The Israeli army has subjected Gaza City to its most punishing attacks in two years of war, sending thousands of residents fleeing under bombs and bullets amid fears they might never return, with the United Nations chief calling the offensive “horrendous”.
“Gaza is burning,” Israeli Minister of Defence Israel Katz said on X, as columns of vans and donkey carts laden with furniture, and people on foot carrying the last of their worldly possessions, steamed down the coastal al-Rashid Street against a backdrop of black smoke rising from the destroyed city.
Recommended Stories
list of 3 itemsend of list
Many had pledged to stay in the early days of Israel’s takeover plan. But as the military accelerated the pace of its deadly bombing campaign, turning high-rises, homes and civilian infrastructure to rubble, those able to afford the journey are heading south, with no guarantees of a safe zone for shelter.
On Tuesday, the army killed at least 91 people in the city, with health authorities reporting that one of its bombs hit a vehicle carrying people about to escape on the coastal road.
At least 17 of the city’s residential buildings were destroyed, including Aybaki Mosque in the Tuffah neighbourhood to the east, which was targeted by an Israeli warplane.
As the bombs rained down, the Israeli army continued to destroy areas in the north, south and east of the city with explosive-laden robots.
Earlier this month, the rights group Euro-Med Monitor said the army had deployed 15 of these machines, each one capable of destroying up to 20 housing units.
Tanks push into the city
About 1 million Palestinians are known to have returned to Gaza City to live among the ruins after the initial phase of the two-year war, but reports on how many remain vary.
An Israeli army official estimated on Tuesday that approximately 350,000 had fled. But Gaza’s Government Media Office said 350,000 had been displaced to the centre and the west of the city, with 190,000 leaving it altogether.
Either way, those who left faced a bleak future in the south, where the already cramped al-Mawasi camp, filled with people forcibly displaced from the eastern parts of Rafah and Khan Younis, has itself been hit by Israeli strikes.
The Government Media Office noted a trend of reverse displacement, saying on Tuesday that 15,000 had returned to Gaza City after witnessing the dire conditions at al-Mawasi.
As people fled, the Israeli military released aerial footage showing a large number of tanks and other armoured vehicles pushing further into Gaza City.
The Israeli army admitted on Tuesday that it would take “several months” to control Gaza City.
“No matter how long it takes, we will operate in Gaza,” army spokesman Effie Defrin said, as fighting raged in the enclave’s largest urban hub.
At least 106 people were killed across Gaza since dawn on Tuesday, according to medical sources.
‘Specific intent’ to destroy Palestinians
Amid the brutal offensive, the United Nations Commission of Inquiry on Tuesday concluded that Israel’s war on Gaza is a genocide, a landmark moment after nearly two years of war that has killed at least 64,964 people.
Among its findings, it drew on the public statements of Israeli officials to show that Israel had the “dolus specialis” of genocide, or the “specific intent” to destroy Palestinians as a people.
Palestine’s Ministry of Foreign Affairs welcomed the report. “The situation in Gaza today portends a humanitarian catastrophe that cannot tolerate any leniency or delay,” it said on X.
International criticism of Israel is growing, with UN Secretary-General Antonio Guterres on Tuesday calling the war morally, politically and legally intolerable.
France’s Foreign Ministry urged Israel to stop its “destructive campaign, which no longer has any military logic, and to resume negotiations as soon as possible”.
Irish President Michael D Higgins condemned “those who are practising genocide, and those who are supporting genocide with armaments”.
“We must look at their exclusion from the United Nations itself, and we should have no hesitation any longer in relation to ending trade with people who are inflicting this on our fellow human beings,” he said.
This newsletter is brought to you by application allow-listing software maker Airlock Digital. You can subscribe to an audio version of this newsletter as a podcast by searching for “Risky Business” in your podcatcher or subscribing via this RSS feed.
The internet’s top AI chatbots provide answers with false claims twice as much as they did last year.
The disinformation rates of the top 10 leading chatbots have doubled, going from 18% in August 2024 to 35% a year later, according to a study from disinformation-fighting group NewsGuard.
Chatbots reproduced false claims on topics such as health, politics, international affairs, companies, and business brands.
The change appears to have been caused by the fact that AI chatbots now try to answer questions on all topics, even controversial ones or real-time news events. This is different from last year, when AI chatbots refused to answer 31% of prompts.
The quality of the training also appears to have gone down compared to last year. NewsGuard reports that chatbots regularly pull answers from polluted data sets and from unreliable sources, such as Russian disinformation portals.
