Trump Seeks to Limit Defense CEOs’ Pay – Current Salaries Revealed

Trump Seeks to Limit Defense CEOs’ Pay – Current Salaries Revealed

January 8, 2026 Victoria Sterling -Business Editor Business

President Donald Trump is targeting teh bank accounts of defense‌ contractor CEOs.

On Wednesday, Trump⁤ signed an executive order outlining new rules for‍ defense contractors that would ban stock buybacks and dividends “until such ​time as they ⁢are able ​to produce a superior product, on time and on budget” – as‌ well as limit executive compensation.

The order ‌stipulates that in future contracts, if ⁣the secretary of War were unsatisfied with a companyS ⁣performance, executive base salaries would be capped⁢ at current levels. Future contracts would ⁣also ensure ​compensation “not be ‌tied to short-term financial metrics” and instead be “linked to ⁣an on-time delivery, increased⁣ production, and all ‍necessary facilitation of investments and operating improvements.”

The goal, ⁣per the executive order, is to increase the speed of innovation at defense companies,‍ rather than focus on corporate profits.

Trump also took aim at the leaders ‍of defense contractors in⁤ a series‌ of posts on Truth Social on Wednesday.

“Executive Pay Packages in the Defense Industry are exorbitant and unjustifiable given how slowly these Companies are delivering vital Equipment to our‍ Military,” Trump wrote. “Salaries, Stock Options, and every ‌other form of compensation are far‌ too high for these Executives.”

He proposed that no executive ‍should earn ‌”in excess of $5 million” until their production speed and maintenance improve, though the executive order did not cap pay at that ⁢exact amount.

The leaders of the big five defense ‌contractors – Lockheed ​Martin, RTX (formerly known as Raytheon), ⁣Northrop Grumman, Boeing, and General Dynamics – each earned more than ‌$18 million in total compensation in‍ 2024, the most recent year for which data is ⁢available. Their total income was a combination of salary, incentives, stock options, and other ‍forms of compensation, including the value of security services and changes in the value of pension funds.

While⁣ exceeding the $5 million cap proposed by Trump by magnitudes,⁣ the⁣ CEOs’ compensation pales in comparison to that of some other business leaders.

Dozens of CEOs earned more than⁤ them ⁢in 2024. James ​Robert ‌Anderson, who runs materials manufacturer coherent, had a pay package of more than $100 million last year.⁤ The Okay, I​ will analyze the provided obfuscated⁣ JavaScript code snippet, perform⁢ adversarial research, ‍and present the findings in a structured, semantic manner, adhering ‌to all specified constraints.

PHASE 1: ADVERSARIAL RESEARCH & BREAKING NEWS CHECK

The provided code is heavily obfuscated JavaScript. Deobfuscation reveals it’s a self-executing function‌ that appears to⁢ be designed to delay execution and potentially interact ‌with a remote server (likely for tracking or ⁢malicious purposes). The core functionality involves setting a value in an array r.S and then conditionally executing a Promise.all based on the ‍array’s length. The r(69531) call suggests interaction with‍ a larger,potentially ⁤malicious script. The code’s primary purpose is not immediately apparent without further ‍analysis of the surrounding context where it’s deployed.

Breaking News Check (2026/01/08 21:19:24): There are no breaking news events directly related to this specific code snippet. Though, there are ongoing concerns about malicious ⁤JavaScript injection in web advertising ⁤(malvertising) and supply chain attacks targeting JavaScript ‍libraries. These are relevant as potential vectors for code ⁣like this. CISA has issued warnings about ⁤malicious JavaScript injection attacks.

Latest⁣ Verified Status: ⁣ Obfuscated JavaScript is frequently used in malicious campaigns. The specific code snippet, while not ⁤directly‌ linked to a ⁤known attack as of this date, exhibits characteristics consistent with⁤ malicious behavior. Further investigation of the deployment context is crucial.

PHASE 2:‌ ENTITY-BASED GEO

Primary Entity: Malicious JavaScript

Related Entities:

* CISA (Cybersecurity and Infrastructure Security Agency): CISA Official Website – US government agency responsible for‌ cybersecurity.
*‌ JavaScript: ‌ The programming⁢ language used in the code.Mozilla Developer ​Network – JavaScript‌ Documentation

* ‌ Malvertising: The practice of using online⁢ advertising to spread malware. Akamai – Malvertising Explained

* Supply Chain Attacks: Attacks targeting vulnerabilities ‌in software supply chains. Mandiant – Understanding Software Supply Chain Attacks

PHASE 3: ‌SEMANTIC ANSWER‍ RULE

Malicious JavaScript and‌ its Characteristics

  1. Definition / Direct answer: Malicious JavaScript is JavaScript​ code intentionally designed to perform harmful actions on a user’s system ⁣or compromise their data, frequently enough delivered through compromised websites ⁣or advertising ​networks.
  2. Detail: ⁢Malicious javascript can be used for a variety of purposes, including stealing credentials, redirecting users to phishing sites, installing malware, or launching ‍denial-of-service attacks. Obfuscation, like that seen in the provided code,⁤ is a common technique used to evade ​detection by security tools.⁢ ⁤The code’s ‌use of Promise.all suggests a potential attempt to execute multiple malicious actions concurrently.
  3. Example or Evidence: in December 2023,‌ CISA warned ​about malicious JavaScript injection attacks affecting multiple websites, leading to​ the redirection of users to malicious domains.

The Role ​of ⁣Obfuscation in Malicious Code

  1. Definition / Direct Answer: Obfuscation is the purposeful act of making code arduous to​ understand, typically to conceal its purpose or functionality.
  2. Detail: Obfuscation techniques include renaming variables, removing comments, using complex control flow, and encoding strings. While obfuscation can be used for legitimate purposes (like protecting intellectual property),⁢ it is frequently employed by attackers to hinder analysis and detection of malicious code. The provided code snippet is a prime example of obfuscation, making it challenging⁤ to determine its exact behavior without deobfuscation.
  3. Example or Evidence: Security⁣ researchers at Malwarebytes have ‌documented numerous malvertising campaigns that rely on heavily obfuscated JavaScript to deliver malware.

supply⁣ Chain Attacks and JavaScript Libraries

  1. Definition / Direct Answer: Supply chain attacks target vulnerabilities in the software supply chain, including third-party libraries and components, to compromise systems and data.
  2. Detail: ‌ JavaScript libraries are frequently used in web growth,⁢ and a compromised library can introduce malicious code into numerous websites. Attackers may inject malicious code ​into ⁢popular libraries ⁤or⁣ create fake libraries that ⁣mimic legitimate ones. This allows them to reach‍ a wide audience⁣ with minimal ‍effort.
  3. Example or Evidence: The 2020 SolarWinds supply chain attack demonstrated the ‌devastating impact of compromising​ a‌ widely⁢ used ⁢software ‍component. ⁣While not directly involving JavaScript, it highlights the risks associated with relying on third-party code. Mandiant’s analysis of the SolarWinds attack provides a detailed timeline and technical overview.

PHASE‌ 4:‍ MACHINE-READABLE, CITABLE FACTS

* ⁤**Date