Tag: breach
-
Educational tech firm Instructure data breach may have impacted 9,000 schools
Instructure, maker of the Canvas learning platform, is investigating a cyber incident that exposed users’ personal data. Instructure is a U.S.-based educational technology company best known for developing Canvas, one of the world’s most widely used learning management systems (LMS). The U.S. firm confirrmed a cybersecurity incident that exposed users’ personal information. The company is working with external…
-
The N-Day Nightmare: How SHADOW-EARTH-053 Breaches Governments Using >>Old<< Exploits
The post The N-Day Nightmare: How SHADOW-EARTH-053 Breaches Governments Using >>Old<< Exploits appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/shadow-earth-053-china-apt-shadowpad-proxylogon-espionage/
-
DigiCert Hacked in Screensaver-Based Attack to Fraudulently Obtain EV Code Signing Certificates
DigiCert, a major Certificate Authority, recently suffered a significant security breach where hackers used a malicious screensaver file to steal 60 Extended Validation (EV) Code Signing certificates. These highly trusted certificates were subsequently used to sign the >>Zhong Stealer<< malware, allowing the malicious files to bypass security warnings by appearing as legitimate software. The incident…
-
Everest Group Begins Leaking Alleged Liberty Mutual Data
Cybercrime Gang Claims to Have 108-Gbyte Trove of Insurer’s Files, Folders. Ransomware gang Everest Group claims to have stolen more than 108 gigabytes of data- including policyholder details – belonging to insurer Liberty Mutual. The cybercrime group began leaking the company’s alleged data on Monday afternoon, saying the insurer failed to respond to the gang’s…
-
Canvas Breach May Put 275M Users, 9,000 Schools at Risk
Instructure confirms a Canvas breach involving user information and messages as hackers claim 275M users and nearly 9,000 schools were affected. The post Canvas Breach May Put 275M Users, 9,000 Schools at Risk appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-canvas-instructure-breach-275m-users/
-
The AI Vulnerability Storm Is Here. Is Your Security Program Breach Ready?
How a new class of AI-powered attacks is redrawing the rules of cybersecurity, and why the organizations that survive will be those that build for containment, not just prevention. There is a moment in every technological shift when the future stops being theoretical and starts breaking things. For cybersecurity, that moment arrived on April 7,……
-
Trellix discloses data breach after source code repository hack
Cybersecurity firm Trellix disclosed a data breach after attackers gained access to “a portion” of its source code repository. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/trellix-discloses-data-breach-after-source-code-repository-hack/
-
âš¡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More
This week, the shadows moved faster than the patches.While most teams were still triaging last month’s alerts, attackers had already turned control panels into kill switches, kernels into open doors, and open-source pipelines into silent delivery systems.The game has shifted from breach to occupation. They’re living inside SaaS sessions, pushing code with trusted commits, and…
-
ShinyHunters Claims Responsibility for Breach of EdTech Company Instructure
The prolific extortion group ShinyHunters claimed responsibility for the breach of Edtech vendor Instructure’s systems, stealing 3.65 TB of sensitive information, including names, email addresses, and messages of students, teachers, and others. ShinyHunters also reportedly behind an early attack of Instructure in September 2025. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/05/shinyhunters-claims-responsibility-for-breach-of-edtech-company-instructure/
-
They don’t hack, they borrow: How fraudsters target credit unions
Fraudsters aren’t hacking credit unions, they are exploiting normal business processes. Flare reveals how structured loan fraud methods use stolen identities to pass verification and secure funds. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/they-dont-hack-they-borrow-how-fraudsters-target-credit-unions/
-
Thousands of Facebook accounts stolen by phishing emails sent through Google
In an ongoing operation, hackers are hijacking Facebook accounts using Google AppSheet to send phishing emails that pass security checks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/05/thousands-of-facebook-accounts-stolen-by-phishing-emails-sent-through-google/
-
Canvas Confirms Data Breach Following ShinyHunters Claim