With many AI crawlers being unleashed on the internet with little to no limits, they often pull data from places they shouldn’t.
At least three different organizations—the American Sunlight Project, NewsGuard, and Open Measures—warned this year that Russia is seeding AI models with falsehoods in support of its international and political ambitions.
This included publishing vast quantities of fake news (in the order of millions of articles per year) in the hopes that some would fall through the security filters of LLMs and be included and cited in results.
This effort also included publishing English-language articles on VK, a Russian social media network, where Western intel agencies can’t take the content down and where nobody reads or sees the articles except AI crawl bots.
NewsGuard concludes that the rush to make AI chatbots work in real-time has led to a situation where safety and accuracy have fallen by the wayside. With the US government recently giving up any efforts to fight online disinformation, it’s quite obvious these results will get even worse and untrustworthy going forward. Nobody seems to care, anyway!
Risky Business Podcasts
The main Risky Business podcast is now on YouTube with video versions of our recent episodes. Below is our latest weekly show with Pat and Adam at the helm!
Breaches, hacks, and security incidents
Ukraine DDoSes Russia’s election system: Ukraine’s military intelligence agency GUR says it launched DDoS attacks on Russia’s Central Election Commission. The attacks targeted servers on Sunday, when Russia held elections in occupied Ukrainian territories. Russian officials confirmed the attacks but said the voting process itself was not affected. [Additional coverage in The Record]
Yala crypto-heist: A hacker has stolen $7.7 million worth of crypto-assets from the Yala DeFi platform. How the attacker stole the funds is still unclear. The company’s own token crashed 80% in value after the breach came to light. [Additional coverage in Parameter]
Gucci’s parent company breached: Hackers have stolen customer data from multiple fashion brands under the Kering umbrella. Attackers stole 43 million customer records from Gucci and another 13 million records combined from brands such as Balenciaga, Brioni, and Alexander McQueen. The intrusion allegedly took place in June, and the data was stolen from the company’s Salesforce account. The hackers claim they negotiated a $500,000 ransom with the company, which it never paid. [Additional coverage in DataBreaches.net]
Hackers breached Google’s LERS portal: Hackers have gained access to Google’s law enforcement portal. The company confirmed the intrusion but said no data requests were made through the compromised account. The portal is typically used by law enforcement agencies to obtain data on Google accounts for ongoing investigations or emergency situations. [Additional coverage in BleepingComputer]
General tech and privacy
Android switches to risk-based security updates: The Android mobile operating system has switched to a risk-based security update model. The project will only ship monthly updates for “high-risk” vulnerabilities. All other security flaws will be released during quarterly updates. According to Android Authority, the new update system went live in July.
Twitter refuses to take down Russian propaganda: Twitter has refused to cooperate and take down Russian propaganda all year. Romania’s communications watchdog sent more than 400 takedown orders to social media sites this year. All social networks cooperated except Twitter, which has not even responded to authorities. The country held presidential elections in May after canceling them last year due to Russian interference. [Additional coverage in Stirile ProTV]
WhatsApp sync issues: Meta warns that conversations aren’t synced properly on some WhatsApp accounts with linked devices. From a security perspective, this may make it harder to tell when an account is compromised.
macOS/iOS 26 are out: Apple has released v26 of its iOS and macOS. I’m not gonna review that new UI, but security updates for almost all of Apple’s OSes are also out.
US reaches TikTok deal: The US and Chinese governments have reached an agreement on the sale of TikTok’s US division, most likely to Oracle boss Larry Ellison. [Additional coverage in CNN]
Microsoft to force-install Copilot app: Microsoft will force-install its Copilot app on all Windows computers at the start of October. The app won’t be installed on devices in the EU due to strict privacy regulations. The Copilot app is Microsoft’s AI assistant and is designed to work with the company’s Microsoft 365 app suite.
Government, politics, and policy
California to get age checks: Gov. Gavin Newsom is expected to sign a bill that introduces age checks for online content. This bill is different because it doesn’t force the age checks on all websites, but only on app stores. [Additional coverage in Politico]
China imposes one-hour hack reporting deadline: The Chinese government will require critical infrastructure operators to report security breaches within an hour of detection. The new deadline will apply to major breaches with a sprawling impact. The new reporting rules will take effect in November. [Additional coverage in the SCMP]
Poland increases cyber budget: The Polish government will increase its cybersecurity budget for the year to a whopping $1 billion. Officials have cited an increase in Russian cyberattacks against its critical infrastructure, such as hospitals and water utility suppliers. According to the Financial Times, Poland’s cybersecurity budget last year was $600 million.
