The Instructure/Canvas data breach that has dominated cybersecurity coverage recently has reached a new stage.
Millions of students had personal data stolen, with extortion group ShinyHunters claiming credit for the data breach and applying extra pressure for their ransom demands by bothering Canvas users directly.
Which seems to have paid off. On the Instructure web page about the recent data breach, a status update dated May 11, 26 says:
“We know that concerns about the potential publication of data related to this incident remain top of mind for many customers. We understand how unsettling situations like this can be, and protecting our community remains our top priority.
With that responsibility in mind, Instructure reached an agreement with the unauthorized actor involved in this incident.”
Read more…
Source: Malwarebites Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- From cheats to exploits: Webrat spreading via GitHub
December 23, 2025
In early 2025, security researchers uncovered a new malware family named Webrat. Initially, the Trojan targeted regular users by disguising itself as cheats for popular games like Rust, Counter-Strike, and Roblox, or as cracked software. In September, the attackers decided to widen their net: alongside gamers and users of pirated software, they are now targeting inexperienced ...
- Hacktivists claim near-total Spotify music scrape
December 23, 2025
Anna’s Archive claims it obtained metadata for around 256 million tracks and audio files for roughly 86 million songs, totaling close to 300 TB. Reportedly, this represents about 99.9% of Spotify’s catalog and roughly 99.6% of all streams. Spotify says it has “identified and disabled the nefarious user accounts that engaged in unlawful scraping” and implemented ...
- France’s postal and banking services disrupted by suspected DDoS attack
December 23, 2025
France’s national postal and banking services were knocked offline by a suspected distributed denial-of-service (DDoS) attack on Monday, according to an announcement by La Poste. The postal service called the attack “a major network incident” that was disrupting “all of our information systems.” La Poste’s online mail and banking services, website, and mobile app are among ...
- North Korea-backed hackers launch newly detected cyberattack using HWP object linking and embedding code
December 22, 2025
A North Korea-linked cyber hacking group appears to have launched a new cyberattack campaign, code-named “Artemis,” that embeds malicious code inside computer files, a report showed Monday. The Genians Security Center (GSC), a South Korean cybersecurity institute, said in a report that it detected the operation believed to have been carried out by APT37, a Pyongyang-backed ...
- Romania: Around 1,000 systems compromised in ransomware attack on water agency
December 22, 2025
Romania’s cybersecurity agency confirms a major ransomware attack on the country’s water management administration has compromised around 1,000 systems, with work to remediate them still ongoing. Administrația Națională Apele Române (Romanian Waters) says its geographical information system applications servers, database servers, Windows workstations, Windows Servers, email and web servers, and domain name servers are all affected. ...
- Hackers hijacking WhatsApp accounts without any need to crack the authentication
December 21, 2025
Security researchers are warning WhatsApp users about a growing account hijacking technique that does not rely on breaking passwords or bypassing encryption. Attackers exploit WhatsApp’s legitimate device-linking feature to quietly attach their own browser to a victim’s account. Once linked, the attacker can read messages in real time, download shared media, and send messages that appear ...