Explore

Rapid Read Rapid Read
CRPx0 Malware Campaign Exploits Free OnlyFans Lure to Target Multiple Platforms

CRPx0 Malware Campaign Exploits Free OnlyFans Lure to Target Multiple Platforms

A new malware campaign, CRPx0, is exploiting the lure of free OnlyFans accounts to spread across macOS and Windows systems, with potential capabilities for Linux. The campaign, analyzed by Aryaka Threat Research Labs, uses social engineering tactics to entice users into downloading a malicious zip file under the guise of free OnlyFans access. Once downloaded, the malware installs itself, allowing attackers to steal cryptocurrency, exfiltrate data, and deploy ransomware. The malware is sophisticated, maintaining persistence and updating itself through a command and control (C2) server. The campaign has already claimed 38 victims, with data being sold on a leaks site.
Rapid Read Rapid Read
Instructure Reaches Agreement with Hackers Following Data Breaches Affecting Schools

Instructure Reaches Agreement with Hackers Following Data Breaches Affecting Schools

Instructure, the company behind the Canvas educational platform, has reached an agreement with hackers who breached its systems twice, compromising data from millions of students and staff. The cybercrime group ShinyHunters claimed responsibility for the breaches, which affected nearly 9,000 schools. The hackers initially stole personal information of 275 million individuals and later defaced Canvas login pages to pressure Instructure into paying a ransom. Instructure announced that the hackers have provided evidence of data destruction and assured that Canvas customers will not face extortion. However, the financial terms of the agreement remain undisclosed. The FBI has advised against paying ransoms, as it encourages further cybercriminal activity.
Rapid Read Rapid Read
Instructure Reaches Agreement with Hackers Following Data Breach

Instructure Reaches Agreement with Hackers Following Data Breach

Instructure, the company behind the Canvas learning platform, has announced an agreement with the hacker group ShinyHunters, which attacked its systems twice. The initial attack occurred on April 29, during which the hackers claimed to have stolen personal data of approximately 275 million students and staff. The group later attacked again, defacing login pages on school websites to pressure Instructure. The company has stated that the hackers provided evidence of deleting the stolen data and assured that customers would no longer face blackmail. However, Instructure did not disclose the financial terms of the agreement or confirm if any payment was made. The U.S. government and security experts generally advise against paying cybercriminals, as it may encourage further criminal activities.
Trendline Trendline
Fake Claude Code Malware Exploits PowerShell to Evade Detection

Fake Claude Code Malware Exploits PowerShell to Evade Detection

Fake Claude Code Malware Exploits PowerShell to Evade Detection
Trendline Trendline
BWH Hotels Reports Six-Month Data Breach Affecting Guest Reservations

BWH Hotels Reports Six-Month Data Breach Affecting Guest Reservations

BWH Hotels Reports Six-Month Data Breach Affecting Guest Reservations
Rapid Read Rapid Read
ShinyHunters Launches Ransom Campaign Against Educational Institutions

ShinyHunters Launches Ransom Campaign Against Educational Institutions

The ShinyHunters ransomware group has intensified its extortion campaign against educational institutions following a data breach at Instructure, the company behind the Canvas Learning Management System. The breach, which occurred on April 25, resulted in the theft of approximately 275 million records from 8,809 institutions. ShinyHunters exploited a vulnerability in the Free-For-Teacher version of Canvas, exfiltrating over 3.65 TB of data. The group initially demanded a ransom by May 8, threatening to leak the data if not paid. With the deadline passed, they have begun targeting individual schools with extortion demands, threatening to release data by May 12 if settlements are not reached.
Rapid Read Rapid Read
Instructure Reaches Agreement with Hackers to Secure Data from Thousands of Schools

Instructure Reaches Agreement with Hackers to Secure Data from Thousands of Schools

