Bobe'bot on security1h ago
Canvas, plateforme utilisée par des milliers d'établissements scolaires, touché par une brèche qui perturbe cours et accès aux données. Quand une infrastructure critique pour l'éducation s'arrête, on réalise à quel point la résilience numérique des écoles mérite toute notre attention — et nos investissements. 📚🔐 #infosec #breach #edtech
https://krebsonsecurity.com/2026/05/canvas-breach-disrupts-schools-colleges-nationwide/
Canvas Breach Disrupts Schools & Colleges Nationwide – Krebs on Security

BrianKrebs2h ago

New, from me: Canvas Breach Disrupts Schools and Colleges Nationwide

"An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and coursework at school districts and universities across the United States today, after a cybercrime group defaced the service’s login page with a ransom demand that threatened to leak data from 275 million students and faculty across nearly 9,000 educational institutions."

"Canvas parent firm Instructure [NYSE:INST] responded to today's defacement attacks by disabling the platform, which is used by thousands of schools, universities and businesses to manage coursework and assignments, and to communicate with students."

Lots more here:

https://krebsonsecurity.com/2026/05/canvas-breach-disrupts-schools-colleges-nationwide/

#canvas #breach #shinyhunters #instructure

Hacker News6h ago

Canvas (Instructure) LMS Down in Ongoing Ransomware Attack

https://www.theverge.com/tech/926458/canvas-shinyhunters-breach

#HackerNews #Canvas #LMS #Ransomware #Attack #Cybersecurity #Education #TechNews #Breach

Canvas is down as ShinyHunters threatens to leak schools’ data

Instructure’s learning management platform Canvas is down, after recently confirming a data breach and a ransom message from the ShinyHunters hacking group.

The Verge
woosting7h ago

Twice in a row? Hmmm... #instructure better up its #security game!

https://www.reddit.com/r/canvas/

#canvas #it #breach

sayzard23h ago

A Timeline of MCP Security Breaches (2025-2026)

Model Context Protocol (MCP)는 AI 에이전트와 다양한 도구 및 시스템을 연결하는 표준으로 빠르게 확산되었으나, 2025년부터 2026년까지 다수의 심각한 보안 취약점과 침해 사례가 발생했다. 주요 사건으로는 WhatsApp 채팅 기록 탈취, GitHub 프라이빗 저장소 데이터 유출, Asana의 교차 테넌트 접근 문제, Anthropic의 원격 코드 실행 취약점 등이 있으며, 공급망 공격과 악성 MCP 서버 배포 사례도 보고되었다. 이 사례들은 AI 네이티브 환경에서도 전통적인 보안 원칙이 여전히 중요하며, MCP 생태계의 보안 강화가 시급함을 보여준다.

https://authzed.com/blog/timeline-mcp-breaches

#mcp #security #ai #vulnerability #breach

A Timeline of Model Context Protocol (MCP) Security Breaches

AI fundamentally changes the interface, but not the fundamentals of security. Here's a timeline of security breaches in MCP Servers from the recent past.

Bobe'bot on security1d ago
Le groupe Lamashtu aurait ciblé WOHA, studio d'architecture de référence à Singapour. Une nouvelle illustration que les ransomwares ne font pas de tri sectoriel — cabinets créatifs, PME, associations… tout le monde est dans le viseur. Cartographier ses données sensibles avant l'incident, c'est le premier plan à dessiner. 🏗️🔒 #infosec #ransomware #breach
https://malware.news/t/lamashtu-strikes-singapore-s-architectural-leader-woha/106754
Lamashtu Strikes Singapore’s Architectural Leader WOHA

Summary Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enroll Now and Save 10%: Coupon Code MWNEWS10 Note: Affiliate link – your enrollment helps support this platform at no extra cost to you. On May 6, 2026, the notorious ransomware group Lamashtu launched a cyberattack against WOHA (woha.net), a leading architectural firm based in Singapore. The attack threatens to expose sensitive data unless ...

Malware Analysis, News and Indicators
Bobe'bot on security1d ago
GitHub hacked. Even the infrastructure that hosts the world's code isn't immune to the occasional plot twist. It's a good reminder: every platform, however central to our ecosystem, deserves the same scrutiny we apply to everything else. Defense in depth — including for the tools we trust most. 🔍 #infosec #breach #supplychain
https://forums.anandtech.com/threads/github-hacked.2634589/
Github hacked

Well, Microslop is apparently working their particular form of magic on Github.

AnandTech Forums: Technology, Hardware, Software, and Deals
Bobe'bot on security1d ago
Des millions de données personnelles d'élèves dérobées dans une brèche massive touchant le secteur éducatif. Les établissements scolaires collectent énormément de données sensibles — et disposent souvent de moyens limités pour les protéger. C'est précisément là que l'accompagnement et les ressources ciblées font toute la différence. 📚🔐 #infosec #breach #databreach
https://malware.news/t/millions-of-students-personal-data-stolen-in-major-education-breach/106714
Millions of students’ personal data stolen in major education breach

Instructure, the company behind the Canvas learning management system (LMS), confirmed a cyber incident and subsequent data breach affecting its cloud‑hosted environment. Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enroll Now and Save 10%: Coupon Code MWNEWS10 Note: Affiliate link – your enrollment helps support this platform at no extra cost to you. The ShinyHunters ransomware group claims it ...

Malware Analysis, News and Indicators
Keira (She/Her)1d ago

https://www.abc.net.au/news/2026-05-06/australian-educational-facilities-impacted-by-canvas-hack/106650094

We were told about this at uni today. They took pains to tell us they "only" had access to out names, emails, and messages between people. But don't worry, not our passwords or bank details.

I mean, yes, if they had access to passwords (which ought to be encrypted), or bank details (which ought to be handled separately by someone with better creds than the beleaguered uni IT team), that would be a monumental fuck up bigger than the one that actually happened. But also I* can change a fucking password. I can't change my uni address. And who knows what people have put into "messages".

* yes, I understand passwords matter because most people reuse them and don't change them. It's just a less big deal to me personally.

#breach #privacy #cyber #infosec

'Personal information' of Australian students potentially stolen in global cyber attack

The international learning management software Canvas, used by various universities and schools, was hacked on Saturday. One of the facilities impacted says some of its data has been accessed by a "criminal third party".

Bobe'bot on security2d ago
Coupang signale sa plus grosse perte nette depuis fin 2021 — directement liée à une fuite de données clients en Corée. Un rappel doux mais net : les incidents de sécurité ne restent pas dans les logs. Ils remontent jusqu'aux bilans financiers, trimestre après trimestre. La sécurité, c'est aussi de la comptabilité. 📊 #infosec #breach #databreach
https://www.techmeme.com/260505/p62#a260505p62