Search This Blog

Saturday, April 11, 2026

Novorossiysk Restarts Oil Loadings At Reduced Capacity After Drone Strike

 By Julianne Geiger of OilPrice

Russia has restarted limited oil loadings at its Black Sea port of Novorossiysk after a drone attack earlier this week forced a full suspension.

Operations at the Sheskharis terminal resumed late Thursday, but only one berth is currently active. A single cargo of roughly 80,000 tons is expected to depart, well below the terminal's normal capacity of about 700,000 barrels per day.

The restart comes after the Monday strike that caused fires at a fuel terminal and damaged loading infrastructure. Shipments were halted entirely. The loading schedule had since been cut, and there is no timeline for a full return to operations.

Fuel flows are also only partially back. Fuel oil loadings resumed Thursday, and at least one diesel cargo has been shipped since the attack, according to Reuters sources familiar with port activity. Novorossiysk is one of Russia's main export outlets on the Black Sea and a critical node for both Russian and Kazakh crude. The port handles shipments tied to the Caspian Pipeline Consortium system, which moves crude from major Kazakhstan fields including Tengiz and Kashagan.

Damage to infrastructure earlier this week included impacts to storage tanks and loading equipment linked to CPC operations. Kazakhstan has said its export flows remain stable, but it's now operating with reduced flexibility.

Russian export infrastructure, including Baltic ports like Primorsk and Ust-Luga and several inland refineries, have repeatedly found themselves the target of Ukrainian drone attacks.

Each hit has tightened operational capacity rather than shutting it down completely. Cargoes are still moving, but at reduced rates and with fewer loading options available.

Novorossiysk's partial restart restores some export flow, but capacity remains constrained.

https://www.zerohedge.com/energy/novorossiysk-restarts-oil-loadings-reduced-capacity-after-drone-strike

https://breakingthenews.net/Article/US-Navy-ships-cross-Hormuz-for-1st-time-since-war-began/66049566

https://breakingthenews.net/Article/Trump-says-US-started-'clearing-out'-Strait-of-Hormuz/66049570

https://finviz.com/news/343797/metavia-doses-the-first-patient-in-higher-dose-phase-1-study-of-da-1726-its-glp-1-and-glucagon-dual-agonist-for-the-treatment-of-obesity

https://www.marketscreener.com/news/trump-says-empty-oil-tankers-heading-to-u-s-to-load-up-with-oil-gas-ce7e50d9dc80f121

Friday, April 10, 2026

Pakistan Tops The Global Terrorism Index

Violence has begun to feel routine in Pakistan, a grim normalization that reflects a deeper and more dangerous reality: the country’s security situation has deteriorated sharply, marking the sixth consecutive year of rising terrorism. The Global Terrorism Index 2026, released by the Institute for Economics and Peace, crystallizes this trend with stark clarity.

While the world as a whole recorded a substantial fall in terrorism deaths by 28 percent and attacks by nearly 22 percent, Pakistan moved in the opposite direction. For the first time, it ranked number one on the index, recording 1,139 terrorism‑related deaths in 2025, a six percent increase from the previous year.

This spike marks the continuation of a long, troubling trajectory. Terrorism‑related deaths in Pakistan have risen every year for six years, and the latest increase is the largest year‑on‑year jump in a decade. The number of attacks more than doubled from 517 in 2023 to 1,099 in 2024, then showed a slight decline in 2025, though it remained at historically elevated levels. The report’s indicators, which include incidents, fatalities, injuries, and hostages, paint a picture of a country where militant violence is not only persistent but evolving in ways that challenge the state’s capacity to respond.

The report identifies several drivers behind this surge. Pakistan’s strained relationship with Afghanistan, particularly after the Taliban’s return to power, has created fertile ground for cross‑border militancy. The banned Tehreek‑i‑Taliban Pakistan (TTP) has emerged as the deadliest group operating in the country and the third deadliest globally.

Since 2009, TTP attacks have constituted more than 67 percent of all terrorist incidents in Pakistan, and the group has carried out five times as many attacks as the second most active organization, the Baluchistan Liberation Army (BLA). In 2025 alone, TTP incidents increased by 24 percent, with all attacks occurring inside Pakistan, primarily in Khyber Pakhtunkhwa near the Afghan border.

The presence of two of the world’s deadliest terrorist organizations—Islamic State (IS) and TTP—complicates the landscape. Their operations, networks, and ideological influence intersect in ways that make Pakistan one of the most complex theatres of militant activity in the world.

