The Instructure/Canvas data breach that has dominated cybersecurity coverage recently has reached a new stage.
Millions of students had personal data stolen, with extortion group ShinyHunters claiming credit for the data breach and applying extra pressure for their ransom demands by bothering Canvas users directly.
Which seems to have paid off. On the Instructure web page about the recent data breach, a status update dated May 11, 26 says:
“We know that concerns about the potential publication of data related to this incident remain top of mind for many customers. We understand how unsettling situations like this can be, and protecting our community remains our top priority.
With that responsibility in mind, Instructure reached an agreement with the unauthorized actor involved in this incident.”
Read more…
Source: Malwarebites Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Supply chain attack on eScan antivirus: detecting and remediating malicious updates
January 29, 2026
On January 20, a supply chain attack has occurred, with the infected software being the eScan antivirus developed by an Indian company MicroWorld Technologies. The previously unknown malware was distributed through the eScan update server. The same day, our security solutions detected and prevented cyberattacks involving this malware. On January 21, having been informed by Morphisec, ...
- SoundCloud data breach hit 29.8 million accounts
January 28, 2026
TechRadar now have confirmation exactly how many people were affected by the December 2025 breach at SoundCloud, as well as how users can check if they are affected. In mid-December 2025, SoundCloud confirmed suffering a cyberattack and losing sensitive data on about 20% of its user base – approximately 28 million people. The company did not ...
- No Agency Is Too Small
January 28, 2026
Back when nation-state threat actors were primarily targeting large government agencies, government contractors, and large companies, security through obscurity was a legitimate strategy. In years past, betting that attackers wouldn’t bother with smaller targets was a feasible way of operating. It’s feasible no longer. Hackers are better equipped than ever before, thanks in part to artificial ...
- HoneyMyte updates CoolClient and deploys multiple stealers in recent campaigns
January 27, 2026
Over the past few years, we’ve been observing and monitoring the espionage activities of HoneyMyte (aka Mustang Panda or Bronze President) within Asia and Europe, with the Southeast Asia region being the most affected. The primary targets of most of the group’s campaigns were government entities. As an APT group, HoneyMyte uses a variety of sophisticated tools ...
- PeckBirdy: A Versatile Script Framework for LOLBins Exploitation Used by China-aligned Threat Groups
January 26, 2026
Since 2023, Trend Micro researchers have been observing threat campaigns employing a previously unseen script-based command-and-control (C&C) framework which we named PeckBirdy, being used against Chinese gambling industries, as well as malicious activities targeting Asian government entities and private organizations. While tracking this framework, Trend Micro identified at least two campaigns using PeckBirdy, which we were ...
- Nike says it is investigating possible data breach
January 26, 2026
Nike says it is investigating a potential data breach, after a group known for cyber attacks reportedly claimed to have leaked a trove of data related to its business operations. “We always take consumer privacy and data security very seriously,” Nike said in a statement. “We are investigating a potential cyber security incident and are ...