4. Cellcom Cyberattack Causes Service Outage

Wisconsin’s Cellcom confirmed a cyberattack caused widespread voice and SMS outages starting May 14th. The CEO stated protocols were followed, experts engaged and no personal data was compromised. Users experienced significant service disruptions while Cellcom began partial service restoration on May 19th. Cellcom estimates full service restoration by this week’s end and advises users on recovery steps.

5. UK Peter Green Chilled Hit By Ransomware

U.K. refrigerated goods supplier Peter Green Chilled suffered a ransomware attack disrupting supermarket supplies. The attack impacted IT order systems with customers warned of potential product spoilage. This incident follows other British retail sector attacks renewing calls for tougher government ransomware action. While U.K. ransomware attacks rise experts suggest hacking back gangs amid concerns of underreporting.

6. Ohio Kettering Health Faces Cyberattack

Ohio’s Kettering Health network suffered a cyberattack Tuesday causing a system wide outage and procedure cancellations. The CEO confirmed the attack stating no personal data was compromised but warned of scam calls. The Interlock ransomware gang is likely responsible for this attack which hit critical patient care systems. While emergency services are open Kettering Health is working to restore full operations by weekend.

7. New Dutch Law Targets Wider Cyber Espionage

The Dutch government passed a new law criminalizing broader espionage including digital forms with harsher penalties. This law effective May 15 extends beyond state secrets to acts harming Dutch interests for foreign powers. It specifically targets modern threats like digital diaspora economic espionage and political manipulation. This legislative update aims to bolster Dutch national security against rising foreign cyber threats.

8. NIST CISA New Metric Predicts Exploit Risk

NIST and CISA researchers developed a new security metric called Likely Exploited Vulnerabilities (LEV) to predict vulnerability exploitation. This metric augments EPSS and CISA’s KEV catalog addressing their known inaccuracies and comprehensiveness issues. LEV identified hundreds of vulnerabilities with high exploitation probability, many not on KEV lists. While KEV lists known exploits, LEV helps compute future risks and researchers seek industry partners.

9. Teen Hacker Admits PowerSchool Cyberattack

A 19-year-old student from Worcester, Massachusetts, pleaded guilty to a major cyberattack. The attack targeted PowerSchool, compromising data of over 70 million students and teachers. Lane accessed PowerSchool using credentials stolen from a telecom contractor in 2022. After demanding millions in ransom, he also tried extorting individual school districts.

Be cautious with push notifications and suspicious links.

A threat actor named Hazy Hawk is hijacking abandoned cloud services and using trusted domains to host fake ads, scams, and malware. These attacks make scam websites look legitimate by using known names.

✅ What you should do

• Never allow push notifications from websites you do not fully trust. Always click “Block” if a site prompts you unexpectedly.
• Avoid clicking on links in shady ads, pop-ups, or offers for pirated software, even if they appear to come from well-known sources.
• Use a trusted browser extension or ad blocker to reduce exposure to malicious advertisements.
• Stay alert when a website redirects you or shows many pop-ups and requests. These are often signs of a scam.

✅ Why this matters

Cybercriminals are taking over abandoned domains to make their fake websites appear trustworthy. One careless click can expose you to malware, fake apps, or endless scam notifications.