The brother-in-law of a regional Yemeni al Qaeda leader confirmed to NBC News that the al Qaeda leader was killed overnight in a U.S. airstrike, one of a wave of strikes in Yemen that began Thursday.

Osama Haidar was in a car in Abyan province with several other men when their car was struck by either a drone or a plane, said his brother-in-law , Aly Mohamed Somly, via phone from the Yemeni capital of Sanaa. "I found out today that he and four others were hit ... and killed," said Somly.

"The car belonged to al Qaeda," said Somly. He named one of the other dead men as Radwan al Naqib. 

Yemeni media described Haidar as the leader of al Qaeda in the Arabian Peninsula (AQAP) in a portion of the governorate of Aden.

Somly said that his brother-in-law joined al Qaeda's Yemeni affiliate,after he was jailed and tortured. "Al Qaeda helped him out in jail and received him when he was released."

Somly said Haidar fought with al Qaeda against the Iranian-backed Shia Houthi rebels. He then found himself fighting Saudi and United Arab Emirates forces when those countries began fighting al Qaeda.

Emirates troops took part in the January U.S. SEAL raid on an alleged al Qaeda encampment in the mountains of Yemen that left one SEAL dead.

During the past two days, the U.S. has launched dozens of airstrikes in Yemen.

Image: Yemen raid
An image released by a Yemeni organization purports to show bullet holes in a building damaged in the U.S. raid in Yemen to capture or kill Qassim al-Rimi. National Organization of Drone Victims

latest posts from Intel Desk



CIA Adds Eight Stars to Memorial Wall For Fallen Officers

Each year, new stars are carved into the marble of the CIA’s Memorial Wall in the agency’s main lobby. Each represents an employee who died while carrying out his or her duties, often clandestine. 

When it was first dedicated in 1974, there were 31 stars. After a ceremony held Monday, the number is 125. As is true almost every year, some of the new stars honor fallen officers whose names and operations remain classified. 

Four of the eight new stars represent officers whose names if revealed might unveil classified operations. 

A fifth was added to honor Mark S. Rausenberger, an 18-year agency officer who died while serving overseas. The circumstances of his death remain classified. 

In the past, the agency has reviewed the history of clandestine operations to determine if a name can be declassified. The identity of the man honored with the first star, Douglas Mackiernan, wasn’t revealed until 2006, 56 years after his death.

The three other new stars pay tribute to David Bevan, Darrell Eubanks, and John Lewis. All died when their plane crashed while carrying out a mission for Air America, the CIA’s Vietnam-era "airline," in Laos in 1961.

In remarks to those assembled before the wall Monday, including families of the fallen, CIA Director Mike Pompeo said that each star represents "a life that is dear to us … We remain forever devoted to them, as they were to us. And we will strive to make them proud of us, as we are of them."

Image: Tim Johnston carves CIA memorial stars
Tim Johnston, a partner of Manassas Granite and Marble, is shown scraping the surface on a memorial star carved out of marble that he just airbrushed a dark finish, on May 2, 2014 in Manassas, Virginia. John McDonnell / The Washington Post via Getty Images

Got A News Tip? We Want To Know About It

Click here for instructions on different ways to reach us: email, mail, or the messaging apps Signal, Telegram or WhatsApp. Each tool has its own security measures.

That North Korean Missile Really Worked, Say U.S. Officials

Two U.S. defense officials confirm that North Korea's launch of a KN-17 missile last Sunday was successful and that the missile's re-entry vehicle did successfully re-enter the atmosphere.

The re-entry was controlled and the vehicle did not burn up, the officials said. It landed in the sea near Russia

The KN-17 is a liquid fuel single-stage missile. In boasting of the successful launch, the North Koreans called it a "medium long-range" ballistic rocket that can carry a heavy nuclear warhead.

The U.S. officials characterized Sunday's launch as an advancement for the North Korean missile program.

North Korea also launched one in mid-April, but it exploded seconds later.

Image: North Korea Missile
This picture taken on May 14, 2017 and released from North Korea's official Korean Central News Agency (KCNA) on May 15 shows a test launch of the ground-to-ground medium long-range strategic ballistic rocket Hwasong-12 at an undisclosed location. AFP - Getty Images

U.S. Announces New Iran Sanctions, But Keeps Waiving Sanctions

The Treasury Department announced new sanctions on Iran for its ballistic missile program Wednesday, but also said it will continue to waive sanctions as required by the Iran nuclear deal.

