OpenAI is launching Daybreak, an AI initiative focused on detecting and patching vulnerabilities before attackers find them. Daybreak uses the Codex Security AI agent that launched in March to create a threat model based on an organization’s code and focus on possible attack paths, validate likely vulnerabilities, and then automate the detection of the higher risk ones.

Its launch comes just over a month after rival Anthropic announced Claude Mythos, a security-focused AI model it claimed was too dangerous to publicly release and only shared privately as a part of its own initiative, dubbed Project Glasswing. Still, that didn’t stop at least a few unauthorized parties from getting access.

However, OpenAI has so far lacked a similar security product. Like Glasswing, Daybreak isn’t built on just one AI model — OpenAI says “Daybreak brings together the most capable OpenAI models, Codex, and our security partners.”

Daybreak also involves specialized cyber models, including GPT-5.5 with Trusted Access for Cyber and GPT-5.5-Cyber, which began rolling out last week. OpenAI also says it’s working with its “industry and government partners” while it prepares to “deploy increasingly more cyber-capable models.”

Texas Attorney General Ken Paxton has filed a lawsuit against Netflix, accusing the company of turning its back on its promise to remain ad-free and safe for kids. The lawsuit, filed on Monday, claims Netflix has “opened Texans’ data for inspection by the same Big Ad Tech community it once criticized for exploiting users in this same way.”

In the lawsuit, Paxton claims Netflix drove up subscriptions by promoting its platform as an “escape from Big Tech surveillance.” But at the same time, Paxton alleges the streamer “built a behavior-surveillance program” in the background with addictive features, like autoplay, which automatically plays the next episode after one is finished.

“Netflix’s endgame is simple and lucrative: get children and families glued to the screen, harvest their data while they are stuck there, and then monetize the data for a handsome profit,” Paxton’s lawsuit claims, citing the streaming service’s annual revenue, which jumped from $15 billion in 2018 to an estimated $50 billion in 2026.

“Netflix has built a surveillance program designed to illegally collect and profit from Texans’ personal data without their consent, and my office will do everything in our power to stop it,” Paxton says in the press release. “Netflix is not the ad-free and kid-friendly platform it claims to be. Instead, it has misled consumers while exploiting their private data to make billions.”

Paxton accuses Netflix of violating the Texas Deceptive Trade Practices Act, and asks the court to block the streamer’s “unlawful collection and disclosure” of user data, as well as to disable autoplay by default on kids’ profiles. Netflix didn’t immediately respond to a request for comment.

Finals week is stressful enough without your school’s main classroom app suddenly going dark.

That is what many students faced when Canvas, the school platform used by colleges, universities and K-12 schools, went down for several hours. The outage came after Instructure, the company behind Canvas, detected unauthorized activity tied to a cybersecurity incident on the platform.

For students and teachers, this was more than a tech glitch. Canvas is where many schools post assignments, messages, grades, class updates and exam instructions. So when access disappeared, it created confusion at the worst possible time.

Sign up for my FREE CyberGuy Report

• Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
• For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
• Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.

WHY LAST YEAR’S BREACH IS THIS YEAR’S IDENTITY FRAUD

What happened in the Canvas data breach?

Instructure says it detected unauthorized activity in Canvas on April 29, 2026. The company said it immediately revoked the unauthorized party’s access, started an investigation and brought in outside forensic experts.

Then, on May 7, Instructure said it identified additional unauthorized activity tied to the same incident. The company said the unauthorized actor made changes to pages that appeared when some students and teachers were logged in through Canvas.

Out of caution, Instructure temporarily took Canvas offline into maintenance mode to contain the activity, investigate and apply additional safeguards.

How Free-For-Teacher accounts fit into the Canvas breach

Instructure said it later confirmed that the unauthorized actor exploited an issue related to its Free-For-Teacher accounts. The company said this was the same issue that led to the unauthorized access the prior week.

In a statement to CyberGuy, Instructure said, “Instructure discovered the unauthorized actor involved in our ongoing security incident made changes to the pages that appeared when some students and teachers were logged in. Out of an abundance of caution, we immediately took Canvas offline to contain access and further investigate. We have confirmed that the unauthorized actor exploited an issue related to our Free-For-Teacher accounts. As a result, we have made the difficult decision to temporarily shut down our Free-For-Teacher accounts. This gives us the confidence to restore access to Canvas, which is now fully back online and available for use. We regret the inconvenience and concern this may have caused.”

That detail is important because it explains how the company says the attacker gained access. It also shows why Instructure took a more aggressive step after the May 7 activity.

Canvas outage disrupted students during finals

The timing made the outage especially frustrating. Students across the country are preparing for finals or already taking them.

Several schools reported problems with Canvas access. Student newspapers at Harvard, the University of Pennsylvania, Duke, UCLA and the University of Nebraska were reportedly blocked from using Canvas and saw a message from the hacking group ShinyHunters.

Think about how that feels if you are a student. You may need to submit a paper, check exam details or message a professor. Then the system you rely on suddenly stops working.

That is the real-life problem with school tech. When one major platform goes down, the disruption spreads fast.

Hackers claimed responsibility for the Canvas breach

A hacking group called ShinyHunters claimed responsibility for the attack. The group reportedly threatened to leak school data unless it heard from affected schools by May 12, 2026.

The group also claimed it had data tied to nearly 9,000 schools and about 275 million people. Those numbers come from the hackers’ claims. Instructure has not publicly verified that full scale.

That is worth keeping in mind. Cybercriminals often use big numbers to create panic and pressure victims. However, the confirmed incident is serious enough for schools and families to pay attention.

What student and teacher data may be at risk?