Spyware devs use EU subsidies: A Follow The Money report has found cases of spyware and surveillance companies using EU startup subsidies to create hacking tools that are then used against EU citizens.
“The beneficiaries include some big names in the market such as the Intellexa Alliance, Cy4Gate, Verint Systems and Cognyte, along with smaller European firms.”
Political abuse of spyware funded by taxpayer money. Essentially Europeans are paying for the destruction of their own democracy. Governments targeting journalists, NGOs, opposition politicians with spyware in order to silence them. Instead of tackling the abuse, the @ec.europa.eu is funding it
— Sophie in’t Veld (@sophieintveld.bsky.social) 2025-09-16T07:38:41.530Z
In this Risky Business sponsor interview, Casey Ellis chats with David Cottingham and Daniel Schell from Airlock Digital. They discuss the challenge of browser extension management for enterprises, why it’s a priority, and how Airlock can help.
Arrests, cybercrime, and threat intel
Pompompurin resentenced: A US judge has resentenced a hacking forum admin to three years in prison. Brian Connor Fitzpatrick went online as Pompompurin and was the administrator of a hacking community named BreachForums. He was arrested in March 2023 and initially sentenced to time served. His sentence was vacated this year after a DOJ appeal.
Spain seeks arrest of former professor: Spanish authorities are seeking the arrest of a former university professor for allegedly helping Russian hackers. Enrique Arias Gil has been added this week to the EU’s most wanted list. He allegedly helped Russian hacking group NoName057 and others promote its DDoS attacks online to Spanish-speaking audiences. Arias Gil is currently in Russia. [Additional coverage in Sur]
Finland charges American in Vastaamo hack: Finnish authorities have charged a second suspect involved in the 2020 hack of the Vastaamo psychotherapy center. The suspect was identified as Daniel Lee Newhard, a 28-year-old living in Estonia. He was allegedly involved in extorting victims, alongside Finnish hacker Aleksanteri Kivimäki. Kivimäki received a six-year prison sentence and was recently released after serving half. [Additional coverage in Yle]
Arrests at a Cambodian scam compound: Cambodian authorities have arrested 48 suspects at a scam compound. Two-thirds of the suspects are South Koreans. The scam compound operated out of a seven-storey building in the country’s capital, Phnom Penh. [Additional coverage in Fresh News Asia] [h/t Cyber Scam Monitor]
Microsoft disrupts RacoonO365 PhaaS: Microsoft’s legal team has seized 338 domains operated by an up-and-coming phishing service. The domains hosted phishing pages for Microsoft 365. They were created with a new phishing kit named RacoonO365 (Storm-2246). The service launched in June last year and had more than 850 registered members. Microsoft estimates the creators made around $100,000 from renting the phishing kit. A Cloudflare report on the service is also available here.
Unconfirmed B1ack Stash takedown: There’s a NY District Attorney seizure banner on the website of B1ack Stash, a well-known carding forum. [h/t RR564]
Another npm supply chain attack: Hackers deployed malicious code to more than 180 npm packages on Monday. The attackers compromised a major JavaScript developer’s account and deployed self-replicating code that spread to other libraries. The incident took place on Monday, and some of the compromised packages were CrowdStrike-related packages. The malicious code collected and stole credentials and other access tokens. [Additional coverage in Aikido Security, Step Security, and Socket Security]
And ANOTHER npm supply chain attack: Separately, there was a second incident that impacted the ngx-bootstrap package, a popular AngularJS UI kit. It’s unclear if this is connected to the first one, but it might very well be by the time this goes live. [Additional coverage in Snyk]
WhiteCobra campaign: A threat actor named WhiteCobra is behind a campaign that plants malicious extensions on the VSCode and OpenVSX marketplaces. The group has been active for over a year and has been linked to at least 24 malicious extensions. WhiteCobra’s main focus is stealing crypto-wallet information from compromised systems.
New ClickFix/FileFix technique: The Acronis security team has discovered a new variation of the ClickFix attack being used in the wild.
Mozilla scanner: F5 takes a second look at a web scanning botnet that uses Mozilla-related user agents to poke internet-exposed systems. So far, this botnet has used almost 12,000 different Mozilla user-agent strings for its scans.
TA558 returns to targeting hotels: A threat actor known as TA558 (RevengeHotels) has returned to targeting the hospitality sector across the world. Its latest campaign uses malspam to deliver the VenomRAT. This campaign mainly targets Brazil and other Spanish-speaking countries.
