LastPass reports an active phishing campaign using fake maintenance emails and spoofed domains to trick users into revealing their master passwords.

The Tidyverse Blog offers insights, tutorials, and updates on the Tidyverse, a collection of R packages for data science and statistical computing. Covering topics such as data manipulation, visualization, and analysis, the blog provides resources for R developers looking to leverage the power of the Tidyverse for their data projects. Developers can learn how to use Tidyverse packages effectively to clean, transform, and analyze data in R.

The Hacker News

LastPass has issued a warning about an active phishing campaign that started around January 19, 2026. Attackers are sending fake maintenance emails with urgent subject lines, claiming users need to create vault backups within 24 hours. The emails redirect victims to spoofed domains designed to steal master passwords. LastPass emphasizes it never asks for master passwords and is working to take down the malicious infrastructure. The campaign uses urgency as a key tactic, with emails originating from suspicious addresses like support@sr22vegas.com and support@lastpass.server8.

LastPass Warns of Fake Maintenance Messages Targeting Users' Master Passwords