memoment editorial

NEWYou can now listen to Fox News articles!
Phishing scams target every kind of institution, whether it’s a hospital, a big tech firm or even a fast-food chain. Educational institutions aren’t an exception, especially in 2025, when attackers are actively directing their efforts toward them. Universities across the U.S. are facing a new type of cybercrime where attackers are targeting staff to hijack salary payments. Researchers have discovered that since March 2025, a hacking group known as Storm-2657 has been running “pirate payroll” attacks, using phishing tactics to gain access to payroll accounts. Let’s talk more about this attack and how you can stay safe.Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM. newsletter.SCAMMERS NOW IMPERSONATE COWORKERS, STEAL EMAIL THREADS IN CONVINCING PHISHING ATTACKSHow does the university payroll scam workAccording to Microsoft Threat Intelligence, Storm-2657 primarily targets Workday, a widely used human resources platform, though other payroll and HR software could be at risk as well. The attackers begin with highly convincing phishing emails, carefully crafted to appeal to individual staff members. Some messages warn of a sudden campus illness outbreak, creating a sense of urgency, while others claim that a faculty member is under investigation, prompting recipients to check documents immediately. In some cases, emails impersonate the university president or HR department, sharing “important” updates about compensation and benefits. Phishing scams are evolving fast and now universities have become prime targets for payroll theft. (Kurt “CyberGuy” Knutsson)These emails contain links designed to capture login credentials and multi-factor authentication (MFA) codes in real time using adversary-in-the-middle techniques. Once a staff member enters their information, the attackers can access the account as if they were the legitimate user. After gaining control, the hackers set up inbox rules to delete Workday notifications, so the victims do not see alerts about changes. This stealthy approach allows the attackers to modify payroll profiles, adjust salary payment settings and redirect funds to accounts they control, all without raising immediate suspicion.COLUMBIA UNIVERSITY DATA BREACH HITS 870,000 PEOPLEHackers are exploiting universities at scaleThe hackers don’t stop at a single account. Once they control one mailbox, they use it to spread the attack further. Microsoft reports that from just 11 compromised accounts at three universities, Storm-2657 sent phishing emails to nearly 6,000 email addresses at 25 institutions. By using trusted internal accounts, their emails appear more legitimate, increasing the likelihood that recipients will fall for the scam.To maintain access over time, the attackers sometimes enroll their own phone numbers as MFA devices, either through Workday profiles or through Duo MFA. This gives them persistent access, allowing them to approve further malicious actions without needing to phish again. Combined with inbox rules that hide notifications, this strategy lets them operate undetected for longer periods.Microsoft emphasizes that these attacks don’t exploit a flaw in Workday itself. Instead, they rely on social engineering, the absence of strong phishing-resistant MFA and careful manipulation of internal systems. In essence, the threat comes from human behavior and insufficient protection, not software bugs. Hackers lure staff with convincing emails that mimic campus alerts or HR updates and steal login details in real time.  (Microsoft)6 ways to stay safe from payroll and phishing scamsProtecting yourself from payroll and phishing scams isn’t complicated. By taking a few careful steps, you can make it much harder for attackers to gain access to your accounts or personal information.1) Limit what personal information is onlineThe more information scammers can find about you, the easier it is to craft convincing phishing messages. Services that remove or monitor personal data online can reduce exposure, making it harder for attackers to trick you with targeted emails.While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.Get a free scan to find out if your personal information is already out on the web: Cyberguy.com2) Think before you clickScammers often send emails that look like they come from your HR department or university leadership, warning about payroll, benefits or urgent issues. Don’t click links or download attachments unless you are 100% sure they are legitimate. Even small mistakes can give attackers access to your accounts.The best way to safeguard yourself from malicious links is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com. Researchers have discovered that since March 2025, a hacking group known as Storm-2657 has been running “pirate payroll” attacks, using phishing tactics to gain access to payroll accounts. (Javi Sanz/Getty Images)3) Verify directly with the sourceIf an email mentions salary changes or requires action, call or email the HR office or the person directly using contact information you already know. Phishing emails are designed to create panic and rush decisions, so taking a moment to verify can stop attackers in their tracks.4) Use strong, unique passwordsNever reuse passwords across multiple accounts. Scammers often try to use credentials stolen from other breaches. A password manager can help you generate strong passwords and store them securely, so you don’t have to remember dozens of different combinations.Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.Check out the best expert-reviewed password managers of 2025 at Cyberguy.com.5) Enable two-factor authentication (2FA)Add an extra layer of security by enabling 2FA on all accounts that support it. This means even if someone steals your password, they still can’t log in without a second verification step, such as a code sent to your phone.6) Regularly check financial and payroll accountsEven if you follow all precautions, it’s smart to monitor your accounts for any unusual activity. Catching unauthorized transactions quickly can prevent bigger losses and alert you to potential scams before they escalate.CLICK HERE TO DOWNLOAD THE FOX NEWS APP Hackers will reroute payments after gaining access to users’ login information. (Kurt “CyberGuy” Knutsson)Kurt’s key takeawayThe Storm-2657 attacks show that cybercriminals are targeting trust, not software. Universities are appealing because payroll systems handle money directly, and staff can be manipulated through well-crafted phishing. The scale and sophistication of these attacks highlight how vulnerable even well-established institutions can be to financially motivated threat actors.How often do you check your payroll or bank accounts for unusual activity? Let us know by writing to us at Cyberguy.com.Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM. newsletter.   Copyright 2025 CyberGuy.com.  All rights reserved.

