NEWS YOU CAN’T MISS

From Roblox to Ransom: The Scattered Spider Story

In the shadowy world of cybercrime, a new breed of digital outlaw has emerged: Scattered Spider. Forget the hoodie-clad loner stereotype. This crew consists mostly of teens and twenty-somethings from the US and UK, many of whom began in online gaming communities like Roblox and Minecraft.

But don’t let their age fool you. These social engineering prodigies have already breached some of the world’s largest corporations - and the damage is staggering.

• MGM Resorts experienced a 10-day digital meltdown in 2023. Slot machines froze, room keys failed, check-in systems crashed, and losses topped $100 million.

• Caesars Entertainment quietly paid a $15 million ransom after hackers stole 65 million customer records.

• Marks & Spencer suffered a six-week online blackout in 2025, resulting in over $400 million in disruption and losses.

Their secret weapon isn’t advanced code. It’s people. Scattered Spider thrives on phishing emails, fake IT helpdesk calls, and “MFA fatigue” attacks, which bombard users with login prompts until someone clicks "approve." Combined with deep knowledge of cloud platforms and stealthy remote-access tools, their intrusions are swift and effective.

They are part of a wider underground network called “the Com” and often collaborate with ransomware groups like ALPHV/BlackCat to escalate their impact.

The bottom line: Scattered Spider isn’t just another hacking group. They are a wake-up call. Young, highly adaptive, and socially savvy, they prove that human error remains the biggest cybersecurity risk. 😬

⚠️ Stay alert. Educate your teams. Secure your people - not just your tech.

Do You Trust ChatGPT With Your Memories?

Paid ChatGPT users have had a handy feature for a while: memory. It lets the chatbot remember things you’ve told it (what you do, your favorite tone of voice, or that repetitive task you always forget about) so you don’t have to repeat yourself every time.

Starting this month, the feature is also rolling out to free users.

It’s a great way to turn ChatGPT into a smarter digital assistant. If you often ask for email drafts in a certain tone or keep chatting about travel plans, it can pick up on those habits and adapt without needing reminders.

But not everyone is excited. Some users find it unsettling to have an AI that remembers so much about them. What do you think?

ps. I’ve turned the memory feature off for now but if it proves useful for personalized work support and search, I think many people including me will switch it on.

Meet Praniti Lakhwara, CIO at Zscaler

Celebrating this week’s Woman in Tech 🥳: Meet Praniti Lakhwara, Chief Information Officer (CIO) at Zscaler, a global cybersecurity leader that helps thousands of companies protect their data and users in the cloud.

With a $45B market cap, Zscaler processes over 500 billion online transactions every day, stopping cyber threats in real time and enabling secure, hybrid work across the globe.

• She began her career in software consulting after earning a degree in Aeronautical Engineering from Arizona State University.

• At Hari Seldon Group, she developed early healthcare IT platforms—automating core processes long before digital transformation became mainstream.

• In 2001, she joined Align Technology (makers of Invisalign), where she spent over a decade integrating global business systems, launching major products, and supporting the company’s rapid global expansion.

• Her leadership journey continued with executive roles at Guidewire, Nimble Storage, and Conga, where she led cloud-first transitions, optimized enterprise systems, and aligned IT with business growth.

Since 2021, she’s been leading the charge at Zscaler, focusing on secure scalability, innovation, and digital resilience.

Lakhwara’s impact hasn’t gone unnoticed - she’s been named Bay Area CIO of the Year and one of Network World’s 20 Powerful Women Shaping the Networking Industry. 😎

AI Trouble Tracker

Hey, it’s not always good news with AI. You need to know the other side too.

McDonald’s AI hiring tool, run by Paradox.ai, exposed millions of job applicants’ personal data due to weak security, including a password set as “123456.” Two researchers easily got access and found they could see people’s contact info by changing ID numbers. Paradox.ai admitted the issue and has now fixed it.

An AI-generated voice impersonating Secretary of State Marco Rubio was used to contact senior officials (including foreign ministers and a governor) via Signal and text, aiming to gain access to sensitive information. The spoofed messages mimicked Rubio’s voice and writing style, exploiting weak communication practices in government circles.

A growing number of “fake job seekers” are using AI-generated videos and voices to pose as real people in remote interviews, with 17% of US hiring managers reporting encounters. These deepfake applicants aim to land jobs under false identities - sometimes for fraud or unauthorized access to company systems.