Russia's Sabotage Squads. Trump's Jet Dramas.

Show Notes

🔍 Russia’s Sabotage Squads. Trump’s Jet Dramas
📅 Global Intelligence Weekly Wrap-Up – May 17, 2025
🎧 Hosted by Neil Bisson – Director, Global Intelligence Knowledge Network

Russia’s sabotage squads are stepping up operations across Europe — and the implications for Canada are real. In this week’s episode, Neil Bisson dives deep into Moscow’s covert hybrid warfare campaign, including parcel bombs, arson attacks, and agents posing as tourists.

Plus: the death of a Swedish diplomat under espionage suspicion, cyberattacks using decades-old exploits, and the intelligence fallout from Donald Trump accepting a $400M luxury jet from Qatar.

With over 25 years of intelligence and law enforcement experience, Neil delivers the kind of high-level analysis that goes beyond the headlines — offering insights into how foreign interference, espionage, sabotage, and terrorism are evolving right now.

👇 WHAT YOU’LL LEARN IN THIS EPISODE

🇸🇪 Sweden’s Diplomatic Espionage Scandal
❓ What happens when a senior diplomat under spy suspicion dies suddenly — and what does it reveal about Sweden’s counterintelligence vulnerabilities?

🇱🇻 Latvia’s Citizen Spy Warning
❓ Why is Latvia training civilians to spot Russian saboteurs — and could a similar approach bolster Canada’s national security?

💻 Kremlin Cyber Threats Using Old Exploits
❓ How are Russian state hackers exploiting early-2000s email flaws — and why are so many systems still vulnerable?

✈️ Trump’s $400M Jet Gift from Qatar
❓ Is this unprecedented gift a national security risk — and how might it be exploited for surveillance or foreign influence?

📦 Germany’s Parcel Bomb Plot
❓ What role did GPS-tracked test packages play in an alleged Russian bombing campaign — and how did German authorities stop it?

🔥 Poland’s Shopping Centre Arson
❓ Was the massive Warsaw mall fire a Russian intelligence op — and what does this say about the Kremlin’s evolving sabotage tactics?

🇨🇦 Canada’s Largest Terrorism Financing Case
❓ How did a Toronto man use crypto and crowdfunding to finance ISIS — and what precedent does this case set for counterterrorism moving forward?

👇 CHAPTERS
00:00 – Intro
01:30 – Sweden: Diplomat Dies After Espionage Arrest
05:00 – Latvia: Spotting Russian Spies in Public
09:00 – Cyber Threats: Kremlin Exploits Old Vulnerabilities
13:00 – Trump & the $400M Jet from Qatar
17:00 – Germany: Parcel Bomb Plot Linked to Russia
20:00 – Poland: Russian-Linked Arson at Warsaw Mall
23:00 – Canada: Record Terrorism Financing Case
24:30 – Outro

🇨🇦 Why it matters to Canada:
From Russian agents slipping in during tourist season to wildfire sabotage or online terrorism financing, these are no longer just international issues. They’re Canadian security threats — and it’s time we start treating them that way.

👍 Found this episode valuable? Like, comment, and subscribe to support weekly intelligence that goes beyond the front page.

#Espionage #NationalSecurity #Russia #Canada #CyberThreats #ForeignInterference #Sweden #Latvia #Germany #Poland #TrumpJet #GlobalIntelWrap

Transcript

2025 05 17 Global Intelligence Weekly Wrap Up

INTRO:

Welcome to Global Intelligence Weekly Wrap-Up, where we break down the world’s most urgent intelligence and national security stories.

With over 25 years of experience in intelligence and law enforcement, Neil Bisson—Director of the Global Intelligence Knowledge Network and a retired Intelligence Officer with the Canadian Security Intelligence Service—delivers expert analysis beyond the headlines.

This week, Sweden’s intelligence community is shaken after a high-ranking diplomat, recently arrested on espionage suspicions, is found dead—just days after his release.

In Latvia, citizens are being asked to look twice at their neighbours, as officials warn the public to be on alert for signs of Russian spies posing as tourists or outdoor enthusiasts.

We also examine a Kremlin-backed cyber threat that’s weaponizing early-2000s vulnerabilities to infiltrate defence contractors and government agencies—reminding us that sometimes, the oldest exploits are still the most dangerous.

Plus, questions swirl around former President Trump and a mysterious $400 million gift jet, raising national security red flags.

All that and more—let’s get started.

MUSIC

Hello everyone and welcome back to the Global Intelligence Weekly Wrap-Up. 

I’m your host Neil Bisson, a retired Intelligence Officer with the Canadian Security Intelligence Service, and the Director of Global Intelligence Knowledge Network. 

Each and every week, I break down the some of the most important open-source stories concerning espionage, foreign interference, terrorism, and national security, to provide you the insights and intelligence you need to better understand how these issues effect on your everyday. 

This week’s stories range from how to spot a Russian spy to potential national security ramifications of President Trump taking a 400-million-dollar plane as a gift. 

As always, there’s a lot to cover so let’s dive into it. 

In our first story, we're turning our attention to a troubling and unexpected development out of Sweden.

A senior Swedish diplomat, who had recently been detained by the country’s security service Säpo, on suspicion of espionage, was found dead just days after his release. 

According to the BBC article, the diplomat — described as high-ranking and recently stationed outside Europe — was arrested at his flat in Stockholm on Sunday. 

He denied any wrongdoing and was released on Wednesday, but tragically, he was found dead just two days later.

Although police have ruled out suspicious circumstances, the timing of this death raises significant questions. 

From an intelligence perspective, this story touches on several key areas:

First, it highlights the sensitivity and secrecy surrounding espionage investigations, particularly when the suspect is an insider from the diplomatic community.

Second, it points to potential vulnerabilities within national institutions when internal threats — possibly linked to foreign intelligence services — emerge from within the state's own foreign ministry.

While the details remain murky, this is not the first time a European nation has had to confront the uncomfortable reality of suspected espionage among its diplomats. 

Sweden’s Säpo has grown increasingly vocal in recent years about the threat of foreign espionage, particularly from Russia, China, and Iran.

This case also intersects with another Swedish security matter: the abrupt resignation of national security adviser Tobias Thyberg — just hours after taking office — reportedly following a leak of sensitive images from a dating app.

Unconfirmed reports suggest a link between that resignation and this investigation.

Sweden’s former foreign minister Carl Bildt called the deceased “extremely gifted and competent.” 

Meanwhile, the diplomat’s lawyer noted that he had filed a complaint regarding excessive force used during his arrest and that an investigation in that regard has begun.

From my professional standpoint, this is a complex case. 

While we must be cautious not to speculate, the sudden death of a suspect in an espionage case — particularly a diplomat — poses real concerns for counterintelligence professionals. 

Was he targeted? 

Did he take his own life under pressure? 

Or are we witnessing an intentional silencing? 

These are the difficult questions that Swedish intelligence and oversight bodies will need to investigate thoroughly.

The death of this diplomat is a sobering development in an already sensitive investigation. 

It underscores the immense pressures tied to espionage allegations and the high personal costs they can carry.

Moving forward, Sweden will face not only the technical challenge of completing the investigation but also a broader reckoning with trust, internal integrity, and the resilience of its national security infrastructure.

MUSIC

We head to Latvia for our next story, where citizens are being warned to keep an eye out — not for pickpockets or unruly tourists, but for Russian spies. 

The country’s Defence Intelligence and Security Service, known as MIDD, has issued a public guide on how to spot suspected Russian operatives, as concerns grow across Europe about sabotage, surveillance, and hybrid threats.

The MIDD’s annual report includes a list of potential red flags to help everyday Latvians identify possible Russian saboteurs. 

Indicators range from an unkempt appearance and poor hygiene to excessive curiosity during small talk and military-style haircuts. 

