Nov 27, 2025

I just heard about a major ransomware attack that disrupted emergency alert systems across the United States, causing widespread interruptions in critical public safety communications. This is extremely concerning because these systems are essential for delivering urgent information during emergencies. The compromise of such infrastructure could have serious consequences for public safety, so organizations relying on these systems need to urgently review and strengthen their cybersecurity defenses and incident response plans to prevent any further disruptions.

In another troubling case, a Russia-aligned threat group known as “RomCom” targeted a U.S.-based civil engineering firm working on projects in Ukraine. They used a malware delivery method called SocGholish, which hijacks legitimate websites to trick users into installing malware through fake update prompts. This attack highlights the growing danger of supply chain and web-based threats, where even normal browsing can lead to full network compromise or ransomware infections. Companies involved in sensitive geopolitical areas must immediately enhance their web filtering, endpoint security, and employee training to reduce this risk.

The FBI also revealed that account takeover fraud has resulted in losses of $262 million so far in 2025. Attackers are employing sophisticated social engineering tactics, impersonating banks and law enforcement to deceive victims into handing over sensitive information. These scams are targeting bank accounts, payroll systems, and health savings accounts, emphasizing the need for the financial sector to implement stronger authentication methods and ramp up user awareness to combat these ongoing threats.

There’s also a newly discovered vulnerability called “HashJack” that affects AI browser assistants by embedding malicious prompts within URLs. This can trick AI tools into leaking user data or executing unauthorized commands without users realizing it. Although some platforms have started addressing this issue, major browsers like Chrome remain vulnerable, posing a significant privacy and security risk for users who rely on AI-driven browsing tools. Browser developers and AI service providers need to act quickly to close this dangerous gap.

Finally, at least three London councils have suffered coordinated cyberattacks targeting their shared IT and communication systems, including phone services. The attacks are severe enough that staff are being warned not to interact with emails or links from neighboring councils to stop the spread. With police investigations ongoing, this incident highlights the persistent cyber threats facing local governments and the urgent need for them to improve cybersecurity measures and incident response capabilities to protect critical public services.

Stay Well!