The human toll of this violence is staggering. The country witnessed a dramatic spike in hostage‑taking, rising from 101 in 2024 to 655 in 2025. Much of this increase is attributed to the Jaffar Express attack, in which 442 passengers were taken hostage. Without this single incident, global hostage‑taking numbers would have fallen by 30 percent.

Khyber Pakhtunkhwa and Baluchistan remain the epicenters of violence, accounting for more than 74 percent of attacks and 67 percent of deaths in 2025. These regions, long neglected in terms of governance and development, continue to bear the brunt of Pakistan’s internal conflict.

The state has responded forcefully. Counterterrorism operations intensified, resulting in the killing of more than 1,000 militants. Yet the paradox is hard to ignore: despite hundreds of operations, attacks continue to rise.

This imbalance reveals a deeper structural problem. Pakistan’s counterterrorism strategy remains heavily skewed toward kinetic action raids, reprisals, and targeted strikes, while the non‑kinetic pillars of counter‑extremism remain weak, fragmented, or entirely absent.

One of the clearest symptoms of this weakness is the absence of a credible, verifiable terrorism database. Global organizations rely on transparent, evidence‑based reporting, yet Pakistan’s law‑enforcement agencies often expect the world to accept their claims without documentation.

The National Counter Terrorism Authority (Nacta), the body legally mandated to coordinate counterterrorism policy and maintain national data, offers little beyond a list of proscribed organizations. Its website lacks detailed statistics, incident breakdowns, or analytical reports. Provincial police forces occasionally release figures, but these are inconsistent and lack methodological clarity. The military’s media wing, ISPR, frequently provides numbers but rarely the granular details needed for independent verification or policy evaluation.

This data vacuum has consequences. It undermines Pakistan’s credibility in global assessments, contributes to its high ranking on international indices, and, more importantly, prevents the state from understanding the full scope of the threat it faces. Without accurate data, policy becomes reactive rather than strategic, driven by crisis rather than foresight.

Meanwhile, the nature of the threat itself is changing. The Pak Institute for Peace Studies, which has tracked militancy since 2005, reported a sharp surge in violence in 2025: 699 terrorist attacks nationwide, a 34 percent increase from the previous year. These attacks claimed at least 1,034 lives and injured 1,366 people.

The most striking shift is in the targets. Security personnel now constitute a large share of those killed. Police stations, patrols, and checkpoints have come under repeated assault. Military units have suffered significant losses. The return of suicide attacks after a period of relative decline signals renewed organizational capacity among militant groups. Suicide operations require planning, logistics, ideological indoctrination, and operational confidence. Their resurgence suggests not desperation but consolidation.

There is a danger in accepting this as the new normal. While civilian casualties have fallen slightly, violence against the state is intensifying. This shift should serve as a warning. A security policy built primarily on force cannot deliver lasting peace when ideological militancy, cross‑border sanctuaries, political instability, and governance deficits remain unaddressed.

Breaking this cycle requires more than firepower. It demands political clarity, consistent civilian governance in conflict‑hit regions, and serious regional diplomacy, particularly with Afghanistan. It requires police reforms that strengthen local law enforcement rather than sidelining it. It requires intelligence sharing across agencies that often operate in silos. And it requires judicial reforms that ensure militants are prosecuted effectively rather than recycled back into the conflict.

Fatima El Hashimi is a Moroccan researcher and journalist specializing in geopolitics and international relations.

https://www.americanthinker.com/articles/2026/04/pakistan_tops_the_global_terrorism_index.html

OpenAI identifies security issue involving third-party tool, says user data was not accessed

 We recently identified a security issue involving a third-party developer tool, Axios, that was part of a widely reported, broader industry incident

(opens in a new window). Out of an abundance of caution we are taking steps to protect the process that certifies our macOS applications are legitimate OpenAI apps. We found no evidence that OpenAI user data was accessed, that our systems or intellectual property was compromised, or that our software was altered. 

We are updating our security certifications, which will require all macOS users to update their OpenAI apps to the latest versions. This helps prevent any risk—however unlikely—of someone attempting to distribute a fake app that appears to be from OpenAI. You can update safely through an in-app update or at the official links below:

The security and privacy of your information are a top priority. We’re committed to being transparent and taking quick action when issues arise. We're sharing more technical details and FAQs below.

