IT News Roundup: Ransomware Hits Foxconn, AI Safety Concerns, and Major Data Breaches - May 28, 2026

May 2026 has proven to be a pivotal month for IT professionals and cybersecurity practitioners. From massive ransomware operations targeting global supply chains to alarming weaknesses in AI safety systems, the news cycle has been dominated by threats and breakthroughs that reshape the digital landscape. This roundup covers the most significant developments in cybersecurity, AI infrastructure, data protection, and hardware.

Foxconn Ransomware Breach: Nitrogen Gang Claims 11 Million Stolen Files

The Foxconn ransomware breach has dominated cybersecurity headlines this week. The Nitrogen extortion gang claimed to have stolen approximately 11 million files from the electronics manufacturing giant, one of the world's largest contract manufacturers for Apple, Microsoft, and other major tech companies.

The breach reportedly impacted Foxconn's major tech partners and exposed sensitive engineering documents, underscoring the persistent and evolving threat to global technology supply chains. For IT professionals managing enterprise infrastructure, the incident highlights the cascading risk that a single compromise at a major supplier can create across the entire technology ecosystem.

Security experts recommend that organizations audit their supply chain risk management practices, ensure robust incident response plans are in place, and maintain offline backups of critical systems. The incident serves as a stark reminder that ransomware targeting high-value industrial and manufacturing targets is becoming increasingly common.

Source: eSecurity Planet

AI Guardrails Stripped from Meta and Google Models in Minutes

Researchers and independent testers have demonstrated that safety guardrails on both Meta and Google AI models can be removed in a matter of minutes, enabling the systems to generate responses to prompts involving biological weapons, malware creation, and other harmful content. The experiments involved modified systems that bypassed built-in safety protections, raising serious concerns about the robustness of alignment measures in widely available frontier models.

The findings come as open-weight and accessible AI systems proliferate, making it easier for malicious actors to repurpose them for harmful ends. Both companies have invested heavily in AI alignment and content moderation, yet the speed of circumvention highlights ongoing challenges in securing generative AI systems against adversarial manipulation.

For organizations deploying AI systems, the results underscore the importance of defense-in-depth strategies. Relying solely on model-level safety measures is insufficient; additional layers of input filtering, output validation, and runtime monitoring are essential. Regulators and security experts are watching closely as these vulnerabilities could amplify real-world risks from misinformation to cyber threats.

Source: Tech Startups citing Financial Times

7-Eleven Data Breach Exposes 183,000 People's Personal Information

7-Eleven, the global convenience store chain, confirmed a data breach affecting more than 183,000 people after the ShinyHunters extortion gang allegedly stole personal information from the company's systems in April. The incident was reported through Have I Been Pwned and adds another major consumer-facing brand to the growing list of organizations hit by data theft and extortion campaigns.

The ShinyHunters group has been particularly active in 2026, targeting large brands with broad customer footprints. Even smaller datasets from retail operations can create significant reputational damage, legal exposure, and downstream fraud risk for affected consumers.

For IT professionals, the breach reinforces that cyber risk is now a board-level issue. Organizations should implement robust data protection measures including encryption at rest and in transit, regular security audits, and incident response testing. Consumer data breaches continue to demonstrate how cyberattacks quickly become business, legal, and trust crises.

Source: Tech Startups citing Have I Been Pwned

CISA Orders Federal Agencies to Patch Actively Exploited Drupal Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive ordering all federal agencies to patch an actively exploited SQL injection vulnerability in the Drupal content management system. The alert provides agencies with a tight patching window, signaling that attackers are already moving against exposed systems in the wild.

Drupal powers websites for governments, universities, media organizations, and enterprises worldwide. The vulnerability's active exploitation makes this a critical priority for any IT team managing Drupal installations. Organizations should immediately verify their Drupal version, apply the available security patch, and scan for signs of compromise.

The broader significance extends beyond government systems. Widely used open-source platforms remain a major attack surface across the entire technology sector. For homelabbers and self-hosting enthusiasts running Drupal or similar CMS platforms, security maintenance is no longer optional infrastructure hygiene — it is core operational risk management. Unpatched systems can quickly become high-value targets for automated exploit scanners.

Source: Tech Startups citing CISA

Over One Million Baby Monitors and Cameras Exposed Through IoT Vulnerabilities

A sweeping security audit has found that over one million baby monitors and IP cameras were left exposed through vulnerabilities affecting more than 300 brands. The flaws allow unauthorized access to live video feeds and captured images, putting the privacy and safety of families at risk.

The investigation revealed that many devices shipped with default credentials, unpatched firmware, or insecure network configurations that could be exploited remotely. Security researchers emphasized that the problem spans budget and premium brands alike, indicating a systemic issue in the IoT manufacturing pipeline.

Users are urged to update device firmware immediately, enable multi-factor authentication where available, change default passwords, and consider placing IoT devices on isolated network segments. For IT professionals, the findings highlight the growing attack surface created by consumer IoT devices and the importance of network segmentation and zero-trust principles even in home environments.

Source: eSecurity Planet

OpenAI Reports Nearly Billion in First-Quarter Revenue

OpenAI generated approximately .7 billion in revenue during the first quarter of 2026, boosted by strong demand for its Codex developer tools, enterprise sales, and early advertising tests integrated into ChatGPT. The figure reportedly placed OpenAI ahead of Anthropic for the same period, according to reporting from The Information.

The numbers demonstrate how rapidly AI revenue has moved from experimental budgets to mainstream enterprise spending. However, the financial picture is nuanced — AI companies are pulling in enormous revenue while simultaneously spending heavily on compute infrastructure, talent acquisition, and model development. The industry's winners will ultimately be those that can convert usage volume into durable profit margins.

For IT professionals and homelab enthusiasts, the revenue figures signal that AI tooling is becoming a core business infrastructure investment rather than a discretionary technology experiment. Organizations evaluating AI adoption should factor in total cost of ownership, including compute costs, API pricing, and the potential for on-premise or hybrid deployments.

Source: Tech Startups citing The Information

AMD Begins Production Ramp of 256-Core EPYC Venice Chip for AI and HPC

AMD has begun ramping production of its 6th-generation EPYC Venice processor, built on TSMC's 2nm manufacturing process. The chip is designed for high-performance computing and AI workloads, featuring up to 256 Zen 6 cores and delivering major performance gains over current EPYC systems.

This represents a significant server-chip milestone. While AI infrastructure is often framed primarily as a GPU story, CPUs still play a critical role in data center orchestration, memory bandwidth management, networking, and mixed workloads. The Venice processor strengthens AMD's position as cloud providers and enterprises build denser AI and HPC environments.

For homelabbers and self-hosting enthusiasts, the EPYC Venice platform signals that next-generation server hardware will become increasingly accessible as the production ramp matures. The combination of high core counts and improved per-core performance makes these processors attractive for local AI inference, virtualization hosts, and high-density container deployments.

Source: Tech Startups

This roundup covers major IT and technology news from May 26–28, 2026. Sources include eSecurity Planet, Tech Startups, Financial Times, CISA, The Information, and Have I Been Pwned. For ongoing coverage, visit portal.hosting.filipcloud.space.