Vane Viper: Security firm Infoblox has linked an ad fraud operation tracked as Vane Viper to a Cyprus company named AdTech Holding, the holding company of PropellerAds. The company claims that despite becoming one of the largest ad networks in the world, the ad business is an accidental front for its real purpose—ad fraud.
“For months we debated internally and sought the perspective of other researchers in the security community like Guardio and Confiant, as well as advertising experts like Augustine Fou. Ultimately, we found compelling evidence that not only has PropellerAds turned a ‘blind eye’ to criminal abuse of their platform, but indicators described below suggest—with moderate-to-high confidence—that several ad-fraud campaigns originated from infrastructure attributed to PropellerAds.”
SlopAds click-fraud operation: More than 220 Android apps available through the official Google Play Store are part of a click-fraud operation named SlopAds. The apps open hidden windows on infected devices where they load and click on online ads. According to Human Security, the apps were downloaded more than 38 million times and were clicking on more than 2.3 billion ads per day before Google took them down.
Malware technical reports
AISURU botnet linked to DDoS records: An IoT botnet named AISURU is responsible for an 11.5 Tbps record-breaking DDoS attack. The botnet launched last August and was responsible for multiple large-scale DDoS attacks, including one that took down the Steam platform during the launch of the Black Myth: Wukong video game. According to Chinese security firm QiAnXin, the botnet is managed by three individuals and has infected almost 300,000 devices. Most of the infected devices are routers and security cameras.
SmokeLoader returns with new version: The SmokeLoader botnet has released a new version. This is its first new major release after returning from an Europol takedown last May.
Pure malware family: Check Point has a breakdown of all the malware strains that are part of the Pure malware family. This includes the likes of PureRAT, PureHVNC RAT, PureCrypter, PureLogs, and PureCoder.
MacSync: Moonlock has published a report on MacSync, a macOS infostealer formerly known as Mac.c Stealer.
In this product demo of the Airlock Digital application control and allowlisting solution, Patrick Gray speaks with Airlock Digital co-founders David Cottingham and Daniel Schell.
APTs, cyber-espionage, and info-ops
Hive0154’s SnakeDisk USB worm: IBM X-Force has published a technical report on SnakeDisk, a USB worm linked to Hive0154, a Chinese cyber-espionage group also known as Mustang Panda.
New Zealand sanctions Ember Bear: New Zealand has imposed sanctions on a Russian military unit linked to cyberattacks against Ukraine. Sanctions were levied against GRU Unit 29155, also known as Ember Bear and Cadet Blizzard. The EU also sanctioned the same unit in January.
Operation Phantom Net Voxel: Sekoia has published a report on an APT28 campaign leveraging weaponized Office documents sent via Signal to deploy new malware like BeardShell and CovenantGrunt.
Vulnerabilities, security research, and bug bounty
Phoenix attack: Academics have developed a new variation of the Rowhammer attack that can flip bits in SK Hynix DDR5 DIMMs. The research team successfully tested the new Phoenix attack against 15 SK Hynix memory chips. Google also participated in the research. It released a new Rowhammer defense mechanism named Per-Row Activation Counting (PRAC) as a result of its work.
TCC bypass revived in macOS Tahoe: According to macOS security expert Patrick Wardle, macOS Tahoe, released this week, has revived an old exploit that abuses the Spotlight search system to bypass the TCC security system.
LG WebOS PoC: SSD Disclosure has released details and a PoC on an unauth path traversal in LG’s WebOS TV.
Infosec industry
Threat/trend reports: AhnLab, Arctic Wolf, and RADICL have recently published reports and summaries covering various threats and infosec industry trends.
Acquisition news #1: Infosec giant Check Point has announced plans to acquire Lakera, a provider of AI security tools.
Acquisition news #2: Another infosec giant, CrowdStrike, has also announced plans to acquire Pangea, a provider of AI detection and response (AIDR) services.
Thinkst AWS canary tokens: Thinkst has released canary tokens for AWS infrastructure in the form of decoy AWS assets, and not just fake API tokens.
New tool—hermes-dec: P1 Security has open-sourced hermes-dec, a reverse-engineering tool which can be used for disassembling and decompiling React Native files compiled into the Hermes VM bytecode (HBC) format.
New tool—pyLDAPGui: Security researcher Andy Gill has released pyLDAPGui, a GUI app to browse LDAP data.
fwd:cloudsec Europe 2025 streams: Live streams from the fwd:cloudsec Europe 2025 security conference, which took place over the weekend, are available on YouTube.
Bsides Exeter 2025 videos: Talks from the Bsides Exeter 2025 security conference, which took place in July, are now available on YouTube.
