Explore

Trendline Trendline
F5 Networks Addresses Over 50 Vulnerabilities in BIG-IP and NGINX Systems

F5 Networks Addresses Over 50 Vulnerabilities in BIG-IP and NGINX Systems

F5 Networks Addresses Over 50 Vulnerabilities in BIG-IP and NGINX Systems
Trendline Trendline
Fortinet Addresses Critical Vulnerabilities in FortiAuthenticator and FortiSandbox

Fortinet Addresses Critical Vulnerabilities in FortiAuthenticator and FortiSandbox

Fortinet Addresses Critical Vulnerabilities in FortiAuthenticator and FortiSandbox
Rapid Read Rapid Read
Congress Demands Answers from Instructure Over Canvas Data Breach

Congress Demands Answers from Instructure Over Canvas Data Breach

The US House of Representatives is seeking testimony from Instructure, the company behind the education platform Canvas, following two cyberattacks that compromised the personal information of millions of students and teachers. The hacker group ShinyHunters breached the platform in April and again in May, targeting thousands of educational institutions. Instructure reached an agreement with the hackers to destroy the stolen data, but Congress is questioning the company's response and coordination with the Cybersecurity and Infrastructure Security Agency (CISA). The breach exposed sensitive information, including usernames, email addresses, and course details.
Rapid Read Rapid Read
The Gentlemen RaaS Exploits Fortinet and Cisco Devices for Network Breaches

The Gentlemen RaaS Exploits Fortinet and Cisco Devices for Network Breaches

The Gentlemen, a ransomware-as-a-service (RaaS) group, has rapidly become a significant player in the cyber threat landscape since its emergence in mid-2025. The group operates through an affiliate model, offering a lucrative 90% share of ransom payments to its partners, which has attracted numerous participants. Recently, a leak of the group's internal database provided insights into their operations, revealing their focus on exploiting vulnerabilities in Fortinet and Cisco edge devices to gain initial network access. The group uses a combination of brute-force attacks, known vulnerabilities, and purchased access to infiltrate networks. Once inside, they conduct reconnaissance, escalate privileges, and deploy ransomware, often using exfiltrated data as leverage in ransom negotiations.
Rapid Read Rapid Read
Canvas' Parent Company Reaches Agreement with Hacking Group to Secure Stolen Data

Canvas' Parent Company Reaches Agreement with Hacking Group to Secure Stolen Data

The parent company of the Canvas educational tool, Instructure, has reached an agreement with the hacking group ShinyHunters, which was responsible for a data breach involving student and school data. The agreement ensures that all stolen data has been returned and digitally confirmed as destroyed. Instructure has stated that no customers will be extorted as a result of this incident. The breach had affected nearly 9,000 schools, with data including student names, email addresses, and messages. The hacking group has confirmed that the data is deleted and that they will not contact the company or its customers for payment. The decision to pay or not in such situations is complex, as noted by ransomware negotiator Kurtis Minder, who suggested that some payment might have been involved.
Rapid Read Rapid Read
Instructure Reaches Agreement with Hackers to Secure Stolen Canvas Data

Instructure Reaches Agreement with Hackers to Secure Stolen Canvas Data

Instructure, the company behind the online learning platform Canvas, has reached an agreement with the hacker group ShinyHunters to secure the personal data stolen during a recent cyberattack. The hackers had accessed information such as usernames, email addresses, and course details from Canvas users, affecting potentially over 9,000 educational institutions. The agreement reportedly includes the destruction of illicit copies of the data, although it is unclear if a ransom was paid. The breach initially occurred on April 29, exploiting a vulnerability in Free-For-Teacher accounts, and was followed by a second security breach on May 7. In response, Instructure placed Canvas in maintenance mode, temporarily disrupting access for students.
Rapid Read Rapid Read
West Pharmaceutical Services Faces Global Disruption Due to Ransomware Attack

