AI is Supercharging Cyber Threats: Your HX Weekly Recap
Welcome to your weekend update! If there is one overarching theme from our 117th edition of HX Weekly, it is this: Artificial Intelligence is fundamentally changing the threat landscape. Cyber threats are becoming increasingly sophisticated, fueled by new AI capabilities. But while the bad actors are upgrading their toolkits, we are here to ensure your defenses stay just as sharp. Here is a breakdown of what you need to know this week.
The AI Arms Race
The intersection of AI and cybersecurity is dominating the headlines. In the wake of Anthropic’s new “Mythos” model—which the US Treasury is already seeking access to—OpenAI has pivoted with a new cybersecurity model and strategy of its own.
What you should do: We highly recommend reading the open letter to business leaders regarding AI cyber threats. Staying informed is your first line of defense.
Critical Threats & Scams to Watch
Threat actors are getting creative with how they reach targets. Here are the biggest alerts this week:
- Malware via Social Media: The Mirax Android RAT has reached over 220,000 devices by weaponizing Meta Ads to turn phones into SOCKS5 proxies.
- Costly Fakes: A highly convincing fake Ledger app slipped into the Apple App Store, draining a staggering $9.5 million in crypto before being caught.
- Extortion & Supply Chain: The recent hack at Anodot has left over a dozen breached companies facing extortion. Meanwhile, the fallout from the Axios hack means you need to update your OpenAI Mac apps immediately.
- Adware & Phishing: A signed adware operation successfully disabled antivirus software across 23,000 hosts, and n8n webhooks have been abused since last October to deliver malware via phishing emails.
Privacy Pushbacks
It’s not just hackers you need to watch out for. New research reveals that Big Tech is routinely failing to honor user requests to opt out of tracking. On a slightly more positive note for your privacy, the FCC is proposing a new rule to further crack down on illegal robocalls, and Google Search is actively classifying frustrating “back button hijacking” as spam.
Inside Hexagon: Master Your OPSEC
This week, we are turning our focus inward to OPSEC (Operations Security). What is OPSEC, and why does it matter to your daily life?
We are breaking it all down over on our YouTube channel. Our visual guides and public service announcements are designed to be clean, clear, and easy to understand—giving you practical steps to lock down your digital life without the technical jargon. Check out our latest video; it just might change your life.
We want your feedback! As we curated this week’s news, we realized we want to make HX Weekly even easier to skim and absorb. How can we improve this newsletter so you get the most out of it every week? Let us know!
Stay safe, stay vigilant, and have a great weekend.
— The Hexagon Center Team