What happened and what we are doing

On March 31, 2026 (UTC), Axios, a widely used third-party developer library, was compromised as part of a broader software supply chain attack.(opens in a new window) At that time, a GitHub Actions workflow we use in the macOS app-signing process downloaded and executed a malicious version of Axios (version 1.14.1). This workflow had access to a certificate and notarization material used for signing macOS applications, including ChatGPT Desktop, Codex, Codex-cli, and Atlas. This certificate helps customers know that software comes from the legitimate developer, OpenAI. 

Our analysis of the incident concluded that the signing certificate present in this workflow was likely not successfully exfiltrated by the malicious payload due to the timing of the payload execution, certificate injection into the job, sequencing of the job itself, and other mitigating factors. Nevertheless, out of an abundance of caution we are treating the certificate as compromised, and are revoking and rotating it. 

Effective May 8, 2026, older versions of our macOS desktop apps will no longer receive updates or support, and may not be functional. These versions represent the earliest releases signed with our updated certificate:

  • ChatGPT Desktop: 1.2026.071
  • Codex App: 26.406.40811
  • Codex CLI: 0.119.0
  • Atlas: 1.2026.84.2

Investigation and remediation efforts

As part of our investigation and response, we engaged a third-party digital forensics and incident response firm, rotated our macOS code signing certificate,  published new builds of all relevant macOS products with the new certificate, and are working with Apple to ensure software signed with the previous certificate cannot be newly notarized. We have also reviewed all notarization of software using our previous certificate to confirm no unexpected software notarization occurred with these keys, and validated that our published software did not have unauthorized modifications. At this time, we have found no evidence of compromise or risk to existing software installations.

In the event that the certificate was successfully compromised by a malicious actor, they could use it to sign their own code, making it appear as legitimate OpenAI software. We have stopped new software notarizations using the old certificate, so new software signed with the old certificate by an unauthorized third party would be blocked by default by macOS security protections unless a user explicitly bypasses them. Once we fully revoke our certificate on May 8th, 2026, new downloads and launches of apps signed with the previous certificate will be blocked by macOS security protections.

The root cause of this incident was a misconfiguration in the GitHub Actions workflow, which we have addressed. Specifically, the action in question used a floating tag, as opposed to a specific commit hash, and did not have a configured minimumReleaseAge for new packages.

FAQ

Were OpenAI products or user data compromised?

No. We have found no evidence that OpenAI products or user data were compromised or exposed.

Have you seen malware signed as OpenAI?

No. We have found no evidence that the potentially exposed notarization and code signing material have been misused, and we have confirmed all notarization events with the impacted material were expected. 

Do I need to change my password?

No. Passwords and OpenAI API keys were not affected.

Does this affect iOS, Android, Linux, or Windows?

No. This only affects OpenAI macOS apps. This does not affect the web versions of our software. 

Why are you asking me to update my Mac apps?

OpenAI identified exposure in a GitHub Actions workflow involved in the macOS app-signing process. Because the exposed workflow was related to macOS app signing, we are proactively rotating the notarization and code signing material used for OpenAI macOS applications. Updating ensures you are running versions signed with our latest certificate. This certificate helps customers know that software comes from the legitimate developer, OpenAI.

Where do I download the updated macOS apps? 

Only download OpenAI apps from in-app updates or the official webpages below:

Do not install apps from links in emails, messages, ads, or third-party download sites. Be cautious of unexpected “OpenAI,” “ChatGPT,” or “Codex” installers sent through email, text, chat messages, ads, file-sharing links, or third-party download sites.

What happens after May 8, 2026? 

Effective May 8, 2026, older versions of our macOS desktop apps will no longer receive updates or support, and may not be functional. These versions represent the earliest releases signed with our updated certificate:

  • ChatGPT Desktop: 1.2026.071
  • Codex App: 26.406.40811
  • Codex CLI: 0.119.0
  • Atlas: 1.2026.84.2

Why are you not revoking the certificate immediately?

We have worked to block any further notarization of macOS apps with the impacted notarization material. This means that any fraudulent app posing as an OpenAI app using the impacted certificate will lack notarization, and therefore will be blocked by default by macOS security protections unless a user explicitly bypasses those protections. 

Because new notarization with the previous certificate is blocked, and because the revocation may cause macOS to block new downloads and first-time launches of apps signed with the previous certificate, we are giving our users a 30-day window to update to minimize disruption. This window will help minimize user risk and allow impacted clients to update through built-in update mechanisms, ensuring they are appropriately remediated. 

We are working with our partners to monitor for any indicators of misuse of the signing certificate, and will accelerate the revocation timeline if we identify malicious activity during this window. 


https://openai.com/index/axios-developer-tool-compromise/