On May 21st, we鈥檙e introducing the new, home-grown, 91亚色 Phish Alert button for undergraduate students in Gmail. This button lets you report suspicious or unwanted phishing messages with one quick click. It will replace the previous Cofense Reporter, but the reporting process stays just as simple.

Why We鈥檙e Making This Change

Phishing emails are one of the most common ways attackers try to steal personal information. By moving to a home鈥慻rown reporting tool, we can improve service reliability and capture additional email artifacts, improving our team鈥檚 response capabilities.

How This Benefits You

• Faster protection: Your reports go directly to 91亚色鈥檚 Information Security Team for quick review.
• Stronger security: Better reporting helps us spot and stop phishing campaigns earlier.
• Same simple experience: One click, and you鈥檙e done.

How to Use It

When you see a suspicious email:

1. Open the message.
2. Click the 91亚色 Phish Alert button in your email toolbar.
3. The phishing report will be sent to the Information Security team for further investigation.

Where to Find More Information

If you鈥檇 like to learn more about phishing, how to spot it, or how the new reporting tool works, visit our website here.

The post A New Phish Reporting Solution for Students - 91亚色 Phish Alert appeared first on Information Security.

Canvas remains available and University teaching and learning activities can continue as usual. We will share any changes if Instructure鈥檚 guidance or system status changes.

No action is required at this time, other than remaining alert for phishing or other suspicious messages.

Instructure has posted the following .

91亚色/Schulich is prioritizing assessing this incident and will update this message and share relevant updates and guidance through our usual communications channels as information becomes available.

Canvas is an externally-hosted platform. 91亚色 and Schulich School of Business systems were not affected.

The University is monitoring the incident response and will provide additional information and guidance as more details become available.

91亚色 is committed to protecting privacy and maintaining the trust of our students and community. We are working with Instructure to understand how this happened and what actions Instructure are taking to prevent future incidents.

We encourage all students, faculty, and staff to remain vigilant:

Questions: For questions about this notice or Canvas use at Schulich, please contact canvasincident@schulich.yorku.ca

Beware of Phishing: Cybercriminals often use stolen contact information to send convincing 鈥減hishing鈥� emails. Be wary of any message, even those appearing to come from Schulich, 91亚色, or Canvas that asks you to click a link, provide a password, or share personal details. A reminder: 91亚色 will never ask for your password by email, text, or phone.

Verify Communications: If you receive a suspicious message regarding this incident, do not click any links. Report it directly to infosec@yorku.ca.

The post Canvas by Instructure: Important Notice appeared first on Information Security.

Key details of the phishing email:

Subject: "Winter 2026 Term Commencement 鈥� Important Information"
Date: January 5, 2026
Sender: admin@gpaindustria.onmicrosoft.com

Red Flags to Watch Out For:

Suspicious sender email: The sender's email address is not associated with 91亚色鈥檚 official IT services (email was NOT sent from an @yorku.ca address).
Urgency and financial motivation: The email pressures you to act quickly, using the false promise of disclosing details pertaining to a fake Fall Bonus in exchange for submitting personal information.
Request for personal details: 91亚色 would NEVER ask for passwords, Duo/MFA passcodes, or other sensitive information via email.

What to Do:
Do not respond to this email or provide any personal information.
Do not click any links or open attachments that may be included.
Report the email: If you received this phishing attempt, please report it using the Report Phishing button or forward it to phishing@yorku.ca

The post Phish Alert - Winter 2026 Term Commencement 鈥� Important Information appeared first on Information Security.

Severity level:-

CVSS Score: 10.0 / Critical.

Description:- The vulnerability has been identified in React Server Components (also known as React.js or ReactJS) 鈥淔light鈥� protocol affecting React 19 ecosystems and frameworks that implement it, most notably Next.js. The issue arises from insecure deserialization that allows unauthenticated remote code execution (RCE). When a malicious actor crafts a specific HTTP request, the flaw in React's deserialization process can enable them to execute arbitrary code on an unpatched server.

Affected Versions :-   

• React Server Components versions 19.0, 19.1.0, 19.1.1, and 19.2.0
• Next.js version 14.3.0-canary.77, 15.0.5, 15.1.9, 15.2.6, 15.3.6, 15.4.8, 15.5.7 and 16.0.7

Impact:-

An unauthenticated attacker could craft a malicious HTTP request to any Server Function endpoint that, when deserialized by React, achieves remote code execution on the server. Exploit code is publicly available and exploitation is actively occurring.

Resolution:-

Administrators should upgrade to the latest patched version in their release line.

