Latest Internet & Cybersecurity News
Instructure Reaches Ransom Agreement with ShinyHunters After Canvas Breach
Instructure paid a ransom to the ShinyHunters group after they stole 275 million records from 9,000 organizations via a support ticket vulnerability. The agreement ensures data return, destruction, and no further extortion of customers. No course content or credentials were compromised.
ShinyHunters Defaces Canvas Login Pages with Extortion Demands
On May 7, ShinyHunters defaced Canvas portals at 330 institutions, demanding ransom by May 12 or face data leaks of 3.65TB stolen data. The breach impacted usernames, emails, course info, and messages from nearly 9,000 schools worldwide. Instructure contained initial access but faced a second wave.
2026 Canvas Breach: Largest Educational Security Incident on Record
ShinyHunters' attack on Canvas LMS affected 8,809 institutions globally, stealing 275 million records including private student-teacher messages. It's the biggest education breach due to its scale, hitting 41% of US higher ed institutions. No passwords or financial data stolen.
Germany Warns China Near Developing AI Superhacker for Banks and Secrets
Germany's top cybersecurity official alerts that China is secretly building an AI model with superhacking abilities to breach banks, steal secrets, or cripple Fortune 500 firms. Chinese firms halted public AI updates, suggesting covert progress. US firm Anthropic's unreleased 'Mythos' model sparked a global race.
BaFin Issues Warning on AI-Exacerbated Cybersecurity Risks in Banking
Germany's BaFin warned on May 12 of rising cybersecurity threats to banks from AI advancements. The alert highlights how AI developments are amplifying risks in the financial sector. No specific incidents detailed, but calls for vigilance.
Google Thwarts AI-Driven Zero-Day Hacking Attempt Bypassing 2FA
Google's Threat Intelligence Group blocked hackers using AI to plan mass zero-day exploits, including bypassing two-factor authentication. This marks high-confidence evidence of AI in real-world cyber attacks. Zero-days are unknown flaws with no patches.
OpenAI Launches Daybreak Initiative for AI Coding Security
OpenAI's Daybreak aims to secure AI coding tools like Codex against vulnerabilities, accelerating cyber defense. CEO Sam Altman noted AI's rapid cybersecurity prowess and seeks partnerships. Follows concerns over AI creating exploits.
WEF Declares Cybersecurity Entered 'AI vs AI' Era with Global Risks
World Economic Forum warns of autonomous AI attackers vs defenders, posing risks to global finance per IMF. Recent events show AI targeting dormant software bugs. Anthropic delayed Mythos rollout over hacking fears.
Anthropic's Mythos Model Deemed Serious Threat to Global Banking
Anthropic's powerful Mythos AI, capable of exploiting old bugs, alarmed Bank of England governor and Barclays CEO as a cyber risk cracker. Delayed release amid fears of aiding hackers. Sets off international AI arms race.
Descope Named to Rising in Cyber 2026 List of Top Cybersecurity Startups
Descope, a customer identity platform, joins Notable Capital's list of 30 promising private cybersecurity firms shaping AI-era enterprise security. CISO-voted recognition highlights its innovations. Announced May 12.
Ridge Security's RidgeBot Wins 2026 GOVIES Award for AI Offensive Security
RidgeBot, an AI-powered offensive security platform, won in the 2026 GOVIES Awards. It aids in proactive threat simulation and defense. Announced May 12 from Silicon Valley.