Another clue: “tourists” unfamiliar with the terrain but carrying specialized gear like medical kits, maps, or radios.

From a counterintelligence perspective, this public-facing warning reflects the growing normalization of hybrid warfare — where civilians may find themselves on the front lines of detecting state-sponsored threats. 

Latvia isn’t just urging vigilance; it’s effectively crowdsourcing national security awareness.

Latvia, like many NATO and EU member states, has grown increasingly concerned about Russian intelligence operations, especially following the invasion of Ukraine. 

Russian operatives are reportedly refining their tradecraft, appearing less like traditional spies and more like everyday tourists and citizens. 

This makes them harder to detect unless residents are trained to recognize subtle behaviours and irregularities.

The warning from MIDD follows an earlier campaign launched two years ago, aimed at helping citizens report suspicious behaviour near critical infrastructure or military facilities. 

The message now is clear: be alert but leave any action to police or the military.

While the alert might sound like something out of a Cold War spy thriller, the intelligence logic is sound. 

Russia has long used sleeper agents and sabotage tactics in both peace and wartime, often embedding personnel into local populations or disguising them as humanitarian workers or outdoor adventurers. 

Intelligence officers often teach their assets to blend in — but every disguise has tells.

This is part of a broader European concern. 

Germany recently arrested three Ukrainian nationals accused of plotting parcel bomb attacks on behalf of the Russian state. 

And last year, package explosions in the UK, Germany, and Poland — believed to be linked to Russian operations — set off alarm bells across the continent.

Latvia’s warning is not just about spotting spies — it’s about reinforcing a national security culture that includes the public as a first line of defence. 

In today’s climate of cyberattacks, sabotage, and psychological warfare, vigilance is no longer just the domain of intelligence professionals.

Citizens are now part of the intelligence ecosystem, whether they realize it or not. But the key message from authorities is simple: observe, report — and don’t engage.

Similar advice is worth noting for Canadians. 

Canada has shown support for Ukraine since the Russian invasion, and we have taken in a large diaspora of Ukrainians since the conflict began.

Canada’s military and logistical commitment to Ukraine, means we are a target for Russian espionage and sabotage operations. 

Our vast and diverse landscape provides an ideal opportunity for Russian operatives to enter the country, especially during tourist season, and easily blend in or disappear. 

Combine this with the increase in the intensity and time period of wildfires in Canada, and this leaves us highly susceptible to wildfire sabotage, which could easily be started by enemies of Canada as a destabilization technique to destroy infrastructure and refocus the narrative on issues that could be counterproductive to continued support for Ukraine. 

Wildfires are unpredictable and their cause can be difficult to determine. 

All this adds up to the need for Canadian citizens to be aware of anything suspicious and report it to the proper authorities. 

MUSIC

In this next story, we’re revisiting an old-school cyber threat that’s found dangerous new life. 

A Kremlin-backed hacking group has exploited vulnerabilities dating back to the early 2000s to compromise high-value mail servers used by defence contractors and governments around the world. 

This resurgence of cross-site scripting, or XSS attacks, shows that when it comes to cybersecurity, what’s old isn’t always obsolete.

The group responsible is Sednit — also known as APT28, Fancy Bear, or Forest Blizzard — and their targets include defence contractors in Bulgaria and Romania, as well as governmental organizations across Africa, South America, and the EU. 

These actors used spear phishing emails containing hidden JavaScript code to exploit XSS vulnerabilities in four widely used email server platforms: Roundcube, MDaemon, Horde, and Zimbra.

Once triggered, the exploit siphoned off address books, past emails, and in some cases even created forwarding rules so that all future emails would quietly land in attacker-controlled inboxes. 

The real sting here? 

Many of these vulnerabilities had already been patched years ago — but were never updated by some of the targeted organizations.

XSS vulnerabilities were once the bread and butter of browser-based exploits — peaking in popularity around the early 2000s. 

But they’ve gradually faded from the spotlight as more modern and complex exploits took centre stage. 