For millennia, some of the world’s largest filter-feeding whales, including humpbacks, fin whales, and blue whales, have undertaken some of the longest migrations on earth to travel between their warm breeding grounds in the tropics to nutrient-rich feeding destinations in the poles each year.
“Nature has finely tuned these journeys, guided by memory and environmental cues that tell whales when to move and where to go,” said Trisha Atwood, an ecologist and associate professor at Utah State University’s Quinney College of Agriculture and Natural Resources. But, she said, climate change is “scrambling these signals,” forcing the marine mammals to veer off course. And they’re not alone.
Earlier this year, Atwood joined more than 70 other scientists to discuss the global impacts of climate change on migratory species in a workshop convened by the United Nations Convention on the Conservation of Migratory Species of Wild Animals. The organization monitors and protects more than 1,000 species that cross borders in search of food, mates, and favorable conditions to nurture their offspring.
More than 20 percent of these species are on the brink of extinction. It was the first time the convention had gathered for such a purpose, and their findings, published this month in a report, were alarming.
“Almost no migratory species is untouched by climate change,” Atwood said in an email to Inside Climate News.
From whales and dolphins, to arctic shorebirds and elephants, all are affected by rising temperatures, extreme weather, and shifting ecosystems, which are disrupting migratory routes and reshaping critical habitats across the planet.
Asian elephants, for instance, are being driven to higher ground and closer to human settlements as they search for food and water amidst intensifying droughts, fueling more frequent human-elephant conflicts, the report found. Shorebirds are reaching their Arctic breeding grounds out of sync with the insect blooms their chicks depend on to survive.
The seagrass meadows that migrating sea turtles and dugongs feed on are disappearing due to warmer waters, cyclones, and sea level rise, according to the report. To date, around 30 percent of the world’s known seagrass beds have been lost, threatening not only the animals that depend on them, but also humans. These vital ecosystems store around 20 percent of the world’s oceanic carbon, in addition to supporting fisheries and protecting coastlines.

This brings us to the technique being used here. In this case, the researchers placed the antibody genes in a circular loop of DNA called a plasmid. This is enough to ensure that the DNA doesn’t get digested immediately and to get the antibody genes made into proteins. But it does nothing to help get the DNA inside of cells.
The research team, a mixture of people from a biotech company and academic labs, used a commercial injection setup that mixes the injection of the DNA with short pulses of electricity. The electricity disrupts the cell membrane, allowing the plasmid DNA to make it inside cells. Based on animal testing, doing this in muscle cells is enough to turn the muscles into factories producing lots of broadly neutralizing antibodies.
The new study was meant to test the safety of doing that in humans. The team recruited 44 participants, testing various doses of two antibody-producing plasmids and injection schedules. All but four of the subjects completed the study; three of those who dropped out had all been testing a routine with the electric pulses happening very quickly, which turned out to be unpleasant. Fortunately, it didn’t seem to make any difference to the production of antibodies.
While there were a lot of adverse reactions, most of these were associated with the injection itself: muscle pain at the site, a scab forming afterward, and a reddening of the skin. The worst problem appeared to be a single case of moderate muscle pain that persisted for a couple of days.
In all but one volunteer, the injection resulted in stable production of the two antibodies for at least 72 weeks following the injection; the single exception only made one of the two. That’s “at least” 72 weeks because that’s when they stopped testing—there was no indication that levels were dropping at this point. Injecting more DNA led to more variability in the amount of antibody produced, but that amount quickly maxed out. More total injections also boosted the level of antibody production. But even the minimal procedure—two injections of the lowest concentration tested—resulted in significant and stable antibodies.

NEWYou can now listen to Fox News articles!
Astronomers have reportedly discovered a skyscraper-sized asteroid moving through our solar system at a near record-breaking pace.The asteroid, named 2025 SC79, circles the sun once every 128 days, making it the second-fastest known asteroid orbiting in the solar system.It was first observed by Carnegie Science astronomer Scott S. Sheppard Sept. 27, according to a statement from Carnegie Science.UFO MANIA GRIPS SMALL TOWN AFTER MYSTERIOUS GLOWING OBJECT SIGHTING GOES VIRAL A skyscraper-size asteroid, named 2025 SC79, was discovered in September, hidden in the sun’s glare. (Carnegie Science)The asteroid is the second known object with an orbit inside Venus, the statement said. It crosses Mercury’s orbit during its 128-day trip around the sun.”Many of the solar system’s asteroids inhabit one of two belts of space rocks, but perturbations can send objects careening into closer orbits where they can be more challenging to spot,” Sheppard said. “Understanding how they arrived at these locations can help us protect our planet and also help us learn more about solar system history.”The celestial body is now traveling behind the sun and will be invisible to telescopes for several months.HARVARD PHYSICIST SAYS MYSTERIOUS INTERSTELLAR OBJECT COULD BE NUCLEAR-POWERED SPACESHIPSheppard’s search for so-called “twilight” asteroids helps identify objects that could pose a risk of crashing into Earth, the statement said.The work, which is partially funded by NASA, uses the Dark Energy Camera on the National Science Foundation’s Blanco 4-meter telescope to look for “planet killer” asteroids in the glare of the sun that could pose a danger to Earth.The NSF’s Gemini telescope and Carnegie Science’s Magellan telescopes were used to confirm the sighting of 2025 SC79, Carnegie Science said. The fastest known asteroid was also discovered by Sheppard, who studies solar system objects including moons, dwarf planets and asteroids. and his colleagues in 2021.CLICK HERE TO GET THE FOX NEWS APPThat one takes 133 days to orbit the sun.