- HX Weekly by Hexagon Center
- Archive
- Page 1
Archive
Are you sure?
AI-driven deception has reached a point that even leading deepfake experts no longer trust their observations. Imposter scams cost victims a record $3.5 billion in 2025, and sophisticated AI-powered threats include hallucinated reports, fake data breaches, and hardware exploitation. Social engineering remains the most common route to compromise, with threat actors extorting universities and attackers hijacking WordPress plugins and Steam Workshop content. The update urges readers to adopt a “verify-first” mindset, rejecting blind trust and adopting rigorous personal verification. It invites the community to engage with their new 7-hour cycle of security PSAs to build cyber resilience.
It’s probably a scam, spam or hack
This week highlights a surge in financial-focused cybercrime, including widespread spam, scams, sophisticated extortion, and physical threats like malicious USB drops. Hackers exploit trusted platforms like Microsoft, Google, and LinkedIn to deliver malware, hide spam, and recruit insiders. Amidst reports of mass Instagram account takeovers and corporate cover-ups, the Hexagon Center emphasizes refusing to fund these threats, never paying ransoms, and utilizing community resources for verification. As the Center launches new cybersecurity programs, it invites the public to join their mission of collective digital defense.
Election Hopes By Threat Actors
Our 3rd anniversary edition of HX Weekly reveals a growing cyber threat landscape, with cybercriminals targeting democratic infrastructure and professional networks. Over 5,000 fake election-themed domains have been registered for phishing, and the Five Eyes warn of Chinese spies recruiting via LinkedIn. We are also highlights vulnerabilities in AI systems, including Meta AI being tricked into granting Instagram access, malware spread through ChatGPT links, and the hijacking of the Gemini Voice Assistant. Despite new defenses like Android's caller-verification feature, the scale of these attacks emphasizes the need for skepticism. As the Hexagon Center celebrates its anniversary, it urges the public to question links, verify identities, and practice proactive cyber hygiene.
AI and Cybersecurity is complicated relationship
The 123rd edition of HX Weekly highlights a critical escalation in the cyber threat landscape, driven by the automation of Phishing-as-a-Service (PaaS) kits like Kali365, which bypass security by hijacking Microsoft 365 access tokens. Threat actors are rapidly democratizing cybercrime by deploying “no-code” malware builders and live credential interception, while aggressive fraud campaigns target Formula 1 and 2026 World Cup fans. Defensive AI tools like Claude Mythos are uncovering thousands of high-severity software flaws, but the accelerating pace of AI-assisted exploits has triggered societal anxiety and law enforcement warnings about a rise in anti-tech extremism. Hexagon Center emphasizes that basic caution is insufficient; individuals must intentionally build active cyber intuition and split-second zero-trust habits to defend against highly automated adversaries.
Everyday products we use are vulnerable to cyber attacks?
Modern convenience products, from Microsoft accounts to local water utilities, are vulnerable to cybercriminals. While AI helps discover vulnerabilities in Google Chrome, it also generates fake content. Healthcare data breaches and CISA’s warning about potential conflicts require us to develop digital intuition to be cyber smart, not just street smart.
Is it even a question to pay or not to pay?
HX Weekly warns against paying ransomware demands, citing the recent Canvas breach as evidence of cybercriminals’ inability to delete stolen data. Proactive backups and strict digital hygiene are the only true defenses. This week’s news focuses on the intersection of AI and cybersecurity, with global leaders pushing for regulation as AI hallucinations create vulnerabilities, fake OpenAI repositories distribute malware, and Google thwarts an AI-developed zero-day exploit. The threat landscape escalates, with threat actors breaching corporate networks via Microsoft Teams and shifting focus to physical infrastructure disruption. To help navigate these threats and the spread of MDM, the Hexagon Center concludes its 7,7 campaign and launches a new rotating video series on May 25th on practical digital detox and cyber hygiene strategies.
The last password?
This edition stresses the urgent need to abandon traditional passwords in favor of Multi-Factor Authentication (MFA) as vulnerabilities—such as Microsoft Edge exposing cleartext passwords—continue to surface. Beyond authentication, the newsletter highlights a severe threat landscape marked by a massive $725 million surge in cyber-enabled cargo theft, £102 million lost to romance scams, and widespread phishing campaigns exploiting remote access tools. To combat the growing psychological toll of the modern internet, the Hexagon Center is also introducing a "Digital Defense" framework to help prevent online radicalization and is launching a new video series designed to help users take back control of their social media habits.
How did those scam messages get to you?
An escalating landscape of social engineering and automated cybercrime, specifically noting the Toronto Police's bust of an "SMS Blaster" operation and the staggering $2.1 billion lost by Americans to social media scams last year. The newsletter emphasizes a sophisticated campaign by North Korean hackers (BlueNoroff) using AI-generated Zoom meetings and "ClickFix" lures to drain Web3 crypto wallets, while also reporting on major data breaches at ADT and Carnival Corporation. Amidst record-breaking privacy fines and the rise of the BlackFile extortion group, the report concludes that while AI-driven threats are evolving, traditional methods like phishing and vishing remain highly effective, urging users to trust their instincts and maintain manual vigilance as the primary line of defense.
Google Photos upgrades may affect you
The 118th edition of HX Weekly highlights the deep integration of Gemini AI into Google Photos, urging users to review permissions to maintain data privacy. This edition also covers critical security alerts, including Apple account notification scams and help desk impersonation attacks on Microsoft Teams used to deploy malware. With additional reports on "ghost breaches," vulnerability flaws in healthcare systems, and a breach at ADT, the newsletter emphasizes a heightened need for vigilance across the "Internet of Things."
AI working with the scammer
Anthropic recently developed a powerful AI model named Mythos, which demonstrates an unprecedented ability to autonomously execute complex cyberattacks and discover critical system vulnerabilities in minutes. Fearing the model could transform novice hackers into elite operatives, the company chose to restrict its public release, instead providing access to select government agencies and financial institutions for defensive testing.
Upgrading Scams With QR Codes
This edition outlines a diverse range of modern digital threats, emphasizing the rise of QR code phishing and AI-driven fraud. It highlights critical geopolitical tensions, specifically noting increased cyber espionage from Iranian hackers targeting vital infrastructure. Look out for significant institutional shifts, such as proposed budget cuts for CISA and a growing skills gap within the cybersecurity workforce. Stay safe, cultivate proactive defense strategies against deep fakes and impersonation scams.
Attacks from all over
The latest Hexagon Weekly report highlights a significant surge in global cyber threats, specifically emphasizing aggressive digital offensives launched by Iranian-linked actors against American and Israeli targets. Beyond state-sponsored attacks, the source details diverse security risks including supply chain compromises originating from North Korea and the exploitation of connected vehicle technologies. The text serves as an urgent call for increased vigilance, advising users to adopt zero-trust protocols and remain wary of downloading suspicious software or mobile applications. Additionally, the overview addresses institutional challenges, such as the cybersecurity skills gap and critical vulnerabilities found within major cloud infrastructures. Ultimately, the collection of headlines illustrates a rapidly evolving threat landscape where artificial intelligence and sophisticated malware necessitate more robust defensive measures.