HX Weekly by Hexagon Center
Posts
Is it even a question to pay or not to pay?

Is it even a question to pay or not to pay?

HX Weekly warns against paying ransomware demands, citing the recent Canvas breach as evidence of cybercriminals’ inability to delete stolen data. Proactive backups and strict digital hygiene are the only true defenses. This week’s news focuses on the intersection of AI and cybersecurity, with global leaders pushing for regulation as AI hallucinations create vulnerabilities, fake OpenAI repositories distribute malware, and Google thwarts an AI-developed zero-day exploit. The threat landscape escalates, with threat actors breaching corporate networks via Microsoft Teams and shifting focus to physical infrastructure disruption. To help navigate these threats and the spread of MDM, the Hexagon Center concludes its 7,7 campaign and launches a new rotating video series on May 25th on practical digital detox and cyber hygiene strategies.

Daniel Masterson, Ai Courtrie Buson & Bard Gee
May 15, 2026

HX Weekly
^{by Hexagon Center}

^{for the week of May 10, 2026, 121st edition}

Subscribe at hexagoncenter.org

☝️ TWA

To pay or not to pay

Photo by Jp Valery on Unsplash

Is that the question? Not really. No matter how you cut it, once you are hacked, there’s really no reason to pay the ransom. Whether it’s a home computer or an institution-wide system breach, the attacker has gained access.

🤷‍♀️ What now?: Remember, paying ransom is only helping its criminal cause. NEVER PAY RANSOM. Prevention is the only solution in cyber breaches.

Tools:

Meanwhile … US: FCC Relaxes Foreign-Made Router Ban to Allow for Security Updates

WATCH OUT ◉_◉ Time for government, business leaders to figure out AI cybersecurity regulation

MUST READ: How AI Hallucinations Are Creating Real Security Risks

Echos: Google spotted an AI-developed zero-day before attackers could use it

📰 Security Highlights

In other news, Zara Data Breach Impacts Nearly 200,000 Customers

GOOD READ: G7 Countries Release AI SBOM Guidance

about this edition and Inside Hexagon

AI regulation was all over this week. That’s a good sign. Now we just have to see how far it goes.

Nobody believes the 'criminals and scumbags' who hacked Canvas really deleted stolen student data

Meanwhile, tell everyone to not pay random, you’re only allowing more hacks to happen and your system will never really be the same again anyway. Always back up and practice good cyber hygiene.

Inside Hexagon

The 7,7 campaign will end on May 23rd but new videos will start to be published again every 7 hours on May 25th, with a break every Sunday. This will make the publishing times differ from week to week. Please share! It’ll greatly help with Hexagon Center’s mission to protect every from cyber attacks and MDM.

HOUSEKEEPING

Glossary/Legend:

Zero Trust - a strategic cybersecurity framework based on the principle of "never trust, always verify," requiring strict identity authentication and authorization for every user and device, whether inside or outside the network perimeter. It assumes breach, removes implicit trust, and employs granular, least-privilege access controls to protect resources.
Holistic security - a comprehensive strategy that integrates various protection layers—physical, digital, psycho-social, and organizational—to safeguard individuals, communities, or systems, recognizing that true security involves overall well-being, not just isolated technical defenses.

Personal Identifier - A unique word or phrase shared exclusively with an individual or a group, serving as a means of identification and affirmation within the established relationship. It is recommended that 2 or more Personal Identifiers be established per person.
Malware (short for malicious software) - refers to any intrusive software developed by cybercriminals (often called hackers) to steal data and damage or destroy computers and computer systems.
Ransomware - A type of malware that locks or encrypts a victim's files and demands a ransom payment to unlock and decrypt them. Ransomware can infect a variety of devices, including computers, smartphones, printers, and more.

Privacy Notice: HX Weekly and the Hexagon Center are committed to your digital security. We do not collect, track, or store any personal information from our subscribers beyond the email address provided for delivery.

Spread cybersecurity culture

Do you have any suggestions on how we can further share this newsletter? Tell your friends and family about us by sharing with them the Hexagon Center official website:

hexagoncenter.org

View archives at hxweekly.beehiiv.com

Even though we aim to provide you the most current and critical information to keep you safe, threat actors work 24/7 and this newsletter publishes only once a week. Even though we are available via a hotline, it is crucial that you stay up to date via other sources as well to be informed on how you may be at risk.

You may reply to this newsletter or email us at
[email protected]

Send us any questions or things you want to talk about. Please share some fun facts with us. We welcome feedback and suggestions.

_{Hexagon Center is formed as a nonprofit corporation in California for public benefit,}
_{and is tax-exempt under section 501(c)(3) of the Internal Revenue Code.}

_DISCLAIMER

_{Cybersecurity is an ever-changing field, and threats may evolve. While Hexagon Center strives to provide accurate and timely information, we cannot guarantee absolute security. Users are responsible for implementing their security measures and staying informed about the latest cybersecurity developments. Hexagon Center is}_not_{responsible for any cyber or scam attacks by our readers. HX Weekly tips are advice are not official positions of Hexagon Center nor is Hexagon Center responsible for its content.}

Content of this newsletter is not an official representation of Hexagon Center.

_{SEE MORE DISCLAIMER HERE}

Reply

or to participate.