What makes this operation remarkable is Sednit’s ability to weaponize a decades-old method, relying on unpatched or outdated systems to get the job done.

In cybersecurity circles, this is a reminder that even the most pedestrian vulnerabilities — if left untreated — can offer serious value to nation-state actors. 

These aren’t script kiddies playing around.

These are strategic, state-sponsored campaigns, repurposing legacy bugs to compromise national defence and political systems.

From a tradecraft perspective, Operation RoundPress demonstrates disciplined recon and adaptability. 

Sednit doesn’t need bleeding-edge zero-days when old exploits are still effective. 

Their phishing emails appear benign — sometimes mimicking Ukrainian news alerts or articles from trusted outlets — but underneath that surface lies malicious HTML code. 

And while the attack has no built-in persistence, it’s designed to re-trigger anytime the email is opened from a vulnerable webmail interface.

One zero-day vulnerability in the MDaemon platform was also exploited, showing that while they’ll lean on old tricks, they’re still capable of leveraging novel ones. 

This mix of the old and the new is a hallmark of experienced adversaries.

This story underscores a simple yet critical point: cybersecurity isn’t just about blocking new threats — it’s about staying vigilant with the old ones. 

When defence contractors and governments fail to apply security patches, they leave the door wide open to adversaries like Sednit.

Legacy vulnerabilities don’t just fade away — they fester. 

And as Operation RoundPress proves, sometimes all it takes is one outdated mail server to compromise an entire network.

MUSIC

On to a story that’s raising a lot of eyebrows in Washington — and not just across party lines. 

I’m talking about the controversy surrounding President Donald Trump’s decision to accept a $400 million jet from the Qatari royal family — with plans to convert it into the next Air Force One.

On the surface, this may sound like just another flashy headline involving Trump. 

But dig a little deeper, and you’ll find this story is laced with national security concerns, foreign influence red flags, and potential espionage implications. 

Senator Susan Collins, a Republican from Maine, was blunt in her assessment, warning that the transaction is “rife with political espionage, ethical and constitutional problems.”

Her concern? 

The aircraft would require a thorough scrub to ensure no surveillance devices had been implanted — a risk that intelligence professionals know is not just theoretical. 

Accepting a plane — especially from a foreign government — opens a Pandora’s box of vulnerabilities, particularly when the donor is a wealthy Gulf monarchy with strategic interests in U.S. policy.

This isn’t the first time foreign gifts have triggered controversy. 

But this one would be the largest foreign gift ever received by the U.S. government. 

The situation also arises amidst tensions over delays in the production of a new Air Force One by Boeing — delays that Trump himself has vocally criticized. 

However, accepting a Qatari aircraft as a workaround has left many in both parties alarmed.

Republican Senators Ron Johnson and Rand Paul have expressed unease, while Senate Democrats are taking concrete steps to block a $1.9 billion arms sale to Qatar in retaliation. 

Senator Chris Murphy didn’t mince words, calling the gift an “illegal bribe” and “unconstitutional.” 

Even Senate Minority Leader Chuck Schumer is using his leverage, holding up Trump’s DOJ nominees in protest.

The bipartisan backlash here is telling. 

When intelligence security concerns are raised this vocally on both sides of the aisle, it usually means they’re well-founded. 

From my professional perspective, this gift creates a textbook case of potential foreign influence and OPSEC risk. 

You don’t just accept a $400 million jet and expect it to come without strings — or bugs.

Even if the plane is intended to be handed over to the Department of Defense, and later to Trump’s presidential library foundation, the optics — and operational risks — are severe. 

Every intelligence service knows that if you can get your hardware into a rival’s infrastructure, you’ve taken a significant leap forward in espionage capability.

This story is about more than just a luxury aircraft — it’s about the integrity of U.S. foreign policy, the security of presidential infrastructure, and how foreign governments may exploit opportunities to gain leverage. 

Expect further congressional pushback, and likely increased scrutiny on foreign gifts moving forward.

