Election Phishing, Spies on LinkedIn, and AI Hijacks
Welcome to the 124th edition of HX Weekly for the week of May 31, 2026. As we head deeper into the year, the threat landscape is expanding from our personal devices directly into our democratic and national security infrastructure. From massive election-targeted phishing nets to international espionage happening right on your professional networking feeds, here is everything you need to know this week to stay secure.
The 5,000-Domain Election Phishing Net
Threat actors are gearing up for election seasons in a massive way. Interlopers have recently registered over 5,000 deceptive internet domains specifically designed to mimic legitimate election infrastructure. Their goal? To launch sprawling phishing campaigns targeting both everyday voters and critical election systems.
What Now? Extreme vigilance is no longer optional. Question every single link you click, especially those related to voting information or voter registration—even if the URL looks legitimate at first glance.
Espionage in Your InMail
The Five Eyes intelligence alliance has issued a stark warning: Chinese spies are actively using job sites and LinkedIn to recruit insiders. They are on the hunt for state secrets and corporate intel, utilizing fake recruiter profiles to compromise individuals with access to sensitive data.
The Fix: Treat unexpected connection requests and overly flattering job offers from unknown recruiters with heavy skepticism. Verify the human behind the profile.
AI is Being Manipulated (And Tricked)
We are seeing a fascinating, and alarming, trend of AI systems being weaponized or simply sweet-talked into giving up the keys to the castle.
- The “Just Ask” Hack: In a truly bizarre “Good Read,” hackers managed to hijack high-profile Instagram accounts by simply asking Meta AI to give them access. It worked.
- Assistant Hijacking: The Gemini Voice Assistant is currently facing a vulnerability where it can be hijacked directly via messaging notifications.
- Malware via Chatbots: Threat actors are utilizing legitimate ChatGPT share links to host fake outage pages, tricking users into downloading malware.
Silver Linings & Bizarre Tactics
- Android Fights Back: In a much-needed defense upgrade, Android is rolling out a new feature designed to mathematically prove who is calling you, taking a massive swing at the ongoing phone scam epidemic.
- Gaming the System: Security researchers have uncovered a new WordPress malware campaign that is cleverly hiding its malicious payloads inside Steam gaming profiles.
Inside Hexagon: Anniversary Month & The Road Ahead
HX Weekly is evolving. If you caught the new vibes in this week’s edition, it is just a taste of what we are building for the future.
More importantly, we are officially kicking off a full month of anniversary events! We have spent the last three years building resources like the “3 Pillars of Proactive Defense” to keep our communities safe, and we want to celebrate that milestone with you.
We are always looking for volunteers to help us push this mission forward. Head over to hexagoncenter.org to support our work, join the team, and help us build a safer digital world.
Stay vigilant, and have a great weekend!
— The Hexagon Center Team