Risky Business podcasts
In this edition of Between Two Nerds, Tom Uren and The Grugq talk about the limits of a state’s cyber power.
In this edition of Seriously Risky Business, Tom Uren and Amberleigh Jack talk about the Salesloft Drift incident. It is a great example of the sprawling impact that the breach of a single service provider can have. We expect these single-compromise-large-blast-radius attacks will become the new norm.
Just before season four of The Morning Show goes live, Apple TV+ has extended the show’s run.
The tech giant’s streaming service has ordered a fifth season of the drama starring and executive produced by Jennifer Aniston and Reese Witherspoon as anchors at a fictional TV network. The pickup comes hours ahead of The Morning Show’s fourth season premiere on Wednesday.
Showrunner Charlotte Stoudt and director/executive producer Mimi Leder are set to continue in those roles in season five.
“The Morning Show has been a standout from the very start, debuting as one of the flagship series on Apple TV+. It’s been incredibly rewarding to see it not only entertain but also resonate with audiences worldwide,” said Matt Cherniss, head of programming at Apple TV+. “Thanks to the outstanding cast and creative team — led by Jennifer, Reese, Charlotte and Mimi — The Morning Show continues to deliver addictively entertaining and provocative stories that we’ve all come to love. We’re excited for viewers to experience the next chapter of this Emmy-winning drama.”
Season four is set in early 2024, but Stoudt and Leder said at the show’s red carpet premiere last week that it won’t feature the presidential election as a central story line, with Stoudt noting that most of the season takes place before Joe Biden dropped his re-election bid in July. “We try to go at it sideways,” she told The Hollywood Reporter. “We don’t really have, directly, an election story, but we do touch on the idea of: Why were two older white men running for president?”
Along with Aniston and Witherspoon, season four’s returning cast inlcudes Billy Crudup, Mark Duplass, Nestor Carbonell, Karen Pittman, Greta Lee, Nicole Beharie and Jon Hamm, alongside new additions Aaron Pierre, William Jackson Harper, Boyd Holbrook, Marion Cotillard and Jeremy Irons.
“It’s an honor to witness the collective talent, passion and commitment of Jen, Reese, Mimi, Charlotte, our partners at Hello Sunshine and Echo Films, and everyone involved in The Morning Show, and we’re excited to embark on a new season that will give this cast and creative team even more room to shine,” said Michael Ellenberg, CEO of studio MediaRes and an executive producer of the series. “We are so grateful to Apple TV+ and the fans around the world who tune in every week, and are so excited for viewers to see this upcoming season and beyond.”
Stoudt and Leder executive produce The Morning Show with Ellenberg and Lindsey Springer for Media Res; Witherspoon and Lauren Neustadter for Hello Sunshine; Aniston and Kristin Hahn for Echo Films; and Zander Lehmann and Micah Schraft.
WILMINGTON, DEL., Sep. 16, 2025 – DuPont de Nemours, Inc. (NYSE: DD) (“DuPont”) announced today an amendment to its previously announced offers to exchange (each an “Exchange Offer” and, collectively, the “Exchange Offers”) any and all of its outstanding (i) 4.725% Notes due 2028 (the “2028 Notes”), (ii) 5.319% Notes due 2038 (the “2038 Notes”) and (iii) 5.419% Notes due 2048 (the “2048 Notes” and, collectively with the 2028 Notes and 2038 Notes, the “Existing Notes”) for new notes to be issued by DuPont (the “New Notes”). Concurrently with the Exchange Offers, DuPont is also soliciting consents from eligible holders of each series of Existing Notes (each, a “Consent Solicitation” and, collectively, the “Consent Solicitations”) to adopt certain proposed amendments to the indenture (the “Existing Indenture”) governing the Existing Notes of such series (the “Proposed Amendments”). In this press release, references to “New Notes” collectively refer to DuPont’s new 4.725% Notes due 2028 (the “New 2028 Notes”), 5.319% Notes due 2038 (the “New 2038 Notes”) and 5.419% Notes due 2048 (the “New 2048 Notes”) to be issued in the applicable Exchange Offer.
As of 5:00 p.m., New York City time, on September 15, 2025 (the “Early Participation Date”), the requisite number of consents have been received to adopt the Proposed Amendments with respect to the 2028 Notes and DuPont has executed a supplemental indenture to the Existing Indenture with respect to such 2028 Notes (the “Supplemental Indenture”). The Supplemental Indenture became effective upon execution thereof by DuPont and the trustee for the 2028 Notes, but the Supplemental Indenture provides that the Proposed Amendments with respect to the 2028 Notes will not become operative until DuPont issues the New Notes in the Exchange Offer with respect to the 2028 Notes and pays any applicable Early Participation Payment (as defined below) in respect of such Exchange Offer on the Settlement Date.
