Fake OpenAI repository on Hugging Face pushes infostealer malware

A malicious Hugging Face repository that reached the platform's trending list impersonated OpenAI's "Privacy Filter" project ...
Bleeping Computer

Hackers abuse Google ads for GoDaddy ManageWP login phishing

A phishing campaign delivered through Google sponsored search results is targeting credentials for ManageWP, GoDaddy’s ...

Hackers deface school login pages after claiming another Instructure hack

The cybercrime group ShinyHunters claimed to have hacked Instructure again, defacing the login pages of several Instructure ...

ShinyHunters Extorts Universities in New Instructure Canvas Hack

ShinyHunters-linked attackers defaced Canvas portals, disrupting finals week access and exposing SaaS security risks for ...
Security Boulevard

Are Magic Links Secure: A Technical Deep Dive Into Email Based Authentication

Are magic links secure? A security analyst breaks down token entropy, replay protection, expiry, device binding, and email compromise risks for MojoAuth users.

Worried about the nationwide Canvas data breach? Take these 6 steps now

A ransomware group behind the attacks claims to have stolen 275 million records connected to students, teachers, and staff.
CNBC

How to claim your share of the $2.5 billion Amazon Prime settlement — and cancel unwanted subscriptions

There are only a few months left to claim a portion of Amazon's record $2.5 billion class action settlement. In a lawsuit, the Federal Trade Commission (FTC) claimed that the online giant enrolled ...