Instructure, the company behind the education platform Canvas, has reached an agreement with a hacking group that infiltrated its systems, stealing data from nearly 9,000 schools. The hackers threatened to release the data unless a ransom was paid by a specified deadline. Instructure has not disclosed whether a ransom was paid but confirmed that the deal includes the return of stolen data and assurances that no further extortion will occur. The breach affected millions of students, teachers, and staff, disrupting educational activities during a critical period of final exams. The hackers exploited free accounts offered to teachers to gain access to the system, prompting Instructure to disable these accounts temporarily.
Rapid Read Rapid Read
Instructure Confirms Security Breach Exploiting Canvas Vulnerability

Instructure Confirms Security Breach Exploiting Canvas Vulnerability

Instructure, the developer of the Canvas learning management system, has confirmed a security breach that allowed hackers to exploit a vulnerability and deface login portals. The breach involved cross-site scripting (XSS) vulnerabilities, enabling attackers to gain authenticated admin sessions. The hackers used this access to leave extortion messages on the portals, pressuring Instructure to negotiate a ransom. The breach was initially discovered on April 29, and a subsequent attack occurred on May 7. Instructure has since taken steps to revoke unauthorized access and engage forensic experts to investigate the incident.
Rapid Read Rapid Read
ShinyHunters Launches Extortion Campaign Against Educational Institutions Using Canvas

ShinyHunters Launches Extortion Campaign Against Educational Institutions Using Canvas

The ShinyHunters ransomware group has initiated a 'pay or leak' extortion campaign targeting educational institutions following a breach of Instructure, the company behind the Canvas Learning Management System. The breach, which occurred on April 25, resulted in the theft of approximately 275 million records from 8,809 educational institutions. The group exploited a vulnerability in the Free-For-Teacher version of Canvas, exfiltrating over 3.65 TB of data. Initially, ShinyHunters demanded a ransom by May 8, threatening to leak the data if not paid. After the deadline passed, the group intensified its efforts with a school-by-school extortion campaign, defacing around 330 Canvas login pages with ransom demands. The group has set a new deadline of May 12 for negotiations. Instructure has not engaged with the group but has implemented security patches. The attack coincides with the end of the academic year and exam season, increasing pressure on affected institutions.
Rapid Read Rapid Read
Instructure Confirms Canvas Security Breach, Impacting Educational Institutions

Instructure Confirms Canvas Security Breach, Impacting Educational Institutions

Instructure, the developer of the Canvas learning management system, has confirmed a security breach that allowed hackers to exploit vulnerabilities and deface login portals. The breach involved cross-site scripting (XSS) vulnerabilities, enabling attackers to gain authenticated admin sessions. This incident followed an initial breach where hackers stole over 3.6 terabytes of data. The attackers, identified as ShinyHunters, used the same vulnerability to pressure Instructure into paying a ransom by defacing portals with extortion messages. The breach affected the Free-for-Teacher environment, a limited version of Canvas used by individual educators. Instructure has since taken steps to revoke unauthorized access, engage forensic experts, and apply additional safeguards.
Reuters Reuters
Hackers pushing innovation in AI-enabled hacking operations, Google says

Hackers pushing innovation in AI-enabled hacking operations, Google says

By AJ Vicens and Sam Tabahriti May 11 (Reuters) - Hackers from a prominent cybercrime group used artificial intelligence to uncover a previously unknown software flaw and an exploit to take advantage of it for the first time, Alphabet's Google said on Monday. 
Rapid Read Rapid Read
JDownloader Site Compromised, Distributes Python RAT Malware

JDownloader Site Compromised, Distributes Python RAT Malware

The website for JDownloader, a popular download manager, was compromised to distribute malicious installers for Windows and Linux. The attack, occurring between May 6 and May 7, 2026, involved modifying download links to point to malicious payloads, including a Python-based remote access trojan (RAT). The compromise was first reported on Reddit, and the developers confirmed the breach, taking the site offline for investigation. The attack exploited an unpatched vulnerability, affecting only certain download links. Users are advised to verify installer legitimacy and reinstall operating systems if affected.