Prior to the amendment described herein, for each $1,000 principal amount of Existing Notes validly tendered and not validly withdrawn at or prior to the Early Participation Date, eligible holders were eligible to receive an early participation payment of $50 principal amount of the New Notes of the applicable series and $2.50 in cash (the “Early Participation Payment”). In addition, for each $1,000 principal amount of Existing Notes validly tendered and not validly withdrawn prior to the Expiration Date (as defined herein), eligible holders were eligible to receive $950 principal amount of the New Notes of the applicable series (the “Exchange Consideration”). The total consideration, consisting of (a) $950 principal amount of New Notes of the applicable series, issued as Exchange Consideration plus (b) the Early Participation Payment, is herein referred to as the “Total Consideration”.
DuPont is amending the consideration for each $1,000 principal amount of the Existing Notes validly tendered and not validly withdrawn after the Early Participation Date and prior to the Expiration Date (as defined below), such that all tendering eligible holders (including all eligible holders that validly tendered their Existing Notes and did not withdraw at or prior to the Early Participation Date) are eligible to receive the Total Consideration.
The right of a holder of tendered 2028 Notes to withdraw all or a portion of such holder’s tendered 2028 Notes from the applicable Exchange Offer and Consent Solicitation expired as of 5:00 p.m., New York City time, on September 15, 2025. The right of a holder of tendered 2038 Notes or 2048 Notes to withdraw such holder’s tendered 2038 Notes or 2048 Notes from the applicable Exchange Offer and Consent Solicitation has been extended to 5:00 p.m., New York City time, on September 17, 2025.
If DuPont does not receive the requisite consents to effect the Proposed Amendments with respect to either the 2038 Notes or the 2048 Notes, then DuPont expects to (i) waive the condition that at least 50.1% of the outstanding aggregate principal amount of such applicable series of Existing Notes being validly tendered in such Exchange Offer (the “Minimum Tender Condition”) and (ii) accept all Existing Notes of such series tendered and not previously properly withdrawn at or before the Expiration Date up to (x) $400,000,000 principal amount with respect to the 2038 Notes (the “2038 Notes Sublimit”) and (y) $860,000,000 principal amount with respect to the 2048 Notes (the “2048 Notes Sublimit”; the 2038 Note Sublimit and 2048 Notes Sublimit are each referred to as an “Exchange Sublimit”), in each case subject to the applicable proration procedures set forth below.
On the Expiration Date, if the aggregate principal amount of either the 2038 Notes or the 2048 Notes validly tendered and not withdrawn exceeds the applicable Exchange Sublimit, then the amount of Existing Notes of such series to be accepted for exchange will be determined on a pro rata basis using a single proration rate per series of Existing Notes based on the principal amount of validly tendered Existing Notes of such series. When proration of the tendered Existing Notes of a series is required, the aggregate principal amount of such series of Existing Notes tendered by a holder will be multiplied by the proration rate and then rounded down to the nearest $1,000 increment. The proration rate used will be that percentage, such that the aggregate principal amount of Existing Notes of such series that are validly tendered and accepted for exchange in the applicable Exchange Offer comes nearest to but does not exceed the maximum principal amount of Existing Notes of such series that may be accepted for purchase without exceeding the applicable Exchange Sublimit. If after applying the proration rate as described herein, a holder is entitled to a credit or return of a portion of its tendered Exchanged Notes which is less than the authorized denomination for such series of Existing Notes ($2,000 and additional multiples of $1,000), then all or none (at DuPont’s sole discretion) of the Notes tendered by the Holder will be accepted without proration. Any such unaccepted Existing Notes will be returned without expense to the applicable tendering holder promptly after the expiration or termination of the applicable Exchange Offer.
On the Expiration Date, if the principal amount of either the 2038 Notes or the 2048 Notes validly tendered and not withdrawn in the applicable Exchange Offer is less than the applicable Exchange Sublimit, then DuPont expects to redeem, promptly on or after the consummation of the Intended Electronics Separation (together with the $900,000,000 special mandatory redemption provisions under the New 2028 Notes), up to an additional aggregate principal amount of New 2028 Notes and/or outstanding 2028 Notes equal to the amount of the Exchange Sublimits less the principal amount of 2038 Notes and 2048 Notes accepted in each applicable Exchange Offer.
