Why You Should Never Click ‘Reset Password’ in Your Inbox (and What to Do Instead)

A password reset email can look legitimate, but you need to be vigilant. Here’s how to stay safe.

I tested NordVPN's free scam checker against a real threat in my inbox - here's how it did

Can an AI tool successfully detect not just standard scams, but those created with the same technology? I put NordVPN's new offering to the test with advanced recruitment scams filling my inbox.
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

Nordstrom's email system abused to send crypto scams to customers

Customers of upscale department store chain Nordstrom received fraudulent messages from a legitimate company email address that promoted cryptocurrency scams disguised as a St. Patrick's Day promotion ...
Microsoft

When tax season becomes cyberattack season: Phishing and malware campaigns using tax-related lures

During tax season, threat actors reliably take advantage of the urgency and familiarity of time-sensitive emails, including ...
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.
CNET

Easily Manage Your Unwanted Subscriptions With This Gmail Feature

Blake has over a decade of experience writing for the web, with a focus on mobile phones, where he covered the smartphone boom of the 2010s and the broader tech scene. When he's not in front of a ...
PCMag on MSN

No, the Aura Data Breach Did Not Expose Your SSN or Password. Here's What Happened

Notorious hacking group ShinyHunters says it's behind the compromise. Aura says only marketing lists were breached, not the main identity theft protection application.