The Instructure/Canvas data breach that has dominated cybersecurity coverage recently has reached a new stage.
Millions of students had personal data stolen, with extortion group ShinyHunters claiming credit for the data breach and applying extra pressure for their ransom demands by bothering Canvas users directly.
Which seems to have paid off. On the Instructure web page about the recent data breach, a status update dated May 11, 26 says:
“We know that concerns about the potential publication of data related to this incident remain top of mind for many customers. We understand how unsettling situations like this can be, and protecting our community remains our top priority.
With that responsibility in mind, Instructure reached an agreement with the unauthorized actor involved in this incident.”
Read more…
Source: Malwarebites Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Coruna: the framework used in Operation Triangulation
March 26, 2026
On March 4, 2026, Google and iVerify published reports about a highly sophisticated exploit kit targeting Apple iPhone devices. According to Google, the exploit kit was first discovered in targeted attacks conducted by a customer of an unnamed surveillance vendor. It was later used by other attackers in watering-hole attacks in Ukraine and in financially motivated ...
- Infiniti Stealer: A new macOS infostealer using ClickFix and Python/Nuitka
March 26, 2026
A previously undocumented macOS infostealer has surfaced during our routine threat hunting. Malwarebytes Labs researchers initially tracked it as NukeChain, but shortly before publication, the malware’s operator panel became publicly visible, revealing its real name: Infiniti Stealer. This malware is designed to steal sensitive data from Macs. It spreads through a fake CAPTCHA page that tricks ...
- Cloud Phones: The Invisible Threat
March 25, 2026
What began as a simple scheme to inflate social media metrics has evolved into a sophisticated threat that is quietly reshaping the economics of digital fraud. Over the past decade, fraud prevention teams have invested heavily in device fingerprinting and emulator detection and that investment paid off; classic emulators and bot activities became predictable, easy ...
- Millions possibly affected by data breach at dermatology giant QualDerm
March 25, 2026
Dermatology management services giant QualDerm suffered a cyberattack in late 2025 which saw it lose sensitive personal and healthcare data on more than three million people. The company is now notifying affected individuals by mail, noting in a breach notification letter that between December 23 and 24, 2025, a threat actor managed to access “a limited ...
- AI Drives Cyber Attacks That Unfold in Minutes
March 24, 2026
Artificial intelligence is speeding up timelines for cyber attacks, a new report has found, creating what the authors call a widening “cybersecurity speed gap” between bad actors and defense efforts. The report from Booz Allen Hamilton, published this month, shows that cyber criminals are now moving from initial access to broader system compromise in less than ...
- Russian initial access broker who fed ransomware crews gets 81 months in US prison
March 24, 2026
A Russian national who sold the keys to corporate networks faces nearly seven years in a US prison after prosecutors tied his handiwork to a string of ransomware attacks costing victims millions of dollars. Aleksei Volkov, 26, was sentenced to 81 months behind bars for his role as an initial access broker, a behind-the-scenes operator who ...