Each Exchange Offer is currently scheduled to expire at 5:00 p.m., New York City time, on September 30, 2025, unless extended or terminated (such date and time with respect to an Exchange Offer, as may be extended for such Exchange Offer, the “Expiration Date”). The settlement date for each Exchange Offer and Consent Solicitation will be promptly following the Expiration Date of such Exchange Offer and Consent Solicitation. The Total Consideration or Exchange Consideration, as applicable, will be paid on the settlement date for each Exchange Offer and Consent Solicitation.
Documents relating to the Exchange Offers and Consent Solicitations will only be distributed to eligible holders of Existing Notes who complete and return an eligibility form confirming that they are (a) a “qualified institutional buyer” within the meaning of Rule 144A under the Securities Act of 1933, as amended (the “Securities Act”), or (b) a person that is outside the United States and that is (i) not a “U.S. person” within the meaning of Regulation S under the Securities Act and (ii) meets certain other eligibility requirements in their applicable jurisdiction. Except as amended by this press release, the complete terms and conditions of the Exchange Offers and Consent Solicitations are described in the confidential offering memorandum and consent solicitation statement, dated September 2, 2025, as supplemented by the supplement no. 1 to such offering memorandum and consent solicitation statement, dated as of September 15, 2025 (collectively, the “Offering Memorandum”), a copy of which may be obtained by contacting Global Bondholder Services Corporation, the exchange agent and information agent in connection with the Exchange Offers and Consent Solicitations, at (855) 654-2015 (U.S. toll-free) or (212) 430-3774 (banks and brokers). The eligibility form is available electronically at: https://gbsc-usa.com/eligibility/dupont.
This press release does not constitute an offer to sell or purchase, or a solicitation of an offer to sell or purchase, or the solicitation of tenders or consents with respect to, any security. No offer, solicitation, purchase or sale will be made in any jurisdiction in which such an offer, solicitation or sale would be unlawful. The Exchange Offers and Consent Solicitations are being made solely pursuant to the Offering Memorandum and only to such persons and in such jurisdictions as are permitted under applicable law.
The New Notes offered in the Exchange Offers have not been registered with the Securities and Exchange Commission (the “SEC”) under the Securities Act or any state or foreign securities laws. The New Notes may not be offered or sold in the United States or to any U.S. persons except pursuant to an exemption from, or in a transaction not subject to, the registration requirements of the Securities Act.
The debut mission of Northrop Grumman’s new jumbo cargo spacecraft didn’t go off without a hitch.
The company’s first “Cygnus XL” freighter suffered a thruster issue in orbit early Tuesday morning (Sept. 16), two days after launching toward the International Space Station (ISS) atop a SpaceX Falcon 9 rocket.
As a result, “the Cygnus XL will not arrive to the space station on Wednesday, Sept. 17, as originally planned, with a new arrival date and time under review,” NASA officials announced in an update on Tuesday afternoon.
The Cygnus XL’s “main engine stopped earlier than planned during two burns designed to raise the orbit of the spacecraft for rendezvous with the space station, where it will deliver 11,000 pounds of scientific investigations and cargo to the orbiting laboratory for NASA,” agency officials added in the update. “All other Cygnus XL systems are performing normally.”
Cygnus XL is the latest version of Virginia-based Northrop Grumman’s Cygnus freighter. Previous iterations hauled about 8,500 pounds (3,856 kg) to the ISS.
The current mission is known as NG-23, because it was supposed to be the 23rd cargo effort that Northrop Grumman flies to the ISS for NASA. But the 22nd was canceled after the Cygnus was damaged during transport to the launch site.
Cygnus is one of three freighters that resupply the ISS, along with SpaceX’s Dragon capsule and Russia’s Progress vehicle.
Breaking space news, the latest updates on rocket launches, skywatching events and more!
Cygnus and Progress are expendable, while Dragon is reusable. The NG-23 Cygnus XL — named S.S. William “Willie” McCool, after one of the astronauts who died in the 2003 Columbia space shuttle disaster — is slated to stay attached to the ISS until March 2026, when it will depart to burn up in Earth’s atmosphere.
Prime Minister Shehbaz Sharif on Tuesday directed the relevant authorities to prepare a comprehensive assessment of human and financial losses, including damage to crops, livestock, and communication infrastructure in rain- and flood-affected areas.
He stressed that once the assessment is completed, the government could formulate a comprehensive rehabilitation strategy, effectively restore the affected areas, and support the impacted population.
The prime minister issued the directives while chairing a review meeting on the loss of lives and property caused by recent rains and floods, including estimated damages to crops and livestock, the PM Office Media Wing said in a statement.