Reference:-

UIT Information Security

The post Remote Code Execution Vulnerability in React and Next.js Frameworks appeared first on Information Security.

The email described above is聽NOT聽legitimate and was聽NOT聽sent by 91亚色.聽If you clicked on the link and sent an email to utgsu.duo@aol.com, please change your password immediately.聽If you have re-used the compromised password on any other accounts, please change the passwords for those accounts to something complex and unique to each account. Passport 91亚色 passwords can be changed at聽, logging in, clicking on 鈥淧assport YORK鈥� on the left-hand menu and clicking the 鈥淐hange My Password鈥� button on the right.

Red Flags to Watch Out For:

1. Suspicious sender email: The sender's email address is randomly generated and not associated with 91亚色鈥檚 official IT services.
2. Request for personal details: 91亚色 would NEVER ask for passwords, Duo/MFA passcodes, or other sensitive information via email.

What to Do:

• Do not respond to this email or provide any personal information.
• Do not click any links or open attachments that may be included.
• Report the email: If you received this phishing attempt, please report it using the  or forward it to phishing@yorku.ca

The post Phish Alert - 91亚色u Account Verification Needed appeared first on Information Security.

Several waves of phishing emails promoting FAKE jobs leveraging compromised 91亚色 users' accounts have been detected. These emails claim to offer recipients a well-paying remote job with no qualifications and link to a Google form that requests personal information.

The "job" in question will instruct victims to deposit FAKE cheques through personal bank accounts in order to purchase gift cards or do illicit transactions for the scammers. Banks will inevitably flag the FAKE cheques as fraudulent, resulting in the victims incurring the cost of the gift cards, illicit transactions and bank penalties.

The Information Security team has taken action to remove the fraudulent messages. If you receive similar messages, please report it immediately by clicking on the聽Report Phishing button聽or forward it to phishing@yorku.ca.

If you have already responded to this scam:

• Stop all communication with the scammer and notify infosec@yorku.ca;
• If you provided any account names or passwords, change any such passwords immediately;
• Be vigilant about reviewing any email correspondence from coinbase_coordinator@outlook.com;
• If you receive a Duo 2FA request that you do not expect, press NO and report it;
• Report the scam to your local law enforcement;
• Report the incident to the聽

The post Job scam alert - Executive Assistant/Administrative Assistant !!! appeared first on Information Security.

Scammers are using compromised accounts to send phishing emails to the community to verify their account.

Email subject: NOTICE BY ADMIN VERIFY YOUR ACCOUNT!!

Please note that 91亚色 will NEVER request for passwords, Duo passcodes or other personal information via email or Google Form.The Information Security team has taken action to remove the fraudulent messages. If you receive similar messages, please report it immediately by clicking on the聽Report Phishing button聽or forward it to phishing@yorku.ca.

If you have already responded to this scam:

• Stop all communication with the scammer and notify infosec@yorku.ca;
• If you provided any account names or passwords, change any such passwords immediately;
• Be vigilant about reviewing any email correspondence from coinbase_coordinator@outlook.com;
• If you receive a Duo 2FA request that you do not expect, press NO and report it;
• Report the scam to your local law enforcement;
• Report the incident to the聽

The post Phish Alert - Notice by admin verify your account appeared first on Information Security.

A confirmed phishing email with the subject line "Please Verify Your 91亚色u Account" was sent to a number of mailboxes. Clicking on the provided link will redirect users to an external site hosted on google forms.

If you clicked on the link and provided your credentials, please consider your account as compromised. Change your password IMMEDIATELY and notify us by sending an email to askit@yorku.ca.

NEVER聽authorize a 2FA request that you did not initiate.

The post Phish Alert - Please Verify Your 91亚色U Account appeared first on Information Security.

Phishing emails containing a QR code with subject line "Salary Increase, Dividend, Compensation Raise, Insurance Plans and Benefit Package Update" were reported. 

Illustration 1

Illustration 2

The emails are fraudulent and do NOT scan the image.

If you scanned the QR code and provided your credentials,聽this may have allowed hackers to access your account. Change your password immediately and notify us at infosec@yorku.ca

The post Phishing Alert - Salary Increase, Dividend, Compensation Raise, Insurance Plans and Benefit Package Update appeared first on Information Security.

Scammers are using compromised accounts to send emails with fake job posting looking for Personal Assistant. Please note that 91亚色 will NEVER request for passwords, Duo passcodes or other personal information via email or Google Form.

If you texted the requested information to +1 (215) 828-9264, do NOT accept the DUO PUSH, change your PY password immediately and let us know at infosec@yorku.ca

The post Phish Alert: 91亚色 Application Form appeared first on Information Security.