​News You can USE!​




Global Security and Threat Intelligence Brief: January 8, 2026

🚢 **Maritime Events**

US Seizes Two Venezuela-Linked Oil Tankers

The US military, with support from the UK military, seized two Venezuela-linked oil tankers on January 7, 2026, stemming from a US blockade on Venezuelan oil exports.

  • **Vessel 1:** The Russian-flagged ship, formerly the *Bella 1*, was seized between the British Isles and Iceland after a pursuit lasting over two weeks. The ship had reflagged under Russia and changed its name to the *Marinera*. It was previously sanctioned in 2024 for shipping cargo for the Iran-backed Hezbollah terrorist organization.
  • **Vessel 2:** The Cameroonian-flagged *Sophia* tanker was seized in the Caribbean Sea after allegedly leaving a Venezuelan port, conducting “illicit activities”.
  • **Russian Response:** Russia’s Transport Ministry stated that “no state has the right to use force against vessels duly registered under the jurisdiction of other states”.
  • **Context:** This action is part of US stabilization efforts for Venezuela.

⚙️ **Critical Infrastructure**

China Targeting Taiwan’s Critical Infrastructure

Chinese cyberattacks against Taiwan’s critical infrastructure have increased 6% over the past year, highlighting Beijing’s preparation for cyber-enabled economic warfare (CEEW).

  • **Targets:** The energy sector, hospital networks, telecommunicators, and government agencies were intensively targeted. China attempts to hijack the power grid via industrial control systems and steal healthcare data.
  • **Actors:** Nominally independent Chinese cyber syndicates, including **Flax Typhoon** and **APT41**, are reportedly coordinating their efforts across different sectors.
  • **Recommendation:** The US is advised to assist Taiwan in strengthening critical infrastructure resilience by deploying technical advisors, pursuing a regional energy stockpile, and helping Taipei develop an advanced offensive cyber capability.

Security Incident: Pipeline Operator Fined

The US Department of Transportation (DOT) announced the largest civil penalty ever proposed in a pipeline safety enforcement action against Panther Operating CompanyUSPER.

  • **Action:** The proposed civil penalty is **$9,622,054**.
  • **Incident:** The fine is related to alleged violations from a November 2023 failure of the Main Pass Oil Gathering (MPOG) pipeline system, which released 1.1 million gallons of crude oil into the Gulf of America.

European Infrastructure Disruption

  • **Berlin Blackout Terror Probe:** German federal prosecutors launched a terrorism investigation into a January 3, 2026, arson attack on high-voltage cables that caused a power blackout for approximately 45,000 households and businesses in Berlin. The attack was claimed online by the far-left extremist group **Vulkangruppe (Volcano Group)**, which stated it was targeting “the fossil fuel economy”.
  • **UK Rail Delay:** Rail services were disrupted through Birmingham New Street (UK) on January 6, 2026, after an old mortar device (suspected unexploded wartime bomb) was found near a rail line in Duddeston.

🔥 **Activism Terrorism / DVE / EVE**

New IRGC Deputy Commander’s Terror Ties

Ahmad Vahidi was named Deputy Commander of Iran’s Islamic Revolutionary Guard Corps (IRGC) on December 31, 2025, by Supreme Leader Ali Khamenei. Vahidi has a history linking domestic repression with international terrorism.

  • **Domestic Repression:** Vahidi was sanctioned by the US Treasury and the EU in 2022 for his role in suppressing protests as Iran’s Minister of Interior, including overseeing Law Enforcement Forces deployed to subdue protests that resulted in thousands of deaths.
  • **International Terror:** He commanded the Quds Force (1988-1998) and is linked to multiple attacks: the 1983 Hezbollah bombing of the US Marine barracks in Beirut, the 1996 Khobar Towers bombing, and the 1994 AMIA Jewish community center bombing in Buenos Aires. INTERPOL maintains a Red Notice for Vahidi regarding his role in the AMIA bombing.

Iran Anti-Regime Protests

Mass anti-government protests are ongoing in Iran, fueled by anger over inflation and the falling currency value, leading to significant violence and calls for regime change.

  • **Casualties/Detainments:** At least 25 to 29 protesters have been killed, and more than 1,200 people detained across the country in nine days of unrest. Authorities reported a police officer killed in Ilam province.
  • **Economic Participation:** The Tehran Grand Bazaar, traditionally a pillar of regime support, has been shuttered in protest.
  • **Recommendations:** US policy recommendations include providing maximum support for protesters by backing Israeli kinetic/covert operations and using American cyber/intelligence capabilities to degrade the regime’s repression apparatus (IRGC, security forces, command-and-control). Non-kinetic support includes expanding free VPN programs and working with partners like Starlink to maintain secure communications.

