Is This the Last World Password Day? Scams, Surging Thefts, and Your Digital Defense
Welcome to your weekend update! In the 120th edition of HX Weekly, we are looking at a threat landscape that spans from vulnerable critical infrastructure to highly personal romance scams. But the most pressing question this week revolves around something we all use every day: Are we witnessing the end of the traditional password?
Here is your quick recap of the most critical cybersecurity news for the week of May 3, 2026, and what you can do to protect yourself.
🔐 The Death of the Password & The Rise of MFA
As we pass World Password Day, we have to ask: are you still relying on just a password to protect your accounts? If an institution hasn’t offered you Two-Factor Authentication (2FA) or Multi-Factor Authentication (MFA), it is time to question their security standards.
Recent research reveals that Microsoft Edge has been loading stored passwords in cleartext, which is just one more reason to adopt an authenticator app immediately.
What Now? Keep an eye out for any accounts where you only use a password to log in, and upgrade them to MFA or use an authenticator app today.
🚨 Major Security Highlights & Scams
Threat actors are getting more creative and their paydays are getting larger. Here is what is on our radar this week:
- Digital Cargo Theft is Skyrocketing: The FBI has warned that cyber-enabled cargo theft is surging, with massive losses hitting $725 million in 2025. This fast-growing trend is heavily targeting global critical infrastructure and supply chains.
- Heartbreak and Empty Wallets: Romance scammers are turning sweet talk into serious cash, securing a staggering £102 million payday.
- Mass Phishing Campaigns: Be on the lookout for fake compliance emails. Microsoft flagged a mass phishing campaign, and another operation has hit over 80 organizations by exploiting SimpleHelp and ScreenConnect tools.
- Platform Vulnerabilities: Telegram Mini Apps are currently being abused for crypto scams and Android malware delivery. Furthermore, a DOD contractor’s API flaw recently exposed military course data and service member records.
In lighter (but concerning) news: Kids are reportedly beating online age verification checks simply by drawing on fake mustaches!
🛡️ Inside Hexagon: Doubling Down on Digital Defense
Given recent global events and rising political tensions, Hexagon Center is taking proactive steps to help prevent online radicalization. We are urging our community to adopt a three-step “Digital Defense”framework:
- Critical Consumption: Treat every piece of inflammatory content with the exact same skepticism you would apply to an unverified, suspicious email attachment.
- Algorithmic Awareness: Learn to recognize when an app’s interface or algorithm is actively “nudging” you toward more extreme viewpoints.
- Human-Centric Security: Prioritize real-world connections and civil discourse. These are your primary safeguards against the digital isolation that often fuels radicalization.
New Content Alert:
We are proud to roll out our new video series, “More You,” designed to help you spend your time wisely. Next week, keep an eye out for four specific, fun tutorial videos on how to control your consumption on YouTube, TikTok, Instagram, and Facebook.
Stay vigilant, stay connected in the real world, and have a safe weekend!
— The Hexagon Center Team