Instructure, the company behind the popular online learning platform Canvas, has reportedly reached an agreement with a hacking group after a major cyberattack exposed sensitive data from thousands of schools and universities around the world. The cybercriminal group, known as “ShinyHunters,” claimed responsibility for stealing approximately 3.65 terabytes of data connected to schools, teachers, staff, […]
Cybersecurity researchers have discovered a fake AI project online that pretended to be an official OpenAI tool but was actually designed to spread malware. The malicious project appeared on Hugging Face, a popular platform where developers share artificial intelligence models and software tools. The fake project copied the name and description of a legitimate OpenAI […]
Cybersecurity researchers have uncovered a series of sophisticated cyberattacks targeting an Azerbaijani oil and gas company over several months. Experts believe the attacks were carried out by a Chinese-linked hacking group known as “FamousSparrow,” which repeatedly returned to the company’s network even after earlier intrusions were discovered and blocked. According to researchers, the hackers first […]
Cybersecurity researchers have discovered what may be the first real-world cyberattack created with the help of artificial intelligence (AI) to bypass two-factor authentication (2FA). Experts believe hackers used AI tools to identify and build a “zero-day” exploit, which is a hidden software weakness that developers were not yet aware of. The attack targeted a widely […]
Security researchers have discovered a cyberattack campaign where hackers impersonate IT helpdesk staff to trick employees into giving them access to their computers. The attackers begin by flooding a victim’s email inbox with large amounts of spam. This creates confusion and pressure, making the target more likely to believe a follow up message. Shortly after, […]
Security investigators have uncovered a years long phishing campaign that successfully deceived employees at NASA and other U.S. organizations into sharing sensitive technology. The operation involved a Chinese national who posed as a trusted researcher and contacted targets through carefully crafted messages. By impersonating colleagues and collaborators, the attacker convinced victims they were participating in […]
Security researchers have revealed a serious vulnerability affecting cPanel that could allow attackers to bypass authentication and gain access to server control panels. The issue impacts multiple authentication paths and affects all supported versions of cPanel and WebHost Manager. Attackers can exploit this flaw to log in without valid credentials, potentially taking control of hosting […]
Security researchers have identified a campaign involving 73 fake extensions for Visual Studio Code that are being used to distribute malware known as GlassWorm v2. These extensions were uploaded to the Open VSX marketplace and are designed to closely resemble legitimate tools. Many imitate the names, icons, and descriptions of real extensions, making it difficult […]
A powerful new artificial intelligence system developed by Anthropic is beginning to change how the world approaches cybersecurity, and this time the story is not about fear but progress. The model, known as Claude Mythos, has shown an extraordinary ability to identify hidden software vulnerabilities at a scale that was previously impossible. Rather than creating […]
A serious data exposure involving Fiverr has raised alarms after sensitive user files—including tax forms, contracts, IDs, and login credentials—were discovered publicly accessible through Google search results. The issue appears to stem from how files were stored and shared on the platform, rather than a traditional “hack,” but the consequences are just as concerning for […]