Last Week’s Quote was: “I do not believe in a fate that will fall on us no matter what we do. I do believe in a fate that will fall on us if we do nothing,” was by Ronald Reagan.  Veronika got it right.  Well done!

This Week’s Quote:  “If you want total security, go to prison. There you’re fed, clothed, given medical care and so on. The only thing lacking… is freedom.”  By ???

THE RULES:  No searching up the answer, must be posted at the bottom of the blog post, in the comments section.

The Prize:  First person to post the correct answer gets their next domain or hosting renewal on us.

Hackers Break Into Government Messaging App and Steal Sensitive Data

On May 5, 2025, a major data breach hit TeleMessage, a modified version of secure messaging apps used by U.S. government officials. The app, built by Israel-based company TeleMessage and owned by Smarsh, was meant to archive messages from apps like Signal and WhatsApp.

Hackers exploited a flaw to steal sensitive data, including chat content, contact info, and internal passwords. Some affected organizations include U.S. Customs and Border Protection, Coinbase, and Scotiabank.

Messages from top officials like former U.S. national security adviser Mike Waltz were not exposed. But the breach revealed a critical weakness. Messages archived through TeleMessage weren’t end-to-end encrypted, making them easier to intercept.
Smarsh quickly suspended TeleMessage and launched a full investigation. “We acted quickly to contain it,” the company said in a statement. All other Smarsh tools remain unaffected.

Coinbase said no customer data was stolen, but it is reviewing the situation closely. The hack raises serious questions about using modified secure apps for sensitive communications.

Read: https://techcrunch.com/2025/05/05/telemessage-a-modified-signal-clone-used-by-us-government-officials-has-been-hacked/

Hackers Are Tricking Recruiters With Fake Resumes and It’s Working

A hacker group known as Venom Spider has been targeting HR staff with a smart phishing scam since at least October 2023. The attackers pretend to be job seekers and send fake résumés. This campaign, revealed by Arctic Wolf Labs on May 2, 2025, is active mainly in the U.S. and aims to install a backdoor on company systems.
The emails look real and often include a link to a “résumé” in a zip file. But once opened, it downloads a file that secretly installs malware known as More_eggs. This malware can steal system data and run harmful code. “The very nature of their job means [HR staff] must regularly open email attachments,” Arctic Wolf explained, making them easy targets.
The scam is designed to avoid detection. Each file is slightly different to confuse security tools. Stefan Hostetler, Arctic Wolf’s senior threat researcher, warns that “the campaign is both successful and continually evolving.” HR teams are urged to get extra training and inspect all attachments carefully.

Read: https://www.darkreading.com/cyber-risk/venom-spider-phishing-scheme

Disney Hacker Used Fake AI App to Steal Over 1TB of Secrets

A California man tricked a Disney employee into downloading a fake AI art app and stole over 1.1 terabytes of company data. On May 6, 2025, the U.S. Attorney’s Office confirmed that 25-year-old Ryan Mitchell Kramer pleaded guilty to the hack, which took place in April 2024.

Kramer posed as a developer and uploaded a fake app on GitHub called ComfyUI_LLMVISION. It looked like a real AI image tool but secretly stole passwords, card data, and files. The stolen data was sent to a Discord server Kramer controlled.

He used names like “OpenAI” and “Anthropic” to hide the malicious code. “It copied sensitive information from machines that installed it,” researchers at VPNMentor said. Kramer later pretended to be a hacktivist and leaked private Disney files, plus personal info from the employee.

Kramer also hacked two other victims using the same app. He now faces federal charges, with his first court appearance expected soon. The FBI is still investigating.

Read: https://arstechnica.com/ai/2025/05/man-pleads-guilty-to-using-malicious-ai-software-to-hack-disney-employee/


Billions of Apple Devices Can Be Hacked Through Wi-Fi and You Might Not Even Know It

On April 29, 2025, cybersecurity firm Oligo revealed 23 dangerous flaws in Apple’s AirPlay tech. These affect iPhones, iPads, Macs, CarPlay, and many third-party devices worldwide. The flaws, called AirBorne, could let hackers break in through Wi-Fi without any clicks or warnings.

Oligo found that hackers could fully take over a device, steal private info, or spy on users. “Many third-party AirPlay devices don’t get timely updates like Apple’s,” warned Karolis Arbaciauskas, a cybersecurity expert at NordPass. The most serious bugs could even spread malware across devices automatically.

Apple has released updates, but many third-party products remain exposed. Some flaws let attackers crash AirPlay and then fake a trusted device, allowing them to record private meetings or hijack a stream. Even cars using CarPlay are at risk.
Experts urge users to update devices immediately, avoid public Wi-Fi, and change weak router passwords. Disabling AirPlay when not in use is also highly recommended.

Read: https://hackread.com/apple-devices-risk-airborne-airplay-vulnerabilities/

Pinterest Users Furious After Sudden Account Bans Leave Them in the Dark

On May 2025, thousands of Pinterest users across Reddit and X began reporting sudden account suspensions. The bans came without warning, leaving many confused and frustrated. Even harmless posts like crafting tips, game content, and old magazine scans were flagged as “adult content.”

The platform offered little clarity. In a vague post on X, Pinterest said it removes content that violates its guidelines to “ensure Pinterest remains a safe and positive platform.” But users say they received no clear explanation or violation notice.

Some believe artificial intelligence is behind the errors. Many flagged items seemed randomly labeled, adding to the suspicion. “Pinterest: Please contact us if we made a mistake. Also Pinterest:” one user joked on X, posting screenshots of contradictory emails.
The appeal process hasn’t helped. Users report long delays and repeated canned replies, blaming high volume. For now, many remain locked out, unsure if their accounts will return—or why they vanished at all.

Read: https://reclaimthenet.org/pinterest-account-suspensions-ai-moderation-backlash

Elsewhere online: