Collecting Cyber-News from over 60 sources

Tag: extortion

Security Affairs newsletter Round 578 by Pierluigi Paganini INTERNATIONAL EDITION

May 24, 2026 3:01 PM

Tags: attack, cve, email, extortion, flaw, injection, international, sql, WeeklyReview

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. CVE-2026-9082: Drupal’s Highly Critical SQL Injection Flaw Is Already Under Active Attack Why pure extortion is…
Why pure extortion is replacing traditional ransomware

May 23, 2026 5:00 PM

Tags: breach, data, encryption, extortion, group, leak, ransomware, strategy

Ransomware gangs are shifting from encryption to pure extortion, focusing on stolen data, reputational pressure, and stealthier attacks. Ransomware groups are quietly changing strategy in 2026. Instead of encrypting systems and causing immediate disruption, many attackers are now focusing on pure extortion: stealing sensitive data and threatening to leak it publicly if victims refuse to…
Grafana Labs links GitHub environment breach to TanStack npm supply chain attack

May 21, 2026 6:00 PM

Tags: attack, breach, extortion, github, supply-chain

The company behind the widely used observability platform refused an extortion demand and has since taken steps to harden its security. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/grafana-labs-github-environment-breach-tanstack-npm-supply-chain/820866/
FBI warns students and staff that ShinyHunters may come knocking after Canvas breach

May 20, 2026 11:00 AM

Tags: attack, breach, extortion, ransom

Having receive a ransom payment for its attack on Canvas, ShinyHunters and other extortion gangs are only likely to be further incentivised to launch similar attacks in future. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/fbi-shinyhunters-canvas-breach
Grafana Rejects Ransom Demand After GitHub Breach Exposes Codebase Theft

May 19, 2026 9:00 PM

Tags: breach, data, data-breach, extortion, github, ransom, theft

Grafana refused an extortion demand after attackers used a stolen GitHub token to download code, with no customer data exposed so far. The post Grafana Rejects Ransom Demand After GitHub Breach Exposes Codebase Theft appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-grafana-github-token-codebase-breach/
7-Eleven confirms data breach claimed by the ShinyHunters gang

May 19, 2026 5:00 PM

Tags: breach, cyberattack, data, data-breach, extortion, group

Convenience store chain giant 7-Eleven confirmed that its systems were breached in a cyberattack claimed by the ShinyHunters extortion group last month. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/7-eleven-confirms-data-breach-claimed-by-the-shinyhunters-gang/
Grafana confirms GitHub token breach cybercrime group claims the attack

May 18, 2026 10:00 PM

Tags: attack, breach, cybercrime, data, data-breach, extortion, github, group, leak, security-incident, theft

Grafana confirmed a GitHub token breach that exposed source code, but said no customer data or systems were affected. Grafana Labs confirmed a security incident after the extortion group Coinbase Cartel listed it on a leak site and claimed data theft on May 15. The breach was triggered by a compromised token that gave attackers…
Grafana Labs says hacker gained access to codebase through leaked token

May 18, 2026 6:00 PM

Tags: access, data-breach, extortion, hacker

The company, which operates a widely used observability platform, is refusing to pay an extortion demand. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/grafana-labs-says-hacker-gained-access-to-codebase-through-leaked-token/820485/
Grafana Labs says hacker gained access to codebase through leaked token

May 18, 2026 6:00 PM

Tags: access, data-breach, extortion, hacker

The company, which operates a widely used observability platform, is refusing to pay an extortion demand. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/grafana-labs-says-hacker-gained-access-to-codebase-through-leaked-token/820485/
18th May Threat Intelligence Report

May 18, 2026 6:00 PM

Tags: access, extortion, github, intelligence, international, leak, software, threat

Vodafone, a major international telecom, has sustained a source code leak claimed by the Lapsus$ extortion group. The company confirmed limited access to GitHub files through compromised third-party development software, while stating that […] First seen on research.checkpoint.com Jump to article: research.checkpoint.com/2026/18th-may-threat-intelligence-report/
Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt

May 17, 2026 11:00 AM

Tags: access, breach, data, extortion, github

Grafana has disclosed that an “unauthorized party” obtained a token that granted them the ability to access the company’s GitHub environment and download its codebase. “Our investigation has determined that no customer data or personal information was accessed during this incident, and we have found no evidence of impact to customer systems or operations,” Grafana…
Wave of ShinyHunters Extortion Drives Surge in Data Leaks

May 15, 2026 11:00 PM

Tags: attack, breach, ceo, data, data-breach, extortion, leak

‘Have I Been Pwned’ Founder Troy Hunt Reviews Impact on People and Organizations. The volume of data breaches that result in stolen personal data being leaked online has been surging, courtesy of the ShinyHunters, and while it affects individuals, the organizations being extorted are bearing the brunt of such attacks, said Troy Hunt, founder and…
The economics of ransomware 3.0

May 15, 2026 12:00 PM

Tags: alphv, attack, backup, breach, ceo, citrix, control, country, cyber, cyberattack, cybersecurity, data, data-breach, detection, encryption, endpoint, extortion, finance, framework, group, healthcare, HIPAA, incident response, insurance, moveIT, network, nist, office, privacy, ransom, ransomware, risk, russia, service, social-engineering, strategy, supply-chain, technology, threat

Triple extortion mechanism. Ashish Mishra What the Change Healthcare case tells you about real costs: Consider what happened to Change Healthcare in early 2024. The ALPHV group’s attack on this healthcare payments processor didn’t just encrypt systems, it exposed the personal health information of potentially over 100 million Americans and disrupted pharmacy services across the…
The economics of ransomware 3.0

May 15, 2026 12:00 PM

Tags: alphv, attack, backup, breach, ceo, citrix, control, country, cyber, cyberattack, cybersecurity, data, data-breach, detection, encryption, endpoint, extortion, finance, framework, group, healthcare, HIPAA, incident response, insurance, moveIT, network, nist, office, privacy, ransom, ransomware, risk, russia, service, social-engineering, strategy, supply-chain, technology, threat

Triple extortion mechanism. Ashish Mishra What the Change Healthcare case tells you about real costs: Consider what happened to Change Healthcare in early 2024. The ALPHV group’s attack on this healthcare payments processor didn’t just encrypt systems, it exposed the personal health information of potentially over 100 million Americans and disrupted pharmacy services across the…
Instructure claims hackers returned stolen Canvas data after an extortion standoff

May 12, 2026 6:19 PM

Tags: breach, cybercrime, data, extortion, group, hacker, leak

ShinyHunters, a prolific cybercrime group, threatened to leak data from more than 8,800 school systems. First seen on cyberscoop.com Jump to article: cyberscoop.com/canvas-instructure-data-theft-extortion-the-com/
Instructure took a risky approach to recover stolen Canvas data

May 12, 2026 5:19 PM

Tags: breach, data, extortion, group

Instructure, the company behind the online learning platform Canvas, said it reached an agreement with the extortion group ShinyHunters to prevent data stolen in a recent … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/12/instructure-canvas-data-breach-shinyhunters-agreement/
Instructure reaches ‘agreement’ with ShinyHunters to stop data leak

May 12, 2026 12:19 PM

Tags: breach, data, data-breach, extortion, group, leak

Instructure, the edtech giant behind the widely popular Canvas learning management system (LMS), has reached an “agreement” with the ShinyHunters extortion group to prevent the data stolen in a recent breach from being leaked online. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/instructure-reaches-agreement-with-shinyhunters-to-stop-data-leak/
Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak

May 12, 2026 10:19 AM

Tags: breach, cybercrime, extortion, group, leak, network, ransom, technology, unauthorized, update

American educational technology company Instructure, the parent company of Canvas, said it reached an “agreement” with a decentralized cybercrime extortion group after it breached its network and threatened to leak stolen information from thousands of schools and universities.In an update shared on Monday, the Utah-based firm said it “reached an agreement with the unauthorized actor…
Pressure mounts on Canvas as data leak extortion deadline looms

May 12, 2026 5:19 AM

Tags: data, extortion, leak

Attackers affiliated with The Com are threatening to leak data from more than 8,800 school systems if Instructure doesn’t pay a ransom. First seen on cyberscoop.com Jump to article: cyberscoop.com/canvas-instructure-data-theft-extortion-the-com/
Instructure confirms hackers used Canvas flaw to deface portals

May 11, 2026 6:18 PM

Tags: extortion, flaw, hacker, login, technology, vulnerability

Education technology giant Instructure has confirmed that a security vulnerability allowed hackers to modify Canvas login portals and leave an extortion message. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/instructure-confirms-hackers-used-canvas-flaw-to-deface-portals/
ShinyHunters Escalates Canvas Extortion with School by School Ransom Campaign

May 11, 2026 5:20 PM

Tags: breach, data, extortion, leak, login, ransom

ShinyHunters has escalated its Canvas extortion campaign, defacing hundreds of school login pages and threatening to leak stolen data unless institutions negotiate First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/shinyhunters-escalates-canvas/
PCPJack Worm Targets Docker, Kubernetes, Redis, and MongoDB Credentials

May 8, 2026 8:49 AM

Tags: breach, cloud, container, credentials, cyber, data-breach, docker, extortion, framework, fraud, infrastructure, kubernetes, malware, spam, threat, worm

A newly identified malware framework dubbed PCPJack is targeting exposed cloud and container infrastructure to steal credentials at scale while actively removing artifacts linked to the TeamPCP threat actor. Unlike typical cloud-focused campaigns, PCPJack skips cryptomining entirely and instead appears optimized for fraud, spam, extortion, and resale of stolen access. TeamPCP itself drew attention earlier in 2026…
ShinyHunters Extorts Universities in New Instructure Canvas Hack

May 8, 2026 5:48 AM

Tags: attack, extortion

A ShinyHunters-linked attack disrupted hundreds of Instructure Canvas portals during finals week. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/shinyhunters-extorts-universities-in-new-instructure-canvas-hack/
Canvas login portals hacked in mass ShinyHunters extortion campaign

May 8, 2026 1:48 AM

Tags: exploit, extortion, login, technology, vulnerability

The ShinyHunters extortion gang has breached education technology giant Instructure again, this time exploiting another vulnerability to deface Canvas login portals for hundreds of colleges and universities. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/canvas-login-portals-hacked-in-mass-shinyhunters-extortion-campaign/
Hackers deface school login pages after claiming another Instructure hack

May 7, 2026 11:48 PM

Tags: cybercrime, extortion, group, hacker, login

The cybercrime group ShinyHunters claimed to have hacked Instructure again, defacing the login pages of several Instructure customer schools with an extortion message. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/07/hackers-deface-school-login-pages-after-claiming-another-instructure-hack/
VECT-Ransomware Wenn Hacker-Laien zur echten Gefahr werden

May 7, 2026 5:48 PM

Tags: cybercrime, extortion, hacker, ransomware

Ende 2025 tauchte mit VECT eine weitere Ransomware-Gruppe auf, die sich vorgenommen hat, das Geschäft der digitalen Erpressung zu demokratisieren. Durch eine Partnerschaft mit Breachforums, einem der größten Marktplätze für Cyberkriminalität, öffnete VECT seine Plattform für jeden registrierten Nutzer. Das rief Tausende potenzielle Angreifer praktisch über Nacht auf den Plan. Gleichzeitig sicherte sich die Gruppe…
Iranian cyber espionage disguised as a Chaos Ransomware attack

May 6, 2026 5:48 PM

Tags: apt, attack, credentials, cyber, data, espionage, extortion, iran, phishing, ransomware, tactics, theft

Iran-linked APT MuddyWater used ransomware-style tactics to mask espionage, combining phishing, credential theft, data exfiltration, and extortion without encryption. A newly discovered cyber intrusion attributed to the Iran-linked APT MuddyWater (aka SeedWorm, TEMP.Zagros, Mango Sandstorm, TA450, and Static Kitten) reveals how state-sponsored attackers are increasingly leveraging ransomware tactics to disguise espionage operations. The campaign, uncovered by security researchers at Rapid7, blended…
Ransomware Gang Member Linked to Russian Cybercrime Group Sentenced to Prison

May 6, 2026 10:49 AM

Tags: cyber, cybercrime, data, extortion, group, ransomware, russia, theft

A Latvian national operating from Moscow has been sentenced to 102 months in federal prison for his role as a key negotiator within a prolific Russian ransomware network. Deniss Zolotarjovs, 35, participated in a cybercrime syndicate that orchestrated data theft and extortion campaigns against over 54 organizations worldwide between June 2021 and August 2023. The…
Vimeo Confirms Breach Exposing 119,000 Unique User Email Addresses

May 6, 2026 8:49 AM

Tags: breach, cyber, data, data-breach, email, extortion, group

Video hosting platform Vimeo has confirmed a data breach that exposed approximately 119,000 unique user email addresses, attributing the incident to a security compromise at Anodot, a third-party analytics vendor integrated with its systems. The breach came to light after the ShinyHunters extortion group listed Vimeo on its >>pay or leak<< portal in April 2026,…
Ransomware Gangs Escalate Attacks on Aviation and Aerospace Sector

May 6, 2026 7:47 AM

Tags: access, attack, credentials, cyber, data, exploit, extortion, group, identity, ransomware, risk, theft

Ransomware and data extortion groups are increasingly targeting the aviation and aerospace sector, exploiting interconnected systems, shared platforms, and identity-based access models to cause operational disruption and data compromise. Cyber risk across aviation has shifted beyond traditional IT incidents toward ransomware attacks, credential theft, and platform-level compromise. The aviation ecosystem relies heavily on shared IT…