Hamas Activity

  • Hamas is reportedly clinging to remnants of pre-war governance in Gaza.
  • Hamas cells have sought to reestablish a foothold in southern Syria, particularly around Beit Jinn, which has prompted recent Israel Defense Forces raids.

🌐 **Geopolitical**

Syria Conflict Updates

  • **Aleppo Escalation:** Syrian army units surrounded the Kurdish-majority neighborhoods of Sheikh Maqsoud and Ashrafiyeh in Aleppo on January 7, 2026, following clashes with the Kurdish-led Syrian Democratic Forces (SDF) and the internal security force, Asayish. Both parties accuse the other of targeting residential neighborhoods.
  • **Israel-Syria Negotiations:** Talks resumed in Paris (Jan 5-6, 2026), mediated by the US.
    • The parties agreed to increase the pace of negotiations and establish a “joint fusion mechanism” to coordinate on intelligence sharing, military de-escalation, diplomatic engagement, and commercial opportunities under US supervision.
    • Significant obstacles remain, including Israel’s concern over jihadist elements in the Syrian army and Damascus’s demand for a complete withdrawal of IDF forces to pre-Assad disengagement lines.
    • The US proposed a demilitarized economic zone on the border.

Turkey and Venezuela

Despite US sanctions, Turkey has strategically supported the deposed Nicolas Maduro regime with diplomatic cover and economic support.

  • **Economic Lifeline:** Turkish companies invested in Venezuelan oil, gas, petrochemical, and mining sectors, including a Turkish-funded $750 million fertilizer plant. Turkey also refined and purchased gold, generating nearly $900 million in trade in 2019.
  • **US Response:** It is recommended that the Trump administration identify and punish Turkish-linked entities and individuals tied to sanction circumvention by designating them for sanctions themselves.

Greenland Acquisition Interest

  • Secretary of State Marco Rubio informed lawmakers that President Trump’s goal is to buy Greenland from Denmark, rather than invade it, though aides were asked to provide an updated acquisition plan.
  • France is working with allies on a contingency plan should the US move to seize the territory.

💻 **Cyber**

Government Contractor Breach Confirmed

  • **Incident:** Sedgwick Government SolutionsUSPER, a federal contractor subsidiary of Sedgwick, confirmed it was the victim of a security breach. The parent company’s network was not affected.
  • **Attribution:** The TridentLocker ransomware group claimed responsibility for the breach.
  • **Impact:** The subsidiary serves over 20 government agency clients, including CISA, DHS, USCIS, CBP, and the US Coast Guard.

Cybersecurity and AI in Intelligence

The Intelligence Community is being urged to adopt AI and emerging technologies to keep pace with global adversaries.

  • **Open Source Intelligence (OSINT):** Congressman Pat Fallon highlighted the critical value of unclassified, publicly available data and the necessity of using AI to sift through vast amounts of information.
  • **Satellite Technology:** Daily global imaging from satellite constellations, paired with AI at the edge, provides an information advantage (rapid threat detection and “tipping” systems for drone operations) in conflicts like Ukraine.

Malware and Flaws

  • Malicious Chrome extensions are reportedly stealing data from ChatGPT and DeepSeek.
  • An Open WebUI flaw could potentially lead to account takeover.
  • The Kimwolf botnet has reportedly infected 2 million Android devices via proxies.

💰 **Financial Crimes**

Venezuelan Oil Market Impact

  • Oil prices are reported to be falling as the US-Venezuela oil deal redirects barrels from China.
  • Venezuela was loading crude only for US major Chevron, while operations to load cargoes for customers in China remained on hold for five days.

🔪 **Crime or Organized Crime**

ICE Officer Shooting in Minneapolis

An Immigration and Customs Enforcement (ICE) officer killed a 37-year-old US citizen, Renee Nicole Good, in Minneapolis, Minnesota, leading to hundreds of protesters gathering.

  • **DHS Account:** Department of Homeland Security agents believed the woman was attempting to weaponize her vehicle to kill federal officers.
  • **Local Dispute:** Mayor Jacob Frey disputes the DHS account, accusing the ICE agent of “recklessly using power”.
  • **Deployment Context:** More than 2,000 federal personnel were deployed to Minneapolis this week as part of a 30-day surge following allegations of fraud in day care facilities and other federally funded programs.