I’ll continue to watch this story closely and keep you posted.

MUSIC

For our next story, we’re covering a chilling development out of Germany — the arrest of three Ukrainian nationals accused of plotting a parcel bomb attack on behalf of the Russian state. 

The details offer a stark reminder of how hybrid warfare and sabotage are playing out in the heart of Europe.

German prosecutors say the plot was designed to target cargo transport systems — by placing explosive parcels into the logistics stream, intended to detonate during transit. 

The goal? 

Disruption. Chaos. And possibly mass casualties. 

And all this, allegedly directed by agents working for the Russian state.

The suspects — identified only as Vladyslav T., Daniil B., and Yevhen B. — were arrested in Germany and Switzerland after months of surveillance. 

Authorities say one of them mailed test packages fitted with GPS trackers from Cologne in March, a classic reconnaissance move to probe transport patterns and identify “suitable routes” for an eventual attack.

The investigation is being led by Germany’s Federal Criminal Police due to its national security significance. 

This isn’t just criminal mischief — it’s being treated as foreign-directed sabotage, with echoes of prior parcel-based attacks.

Let’s take a step back. 

This isn’t the first time parcel bombs have rattled Europe. 

In July 2023, a wave of parcel detonations — triggered in Birmingham, Leipzig, and near Warsaw — alarmed Western intelligence services. 

The packages were deceptively mundane, filled with sex toys or massage pillows, but cleverly rigged with cheap Chinese-made timers and flammable nitromethane gel disguised as cosmetics.

Authorities later confirmed that one of those packages could have caused a plane crash if it had ignited mid-flight. 

DHL was forced to overhaul security protocols after a fire broke out in one of their Leipzig warehouses.

It all paints a pattern — a low-cost, high-impact campaign of logistical sabotage. 

The kind of tactics you expect from a nation-state aiming to destabilize and distract. 

Western officials, including Britain’s MI6 chief Richard Moore, have openly accused Russia of orchestrating a “staggeringly reckless campaign” of sabotage across Europe.

Germany’s interior officials aren’t mincing words. 

North Rhine-Westphalia’s state minister Herbert Reul warned of “low-level agents” working for Russian services “for little money,” but doing serious damage. 

Germany’s justice minister echoed those concerns, calling the threat part of Moscow’s broader effort to undermine Western democracies through “perfidious intelligence methods.”

Even the U.S. reportedly stepped in. 

After learning of these plots, the Biden administration allegedly reached out to Moscow, warning the Kremlin to shut it down — a rare and direct confrontation over covert activity.

Meanwhile, German Chancellor Friedrich Merz has pledged to meet such threats with “defence preparedness.” 

Given Germany’s position as the second-largest supplier of military aid to Ukraine, it’s likely we’ll see increased security around critical infrastructure, especially in transport and logistics.

Here’s why this matters to intelligence professionals and security personnel: this is not about lone or fringe actors. 

This is a state-directed sabotage campaign, leveraging proxies to conduct operations that blur the line between espionage, terrorism, and psychological warfare.

These kinds of hybrid threats are designed to erode trust — in government, in logistics systems, and in public safety. 

And they’re incredibly hard to stop. 

Parcel bombs in the mail stream represent a nightmare scenario: low visibility, high risk, and near-impossible attribution — unless security services catch a break, like the GPS-laced test runs in this case.

This is the future of covert conflict — and, unfortunately, it’s already here.

Germany's arrests may have prevented a catastrophe, but the larger threat remains. 

As the war in Ukraine continues, expect more of these low-cost sabotage efforts across Europe and North America. 

The question is no longer if they’ll happen again, but where — and whether security agencies can stay one step ahead of them.

MUSIC

Our next story takes us to Poland where we are looking at another case of Russian sabotage.

Poland has accused Russian intelligence agencies of orchestrating a massive fire at a shopping centre in Warsaw last year—and this marks a sharp escalation in an already tense relationship between the two countries.