West Pharmaceutical Services Faces Global Disruption Due to Ransomware Attack

West Pharmaceutical Services, a major pharmaceutical company based in Pennsylvania, is dealing with the aftermath of a ransomware attack that occurred on May 4. The attack led to a proactive shutdown of affected on-premise infrastructure, disrupting global business operations. The company has engaged Palo Alto Networks’ Unit 42 for threat intelligence and incident response to aid in containment and system restoration. While core enterprise systems have been restored and critical processes have resumed at some sites, the full restoration timeline remains uncertain. The attackers exfiltrated data before deploying ransomware, and the company is investigating the extent of the data breach.
Rapid Read Rapid Read
Instructure Confirms Canvas Security Breach, Hackers Exploit Flaw to Deface Portals

Instructure Confirms Canvas Security Breach, Hackers Exploit Flaw to Deface Portals

Instructure, the developer of the Canvas learning management system (LMS), has confirmed a security breach that allowed hackers to exploit a vulnerability and deface login portals. The breach involved multiple cross-site scripting (XSS) vulnerabilities, enabling attackers to obtain authenticated admin sessions. Initially discovered on April 29, the breach led to the theft of over 3.6 terabytes of uncompressed data, which was later published by the hacker group ShinyHunters. The hackers used the same vulnerability to conduct a second attack on May 7, aiming to pressure Instructure into paying a ransom. The breach affected the Free-for-Teacher environment, a limited version of Canvas LMS. Instructure temporarily took Canvas offline to prevent further malicious activity and applied additional safeguards. The hackers' actions impacted 8,809 educational organizations, with stolen data including usernames, email addresses, and course information.
Rapid Read Rapid Read
Active Directory Breaches Persist Despite Password Resets

Active Directory Breaches Persist Despite Password Resets

A recent analysis highlights that simply resetting passwords is insufficient to fully address breaches in Active Directory (AD) environments. While password resets are a common initial response to suspected compromises, they do not immediately invalidate old credentials across all authentication paths. This delay can allow attackers to maintain access or re-establish a foothold. The report emphasizes the need for comprehensive security measures beyond password changes, such as invalidating active sessions and addressing vulnerabilities in access control lists (ACLs).
Rapid Read Rapid Read
Instructure Confirms Security Breach Exploiting Canvas Vulnerability

Instructure Confirms Security Breach Exploiting Canvas Vulnerability

Instructure, the developer of the Canvas learning management system, has confirmed a security breach that allowed hackers to exploit a vulnerability and deface login portals. The breach involved cross-site scripting (XSS) vulnerabilities, enabling attackers to gain authenticated admin sessions. The hackers used this access to leave extortion messages on the portals, pressuring Instructure to negotiate a ransom. The breach was initially discovered on April 29, and a subsequent attack occurred on May 7. Instructure has since taken steps to revoke unauthorized access and engage forensic experts to investigate the incident.
Rapid Read Rapid Read
Instructure Reaches Agreement with Hackers Following Data Breach

Instructure Reaches Agreement with Hackers Following Data Breach

Instructure, the company behind the Canvas learning platform, has announced an agreement with the hacker group ShinyHunters, which attacked its systems twice. The initial attack occurred on April 29, during which the hackers claimed to have stolen personal data of approximately 275 million students and staff. The group later attacked again, defacing login pages on school websites to pressure Instructure. The company has stated that the hackers provided evidence of deleting the stolen data and assured that customers would no longer face blackmail. However, Instructure did not disclose the financial terms of the agreement or confirm if any payment was made. The U.S. government and security experts generally advise against paying cybercriminals, as it may encourage further criminal activities.
Rapid Read Rapid Read
Instructure Confirms Canvas Security Breach, Impacting Educational Institutions

Instructure Confirms Canvas Security Breach, Impacting Educational Institutions

Instructure, the developer of the Canvas learning management system, has confirmed a security breach that allowed hackers to exploit vulnerabilities and deface login portals. The breach involved cross-site scripting (XSS) vulnerabilities, enabling attackers to gain authenticated admin sessions. This incident followed an initial breach where hackers stole over 3.6 terabytes of data. The attackers, identified as ShinyHunters, used the same vulnerability to pressure Instructure into paying a ransom by defacing portals with extortion messages. The breach affected the Free-for-Teacher environment, a limited version of Canvas used by individual educators. Instructure has since taken steps to revoke unauthorized access, engage forensic experts, and apply additional safeguards.