Based on Instructure’s investigation so far, the data taken in the April 29 incident includes certain personal information of users at affected organizations. That includes names, email addresses, student ID numbers and messages among Canvas users. Instructure said it has found no evidence that passwords, dates of birth, government identifiers or financial information were involved.

The company also said that, based on its investigation to date, it has not found evidence that data was taken during the May 7 activity. Still, Instructure said the investigation is ongoing.

Even so, this kind of information can still create problems. A scammer could use a student’s school email and Canvas details to send a fake message that looks official.

For example, a student may get an email that says a final exam file failed to upload. Another message may claim the student needs to verify a Canvas account. A fake IT alert could ask for a login code. That is how a data breach can turn into a phishing attack. 

Is Canvas back online after the breach?

Yes. Instructure says Canvas is fully back online and available for use. However, Free-For-Teacher accounts remain temporarily shut down while the company works through the issue.

The company also says its outside forensic partner reviewed the known indicators and found no evidence that the threat actor currently has access to the platform.

Instructure says it has revoked privileged credentials and access tokens tied to affected systems. It also says it deployed additional platform protections, rotated certain internal keys, restricted token creation pathways and added monitoring across its platforms.

Why the Canvas breach matters for families

Many parents may not know how much school life now runs through platforms like Canvas. Students use Canvas to track deadlines, get teacher updates, submit work and read class messages. Teachers use it to manage assignments and communicate with students.

That makes Canvas a tempting target. If criminals can disrupt access or steal user information, they can create chaos quickly. The bigger lesson here is that school accounts deserve the same protection as bank accounts or email accounts. They hold personal details, private messages and information tied to a student’s daily life.

HACKERS THREATEN TO LEAK DATA FROM 275M USERS AFTER BREACHING MAJOR COLLEGE PLATFORM USED NATIONWIDE

Ways to stay safe after the Canvas data breach

Even if passwords and financial details were not part of the breach, students and teachers should still stay alert. Scammers can use names, school emails, student ID numbers and message details to make fake alerts look convincing.

1) Watch for fake Canvas emails

Be careful with any message that claims to come from Canvas, Instructure or your school’s IT department. Scammers may use urgent language. They may say your account will be locked, your exam file is missing, or your final grade is at risk. That pressure is the trick. Go directly to your school’s official website or Canvas login page instead of clicking links in surprise emails.

2 Change your password if your school recommends it

Instructure said it found no evidence that passwords were involved. Even so, follow your school’s instructions. If your school tells you to reset your password, do it right away. Choose a strong password you do not use anywhere else. A password manager can help you create and store unique logins for each account. Check out the best expert-reviewed password managers of 2026 at CyberGuy.com.

3) Turn on multifactor authentication

If your school offers multifactor authentication, turn it on. MFA adds another step when someone tries to log in. That extra step can stop a scammer who has your password. An authenticator app or passkey is stronger than a text code. Still, any MFA is better than leaving your account wide open.

4) Never share login codes

No real school IT worker should ask for your password or login code. If someone asks for that information, treat it as a red flag. End the conversation and contact your school through an official help desk number or website.

5) Review your Canvas messages

Since Canvas messages may have been involved, think about what you shared there. Did you send personal details? Did you mention another account? Did you share private information with a teacher or classmate? You do not need to panic. But you should stay alert for messages that reference details from your Canvas account.

6) Use strong antivirus software

A breach like this can lead to phishing emails with malicious links or attachments. Strong antivirus software can help block malware, warn you about dangerous websites and protect your devices if you accidentally click the wrong link. Keep it updated on your phone, tablet and computer. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at CyberGuy.com.

7) Consider a data removal service

Student and teacher information can end up on people-search sites and data broker databases. A data removal service can help reduce how much personal information is floating around online. That can make it harder for scammers to connect your school email, home address, phone number and other personal details. Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting CyberGuy.com.

8) Use identity theft protection if your data was exposed

If your school confirms that your personal information was involved, identity theft protection can help you spot suspicious activity faster. These services can monitor your personal information, alert you to possible misuse and help you respond if someone tries to use your identity. See my tips and best picks on Best Identity Theft Protection at CyberGuy.com.

9) Parents should talk to students about phishing

Younger students may not recognize a fake school message. Parents should keep the warning simple. Tell students not to click unexpected links, share codes or respond to scary messages without checking first. A quick conversation now can prevent a bigger mess later.

What schools and Canvas users should do next?

Instructure says it notified impacted organizations on May 5, 2026. If a school or institution was affected, Instructure says it will contact that organization’s primary contacts directly.

For students, parents and employees, Instructure says the school or institution should be the first point of contact. It also recommends being cautious of unexpected emails or messages about the incident, avoiding suspicious links and reporting anything unusual to the school’s IT or security team.

Schools should also warn students and staff about follow-up scams. A breach does not end when the platform comes back online. For students and teachers, the risk can continue through fake emails, fake login pages and scam messages.

ADT DATA BREACH EXPOSES CUSTOMER INFORMATION

Kurt’s key takeaways 

The Canvas breach shows how much school now depends on a few digital platforms. When one of them goes down, students feel it right away. The good news is that Instructure says it has found no evidence that passwords, financial data, birthdays or government IDs were involved. The tougher reality is that names, school emails, student IDs and private messages still have value to scammers. So the best move is to stay calm and stay skeptical. Use official school links. Turn on stronger login protection where possible and treat urgent messages with caution.

Should schools and tech companies do more to protect student and teacher data before a breach puts their privacy at risk? Let us know by writing to us at CyberGuy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report

• Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
• For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
• Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.

Copyright 2026 CyberGuy.com. All rights reserved.