Weeks of heavy monsoon rains have left vast parts of Punjab and Sindh under water, displacing tens of thousands and devastating farmland, villages and infrastructure. Officials warn that recovery will take time as floodwaters have yet to recede in many districts.
In southern Punjab, entire communities in Alipur, Khan Garh Doema, Seetpur, Latimarri, Azmatpur and nearby villages have been submerged. In Bahawalnagar’s Minchinabad, more than 15 villages remain cut off, with water levels still between five and seven feet deep. Hundreds of acres of crops have been destroyed. Relief efforts are further complicated by the loss of road access, leaving many families stranded.
The damage has been widespread. In Uch Sharif and Ahmadpur East, homes have collapsed and thousands of acres of farmland lie under water. Floodwaters from the Sutlej River have ravaged 67 villages in Minchinabad, affecting more than 56,000 people.
In Chishtian, 47 villages were inundated, while in Shujaabad’s Basti Soman hundreds of homes were reduced to rubble, leaving thousands without shelter. Jalalpur Pirwala’s section of the M-5 Motorway was forced to close after being overtaken by floodwaters.
The NDMA on Tuesday confirmed six deaths in Punjab during the last 24 hours — two each in Muzaffargarh, Chiniot and Multan — all caused by river flooding.
In Sindh, floodwaters have surged downstream. At Guddu Barrage, inflows were recorded at nearly 595,000 cusecs, while Sukkur Barrage saw more than 508,000 cusecs. Ghotki district reported cotton and sugarcane fields under water after floodwaters struck the Ronti embankment. In Nowshero Feroze, the collapse of the Mahijo Bhan embankment near Kamal Dero drowned more than 50 villages. At Larkana’s Naudero, high-level flooding put heavy pressure on protective levees, with homes in Mitho Khoro village inundated.
The National Cyber Crime Investigation Agency (NCCIA) has initiated an investigation into the alleged use of Pakistan Tehreek-e-Insaf (PTI) founder’s X (formerly Twitter) account to propagate anti-state narrative.
According to sources, a three-member NCCIA team, led by Ayaz Khan, visited Adiala Jail to question the PTI founder. However, they added, the PTI founder refused to cooperate with the investigators and insisted on the presence of his lawyers.
The team had asked several questions, including who operates Imran’s X account, from where it is accessed, to whom access has been given, and whether he was aware that content posted from the account was anti-state.
The sources said that the PTI founder refused to disclose who operated his account. He demanded a written questionnaire and insisted on responding only in the presence of his lawyers.
The NCCIA team remained inside Adiala Jail for over an hour but returned without progress.
Ricky Hatton won 45 of his 48 professional bouts during a 15-year boxing career, and was world champion at light-welterweight and welterweight. He last fought professionally in 2012, though had planned to return to the ring in October.
Nicknamed ‘the Hitman’, Hatton established himself as a hugely popular fighter with character inside and outside the ring – an estimated 30,000 fans travelled to watch his title fight against the great Floyd Mayweather in Las Vegas in 2007.
Campbell was also a professional boxer and won his first 14 professional fights. He retired earlier this year.
Hatton’s family issued a statement on Monday in which they spoke of the outpouring of love and support towards him.
“He had a heart as big as his smile, and his kindness, humour and loyalty touched everyone who was lucky enough to know him,” it said.
Pakistan, along with 15 other countries, on Tuesday voiced concern over the security of the Global Sumud Flotilla, in which their citizens are participating to deliver humanitarian aid to Palestinians in Gaza.
“The foreign ministers of Bangladesh, Brazil, Colombia, Indonesia, Ireland, Libya, Malaysia, Maldives, Mexico, Oman, Pakistan, Qatar, Slovenia, South Africa, Spain and Türkiye express their concern about the security of the Global Sumud Flotilla — a civil society initiative in which citizens of their countries are taking part,” Foreign Office spokesperson Ambassador Shafqat Ali Khan said in a statement.
He said the Global Sumud Flotilla has informed about its objective of delivering humanitarian aid to the Gaza Strip, and raising awareness about the urgent humanitarian needs of the Palestinian people and the need to stop the war in Gaza.
“Both objectives, peace and humanitarian aid delivery, together with the respect of international law, including humanitarian law, are shared by our Governments. We therefore call on everyone to refrain from any unlawful or violent act against the Flotilla, to respect international law and international humanitarian law,” Ambassador Khan said.
He recalled that any violation of international law and human rights of the participants in the Flotilla, including attack against vessels in international waters or illegal detention, would lead to accountability.