Instructure, the educational technology company behind the widely used Canvas Learning Management System (LMS), has officially confirmed a major data breach. This confirmation directly follows recent claims made by the notorious threat actor group known as ShinyHunters. Canvas is a critical platform for thousands of universities and K-12 schools, making this breach a significant concern…
-
Frost Bank Hit With Class-Action Lawsuits Over Data Breach Affecting More Than 100,000 Customers
What happened Frost Bank, San Antonio’s largest bank, is facing two proposed class-action lawsuits following a cyberattack attributed to the Everest ransomware group that allegedly exposed the sensitive personal data of an estimated 109,000 customers. The bank has not publicly confirmed the scope of the breach or reported it to the Texas Attorney General’s Office,…The…
-
Salt Typhoon Suspected in Breach of IBM Italy Subsidiary Managing Public Infrastructure
What happened A cybersecurity incident in late April 2026 targeted Sistemi Informativi, an Italian company wholly owned by IBM Italy that provides IT infrastructure management for public agencies and key private sector organizations. IBM confirmed the breach through an official statement, acknowledging it had identified and contained a cybersecurity incident and activated incident response protocols…The…
-
Webinar: Why MSPs must rethink security and backup strategies
Security breaches don’t just test your defenses”, they test your recovery. Join Kaseya in our upcoming webinar to learn how MSPs strengthen resilience with SaaS backups and BCDR to stay operational after attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/webinar-why-msps-must-rethink-security-and-backup-strategies/
-
The fake IT worker problem CISOs can’t ignore
Tags: access, ai, breach, business, captcha, cio, ciso, compliance, computer, control, credentials, crowdstrike, data, detection, edr, endpoint, fedramp, fraud, gartner, iam, identity, jobs, linkedin, mitigation, monitoring, network, north-korea, office, phone, risk, skills, tool, training, zero-trustWhat to do if you suspect a fake IT worker: When a CIO suspects a fake IT worker, next steps are important as the issue shifts from recruitment to insider risk management.During his time at MongoDB, George Gerchow, IANS faculty advisor and Bedrock Data CSO, oversaw the investigation after the company detected it had unknowingly…
-
15-year-old detained over massive data breach at French government agency
French authorities have detained a 15-year-old suspected of involvement in a data breach at France Titres, the government agency responsible for issuing official documents. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/04/france-titres-data-breach-teen-suspect/
-
Instructure confirms data breach, ShinyHunters claims attack
Educational tech giant Instructure has confirmed that data was stolen in a cyberattack, with the ShinyHunters extortion gang claiming responsibility. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/instructure-confirms-data-breach-shinyhunters-claims-attack/
-
Salt Typhoon breach IBM subsidiary in Italy: a warning for Europe’s digital defenses
April 2026 breach at Sistemi Informativi (IBM Italy) raises concerns over Chinese-linked cyber ops in Europe, including Salt Typhoon. In late April 2026, the Italian cybersecurity landscape was shaken by a significant breach targeting Sistemi Informativi, a company wholly owned by IBM Italy that provides IT infrastructure management for key public and private institutions. The…
-
Security Affairs newsletter Round 575 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Two US cybersecurity experts sentenced in ransomware case, third awaits July ruling Trellix discloses the breach…
-
1,800 Developers Hit in Mini Shai-Hulud Supply Chain Attack Across PyPI, NPM, and PHP
What happened A supply chain attack campaign attributed to TeamPCP, dubbed Mini Shai-Hulud, has compromised packages across the PyPI, NPM, and PHP ecosystems over a two-day period, affecting over 1,800 developer repositories containing stolen credentials. The campaign was first identified on April 29 when malicious versions of four SAP NPM packages were caught delivering information-stealing…The…
-
Global Cyber Threat Brief: Identity Breaches, Supply Chain Attacks, and the Rise of Organized Cybercrime
Tags: attack, breach, cyber, cybercrime, data, exploit, identity, organized, ransomware, service, supply-chain, threatIn the past week, the global cyber threat landscape has once again demonstrated how rapidly attackers are evolving shifting from isolated intrusions to coordinated, multi-stage campaigns targeting identities, supply chains, and service providers. From large-scale identity data exposure to sophisticated token abuse and ransomware-driven disruptions, these incidents highlight a critical reality: attackers are increasingly exploiting…