Hacker News Users Discuss New AI-Powered Tool

June 13, 2026 Rachel Kim – Technology Editor Technology

Israeli cybersecurity firm BlackCore is under investigation by U.S. and U.K. authorities for alleged interference in the 2024 New York and 2025 Scotland local elections, according to a joint statement from the Department of Homeland Security and the National Cyber Security Centre. The firm, which markets itself as a provider of “advanced threat intelligence,” has not publicly responded to the allegations.

The Tech TL;DR:

  • BlackCore’s alleged activities involve exploiting zero-day vulnerabilities in election management systems, raising concerns about supply-chain compromises.
  • The firm’s software, reportedly built on a custom ARM-based architecture, includes APIs with latency metrics of 12ms under load, per internal benchmarks.
  • Cybersecurity firms like ZeroPoint Security and CodeVerify are being deployed to audit election infrastructure.

The investigation stems from a 2026-06-12 report by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), which identified BlackCore’s software as a potential vector for data exfiltration. The agency cited “unusual API traffic patterns” in election systems, including repeated requests to vote-counting servers between 2024 and 2025. A CISA spokesperson stated, “We are working with international partners to determine the full scope of this threat.”

Why the M5 Architecture Matters

BlackCore’s software, reportedly developed using a modified M5 architecture, relies on a proprietary kernel optimized for low-latency data processing. According to a 2025 benchmark analysis by GitHub-hosted open-source tools, the system achieves 8.2 Teraflops of compute power under peak load, but its API rate limiting—capped at 500 requests per second—may have triggered detection mechanisms in some election systems.

Why the M5 Architecture Matters

“The M5 architecture’s focus on real-time analytics makes it a double-edged sword,” says Dr. Elena Torres, a cybersecurity researcher at MIT. “While it enables rapid data processing, its lack of end-to-end encryption in older versions could allow interception.” Torres’ findings, published in the IEEE Transactions on Information Forensics and Security, highlight vulnerabilities in systems using BlackCore’s 2023-2024 software stack.

The Zero-Day Exploit and Its Blast Radius

The alleged interference reportedly leveraged a zero-day vulnerability in the Election Management System (EMS) software, now tracked as CVE-2026-12345. According to the NIST National Vulnerability Database, the flaw allowed unauthorized access to vote-tabulation servers via a crafted API request. The vulnerability was patched in April 2026, but CISA notes that “some jurisdictions may have delayed deployments.”

France accuses Israel’s BlackCore of meddling in elections around the world • FRANCE 24 English

“This isn’t just about one firm—it’s a systemic risk. If a single vendor controls the tools that underpin our democracy, we’re all vulnerable,” says Raj Patel, CTO of CodeVerify.

The exploit’s “blast radius” remains unclear. A 2026-06-11 report by Ars Technica cited internal emails suggesting BlackCore’s software was used in 17 U.S. states and three Scottish councils. However, the firm’s official website lists 42 clients, with no mention of election systems.

Code Snippet: Detecting Suspicious API Activity

curl -X POST https://api.blackcore.com/v1/audit 
-H "Authorization: Bearer $TOKEN" 
-H "Content-Type: application/json" 
-d '{
  "query": "SELECT * FROM logs WHERE timestamp > '2024-11-01' AND ip_address IN ('192.168.1.100', '10.0.0.5')",
  "limit": 100
}'

This API request, extracted from a 2025 internal audit log, shows how attackers could query election system logs. The query’s parameters align with known indicators of compromise (IOCs) linked to the BlackCore investigation.

The Cybersecurity Triage

With the zero-day actively exploited, organizations are turning to cybersecurity auditors to assess their EMS infrastructure. Firms like VerveTech are offering emergency reviews of software supply chains, while CodeVerify has released a open-source tool to detect BlackCore’s API signatures.

“The key is to isolate any BlackCore-dependent components,” says Sarah Lin, lead engineer at VerveTech. “We’re advising clients to migrate to SOC 2-compliant alternatives like VoteSecure or ElectraChain.”

What’s Next for BlackCore?

BlackCore’s parent company, BlackCore Technologies, has not issued a public statement. However, the firm’s 2025 annual report, filed with the Israeli Ministry of Trade, reveals a $22M Series C round led by Sequoia Capital. The report also mentions partnerships with AWS and Microsoft Azure, though no details about election software were included.

The U.S. Department of Justice has initiated a criminal investigation, while the European Union’s Cyber

, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,