Adversaries are purchasing commercially aggregated location data, collected via mobile apps and websites through online advertising networks, to surveil and target U.S. military personnel in conflict zones. This threat vector exploits the legal sale of data by brokers, weaponizing it for operational security risks. Senator Ron Wyden has called for stricter regulations on the adtech industry's data collection and trade practices to mitigate this national security threat.
Government security U.S. military personnel targeted using commercial location data May 29, 2026 Share By SC Staff (Adobe Stock) As outlined in TechCrunch, the U.S. Department of Defense has confirmed that adversaries are exploiting commercial location data to surveil and target U.S. military personnel in active conflict zones. This revelation highlights a significant national security concern regarding the widespread availability and misuse of data collected from everyday devices. The U.S. Central Command acknowledged in a letter that hostile actors are purchasing commercial location data to track American servicemembers. This data is often gathered through mobile apps and websites via online advertising networks, then aggregated and sold by data brokers on the open market. While governments, including the U.S., have previously acquired such data without warrants, this marks a direct instance of its weaponization against military personnel. Senator Ron Wyden has called for the adtech industry to be recognized as a national security threat, emphasizing the urgent need for stricter regulations on how location data is collected, traded, and utilized to prevent future exploitation. Source: TechCrunch SC Staff Related Vulnerability Management Drupal bug added to CISA list of known exploited vulnerabilities Steve Zurier May 26, 2026 Drupal SQL injection flaw CVE-2026-9082 added to CISA KEV as active attacks target sites. Government security Belarus-linked Ghostwriter group targets Ukraine using Prometheus learning platform lures SC Staff May 22, 2026 Ghostwriter, also known as UAC-0057 and UNC1151, employs a multi-stage attack. Vulnerability Management You can now nominate vulnerabilities for CISA’s KEV with this form Laura French May 22, 2026 CISA seeks to engage the wider community to more quickly identify active exploitation. Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe You can skip this ad in 5 seconds