"The Treasury Department is imposing new sanctions on Iranian defense officials, an Iranian entity, and a China-based network that supplied missile-applicable items to a key Iranian defense entity,'" said a statement released by the Treasury Department. "The action reflects concern with Iran’s continued development of ballistic missiles, which is in inconsistent with United Nations Security Council Resolution 2231. 

The statement also said the waiver of sanctions "does not diminish the United States' resolve to continue countering Iran's destabilizing activity in the region. ... [A]bove all, the United States will never allow the regime in Iran to acquire a nuclear weapon."

Ex-NSA Official Confirms Ransomware Based on Flaw Swiped from NSA

A former senior National Security Agency official who consults with the agency told NBC News that it's true, as cybersecurity researchers report, that the WannaCry ransomware epidemic is the result of a software vulnerability identified and stockpiled by the NSA. And it became public when it leaked as part of the Shadow Brokers disclosures.

The NSA releases 90 to 95 percent of the software vulnerabilities it discovers, he said, but it sits on the rest for use in hacking and spying activities. In other words, it doesn't tell Americans about software holes that make them vulnerable -- so it can exploit those weaknesses to spy on foreigners.

In this case, after the leak, the NSA warned Microsoft and other companies, the official said. Microsoft released a patch in March.

But not everybody patches, and those running outdated systems may not even be able to.

The former official said some people would like the NSA to alert industry to every software hole it finds. But then, he said, the NSA would lose intelligence collection. And hackers would still find holes to exploit, because such holes are inevitable.

That said, he praised a new system in the UK, where spies sit with private researchers and share vulnerabilities in real time. That doesn't mean the Brits don't keep some secret, he added.

He sees a Russian hand in the Shadow Brokers disclosures, which would be ironic if true. Russia has suffered heavily from the ransomware attack because it uses pirated and outdated software.

Tom Winter

Ransomware That Hit Europe's Computers Did Not Come From NSA Leak

Some media reports about the ransomware -- called WannaCry -- that rocked the UK health system, Spain's telecom industry, and other targets in Europe Friday say that hackers pulled it from a leaked NSA tool kit. 

That's not really accurate. 

Instead, computing experts say and a review of the computing code shows, the leaked NSA tool kit demonstrated to the hackers how they could attack these systems. The hackers didn't use NSA code, but they did copy something from the tool kit. 

"WannaCry ransomware uses one of the exploits released recently by Shadowbrokers in the leaked NSA tools archive," said Andrew Komarov, chief intelligence officer for the cybersecurity firm InfoArmor. "This is pretty normal practice, where cybercriminals are using the latest vulnerabilities in order to increase the efficiency of their malware."

The name of the NSA tool that the hackers drew on to develop the new ransomware is called "Eternalblue".

The software fix for the vulnerability that the ransomware exploits came out in March, before the Shadowbrokers leak, so experts say there was theoretically time to patch systems in advance of an attack. 

Komarov said there was no indication that WannaCry or Friday's attack had anything to do with the NSA "or any other state-sponsored cyber offensive activities."

Image: Illustration ot man typing on a computer keyboard
The FBI is warning that unknown hackers have launched cyberattack with 'destructive malware' in the U.S. Kacper Pempel
Robert Windrem

CIA Creates New Korean Mission Center, Won't Say Who Runs It

The Agency announced late Tuesday that it has established a "Korea Mission Center" to "harness the full resources, capabilities, and authorities of the Agency in addressing the nuclear and ballistic missile threat posed by North Korea." The CIA also announced that Director Mike Pompeo has named a "veteran intelligence officer" to run the center — but declined to name the officer for security reasons.

Both publicly and privately, the agency has said North Korea has been one of, if not the most, difficult of intelligence targets.

"Creating the Korea Mission Center allows us to more purposefully integrate and direct CIA efforts against the serious threats to the United States and its allies emanating from North Korea," said Pompeo. "It also reflects the dynamism and agility that CIA brings to evolving national security challenges."