Canvas Goes Dark for 9,000 Schools Mid-Finals
ShinyHunters defaced the Canvas login page on May 7 and pulled millions of students offline during finals week, two days after Instructure called the breach contained.
ShinyHunters defaced the Canvas login page on May 7 and pulled millions of students offline during finals week, two days after Instructure called the breach contained.
Three things hit Ubuntu in nine days: a root-level Linux kernel exploit dropped without coordinated patches, a pro-Iran DDoS that knocked Canonical's web infrastructure offline, and the 26.04 LTS release landing in the middle of both. Here's what it means for whatever you use Ubuntu for.
A new phishing-as-a-service kit ships with an AI assistant, 40+ templates, and an adversary-in-the-middle proxy that defeats SMS and TOTP MFA. The AI is the part the press loved. The AiTM is the part defenders should actually worry about.
Wiz researchers found a critical RCE in GitHub's git push pipeline on March 4. The fix on github.com landed 75 minutes later. The April 28 disclosure makes clear what nearly happened โ and why GitHub Enterprise Server admins still have urgent work.
Google spent a decade telling developers that Maps and Firebase API keys are not secrets. When Gemini was added to the Google Cloud Platform, those same keys silently gained the ability to make billable Gemini calls โ and the bills started arriving. One team of three developers woke up to a $82,314 charge. The architectural fix is still pending.
Medtronic disclosed on April 24 that an unauthorized party accessed corporate IT systems. ShinyHunters claims 9 million records and terabytes of internal data. Medtronic confirms only the corporate-IT scope and says products, patient safety, and manufacturing networks are unaffected โ a careful framing that healthcare IT readers will recognize.
Axios reports the NSA is using Anthropic's unreleased Mythos model โ the one Anthropic says can find zero-days autonomously โ despite the Pentagon formally labeling Anthropic a supply-chain risk. Here's what Mythos is, who else has access, and why the operational need is winning.
Anubis claims 2 TB of patient data from Signature Healthcare's Brockton Hospital. Ambulances were diverted, chemo was canceled, and staff will be working off paper for two more weeks.
ChipSoft โ the Dutch EHR vendor whose HiX platform runs patient records at roughly 80% of Netherlands hospitals โ was hit by ransomware on April 7. Eleven hospitals disconnected, and the bigger story is the concentration risk that made this inevitable.
Russian military hackers compromised 18,000 home routers to steal Microsoft 365 tokens โ after users completed MFA. Most enterprises harden the laptop but never ask what router it's connected to.