According to the Polish government, a yearlong investigation has concluded that the Marywilska 44 shopping centre fire in May 2024 was an act of arson ordered by Russian intelligence services. 

Over 1,400 retail units were destroyed in the blaze.

In response, Poland summoned the Russian ambassador and announced the closure of Russia’s consulate in Krakow. 

Russia, for its part, denies involvement and has labelled the accusations as Russophobic, vowing to issue what it calls an “adequate response.”

This is a prime example of covert sabotage, part of a growing list of alleged Russian hybrid operations across Europe. 

The use of fire as a weapon to disrupt civil infrastructure shows a shift toward more destructive and attention-grabbing methods.

Poland has long been a logistical and political hub for Western military and humanitarian support to Ukraine, making it a high-priority target for Russian influence and disruption. 

It’s not the first time Poland has linked Moscow to sabotage. 

In October, Warsaw also closed the Russian consulate in Poznan over similar suspicions. 

Russia retaliated by shutting down the Polish consulate in St. Petersburg.

This also fits a broader regional pattern: just three days before the Warsaw fire, Lithuanian authorities reported a suspicious fire at an IKEA store, which they also attributed to Russian interference. 

Western intelligence agencies have increasingly identified fire, cyberattacks, and mail bombs as part of a toolkit used by Russian services to destabilize pro-Ukraine governments.

Polish Prime Minister Donald Tusk confirmed the fire was a deliberate act of arson coordinated by someone in Russia. 

He noted that some of the perpetrators are already in custody, while others have been identified and are being sought.

From an intelligence standpoint, this points to a multi-tiered operation involving local assets and foreign coordination. 

The fact that arrests have been made suggests Polish counterintelligence has made real headway in identifying operational networks tied to Russia.

This highlights the ongoing evolution of Russian intelligence operations—they are no longer just stealing secrets or planting malware, they are also disrupting public life and infrastructure through direct sabotage, forcing nations to re-evaluate the traditional boundaries of espionage.

Poland’s accusation against Russia marks a serious escalation in East-West tensions and signals a new willingness by European governments to name and shame when it comes to covert attacks.

With ongoing conflicts, intelligence services will continue to play a frontline role not only abroad—but also at home.

Expect more of these operations to be exposed as Western agencies ramp up counterintelligence efforts, and don’t be surprised if diplomatic fallout continues in the months ahead.

MUSIC

For our last story this week we return to Canada, where we're examining a landmark terrorism financing case. 

A Toronto man has pleaded guilty to financing terrorist acts overseas, marking what the RCMP calls the largest terrorism financing conviction in Canadian history.

The man, 36-year-old Khalilullah Yousuf, used cryptocurrency and crowdfunding tools to funnel funds to Daesh—more widely known as ISIS. 

He also disseminated extremist propaganda online, recruiting and radicalizing others. 

Let’s break this story down and explore its deeper implications for national security and the evolving digital threat landscape.

Between 2019 and 2022, Yousuf sent more than $50,000—including $15,000 raised via GoFundMe—to support Daesh-linked individuals. 

What makes this case particularly significant is how the funds were transferred: through cryptocurrency and online platforms, sidestepping traditional banking systems and detection mechanisms.

He also disseminated over 3,800 hyperlinks promoting extremist content, in addition to producing propaganda justifying terrorist violence against foreign nationals in Afghanistan.

From an intelligence standpoint, this case is critical. 

It highlights how non-kinetic roles in terrorism, like financing and online radicalization, are increasingly pivotal. 

It's not just the bomb-makers or attackers we need to worry about—it's the digital facilitators working behind the scenes who are just as dangerous.

Terrorism financing isn’t new, but the methods are evolving. 

Traditionally, cash couriers or unwitting charities were the tools of the trade. 

Now, we’re seeing tech-savvy lone actors using platforms like GoFundMe, Bitcoin, and encrypted messaging apps to move money and ideology across borders.

This case is comparable to similar trends observed in the UK, Australia, and the U.S., where online radicalizers operate from suburban homes, not war zones. 

