tehran and Zhengzhou showing strong drying trends and Tokyo, Lagos and Kampala showing strong wetting trends. All 100 cities and their trends can be viewed on a new interactive water security atlas.

The Irish government is planning to bolster its police's ability to intercept communications, including encrypted messages, and provide a legal basis for spyware use. From a report: The Communications (Interception and Lawful Access) Bill is being framed as a replacement for the current legislation that governs digital communication interception. The Department of Justice, Home Affairs, and Migration said in an announcement this week the existing Postal Packets and Telecommunications Messages (Regulation) Act 1993 "predates the telecoms revolution of the last 20 years."

As well as updating laws passed more than two decades ago, the government was keen to emphasize that a key ambition for the bill is to empower law enforcement to intercept of all forms of communications. The Bill will bring communications from IoT devices, email services, and electronic messaging platforms into scope, "whether encrypted or not."

In a similar way to how certain other governments want to compel encrypted messaging services to unscramble packets of interest, Ireland's announcement also failed to explain exactly how it plans to do this. However, it promised to implement a robust legal framework, alongside all necessary privacy and security safeguards, if these proposals do ultimately become law. It also vowed to establish structures to ensure "the maximum possible degree of technical cooperation between state agencies and communication service providers."/i

A former Bank of England analyst has urged contingency planning for a potential financial shock if the U.S. government were to confirm the existence of extraterrestrial intelligence. The argument is that "ontological shock" alone could destabilize confidence and trigger crisis dynamics. The Independent reports: [Helen McCaw, who served as a senior analyst in financial security at the UK's central bank and worked for the Bank of England for 10 years until 2012] said politicians and bankers can no longer afford to dismiss talk of alien life, and warned a declaration of this nature could trigger bank collapses. She reportedly said: "The United States government appears to be partway through a multi-year process to declassify and disclose information on the existence of a technologically advanced non-human intelligence responsible for Unidentified Anomalous Phenomena (UAPs)."

"If the UAP proves to be of non-human origin, we may have to acknowledge the existence of a power or intelligence greater than any government and with potentially unknown intentions." Her warning comes as senior American officials have recently indicated their belief in the possibility of alien life. [...] Ms McCaw said: "UAP disclosure is likely to induce ontological shock and provoke psychological responses with material consequences ... There might be extreme price volatility in financial markets due to catastrophising or euphoria, and a collapse in confidence if market participants feel uncertain on how to price assets using any of the familiar methods."

The former Bank of England worker explained there might be a rush towards assets such as gold or other precious metals, and government bonds, which are perceived as "safe." Alternatively, she said precious metals might lose their status as perceived safe assets if people speculate that new space-faring technologies will soon increase the supply of precious metals. The article cites a recent UFO documentary, The Age of Disclosure, where 34 U.S. government insiders, including those from the military and intelligence community officials, share insights about the governments work with UAP. Per the film's description, the documentary "reveals an 80-year global cover-up of non-human intelligent life and a secret war among major nations to reverse-engineer advanced technology of non-human origin."