The Yousuf case marks the first successful Canadian conviction using both crowdfunding and crypto to support terrorism—an important precedent for future prosecutions.

The Public Prosecution Service of Canada said it best:
“Terrorism is violence that seeks to justify itself. But the violence needs support by advocates, recruiters, and financiers... Those who make the violence possible must be held to account.”

I couldn’t agree more. 

Every successful terrorist act often begins with someone behind a keyboard—spreading propaganda, raising funds, or connecting like-minded individuals. 

I have previously done a video on cryptocurrency and terrorism and will leave a link to it in the show notes. 

Disrupting these non-violent but essential support roles is just as important as stopping the attack itself.

This case marks Canada's largest terrorism financing conviction to date and sets new legal ground for tackling cyber-facilitated terrorism.

Looking ahead, expect Canadian law enforcement and intelligence agencies to further expand their focus on the digital financing and propaganda wings of terrorist networks. 

This isn’t just about stopping the bombs—it’s about cutting off the lifelines that make them possible.


Well, that’s it for this week.  

As always links to the news articles discussed are in the transcript of this podcast. 

For all my Canadian listeners, I’d like to wish you a happy May 24 weekend, despite it not falling on the 24th.

I also want to give a shout out to the participants of my recent University of Ottawa online Course: The Psychology Behind Human Sources in Intelligence Collection. 

Thank you for participation and input.  

Another course is being offered in November, so if you interested, please register early before the class fills up. 

So, until next week: Stay curious, stay informed and stay safe. 

MUSIC

OUTRO:

That’s a wrap for this week’s Global Intelligence Weekly Wrap-Up.

From a suspicious death in Sweden’s diplomatic ranks, to Latvia’s public guide on spotting Russian spies, to a cyber threat exploiting two-decade-old vulnerabilities—this week’s stories show just how layered and persistent modern threats have become.

Delivering this kind of expert insight each week takes time, experience, and a deep commitment to highlighting the stories that impact national security—even when they don’t make front-page headlines.

If you found today’s episode valuable, consider liking, sharing, or leaving a review—it’s a powerful way to support the show and help others discover it.

And if you’d like to take your support even further, check out the link in the show notes to contribute through Patreon or Buzzsprout. 

Whether it’s a one-time tip or ongoing support, it helps keep this mission alive.

Thanks for listening.

And as Neil always says: stay curious, stay informed, and stay safe.

We’ll see you next week.

Links:

Story 1: Shock in Sweden at death of diplomat questioned for spying
Link: https://www.bbc.com/news/articles/cn7zvleen71o

Story 2: Beware unkempt tourists: Latvia tells citizens how to spot Russian spies
Link: https://www.theguardian.com/world/2025/may/15/latvia-shares-spy-spotting-guide-to-help-public-expose-russian-saboteurs

Story 3: Spies hack high-value mail servers using an exploit from yesteryear
Link: https://arstechnica.com/security/2025/05/spies-hack-high-value-mail-servers-using-an-exploit-from-yesteryear/

Story 4: Trump’s Qatar jet gift ‘rife with political espionage’ issues, Republican Sen. Collins warns
Link: https://www.cnbc.com/2025/05/15/susan-collins-trump-qatar-jet-gift-criticism.html

Story 5: Germany arrests three Ukrainians over alleged Russian parcel bomb plot
Link: https://www.theguardian.com/world/2025/may/14/germany-arrests-three-ukrainians-over-alleged-russian-parcel-bomb-plot

Story 6: Diplomatic spat ignites as Poland accuses Russia of sabotage
Link: https://www.aljazeera.com/news/2025/5/12/diplomatic-spat-ignites-as-poland-accuses-russia-of-sabotage

Story 7: Toronto man pleads guilty in Canada’s ‘largest terrorism financing scheme’
Link: https://www.ctvnews.ca/toronto/article/toronto-man-pleads-guilty-in-canadas-largest-terrorism-financing-scheme/