US govt seeks Instructure testimony on massive Canvas cyberattack
The U.S. House Committee on Homeland Security is calling on Instructure executives to testify about two cyberattacks by the ShinyHunters extortion group that targeted the…
Month: May 2026
Critical Fortinet FortiSandbox Vulnerability Enables Code Execution Attacks
A critical security flaw in Fortinet’s FortiSandbox platform is putting enterprise networks at serious risk, allowing unauthenticated attackers to execute arbitrary code or commands remotely,…
Foxconn Ransomware Attack Shows Nothing Is Safe Forever
A ransomware group is attempting to extort the electronics manufacturing giant Foxconn, claiming that it stole 8 terabytes of data from the company, including schematics…
SAP Releases Patch for Critical SQL Injection Flaw in S/4HANA
A severe vulnerability has struck the heart of enterprise resource planning systems this month, threatening organizations worldwide with potential data breaches. On May 12, 2026,…
Canvas Hackers ShinyHunters Say Their Official Domain Was Suspended
The notorious hacking group ShinyHunters, recently linked to the large-scale compromise and defacement of Instructure’s Canvas LMS platform, claims its official clearnet domain has been…
Microsoft May 2026 Patch Tuesday: Many fixes, but no zero-days
Microsoft has marked May 2026 Patch Tuesday by releasing fixes for 120+ CVE-numbered vulnerabilities, none of which (for a change) are actively exploited or have…
Stolen Canvas data was “returned” after hacker agreement, Instructure says
The Instructure/Canvas data breach that has dominated cybersecurity coverage recently has reached a new stage. Millions of students had personal data stolen, with extortion group…
RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded
Ravie LakshmananMay 12, 2026Supply Chain Attack / Software Security RubyGems, the standard package manager for the Ruby programming language, has temporarily paused account sign ups…
Microsoft releases rare zero-day free Patch Tuesday update
Microsoft has addressed around 140 newly discovered common vulnerabilities and exposures (CVEs) in its May Patch Tuesday update, but for the first time in a…
Infrastructure and cyber teams must converge as threats evolve: Infotrust
“Cyber risk is now an infrastructure problem, not just a security one,” says Dan Suto, executive general manager of managed technology at Infotrust. In this…
Microsoft Patches 137 Vulnerabilities – SecurityWeek
Microsoft on Tuesday announced patching 137 vulnerabilities across its products, none of which have been flagged as exploited in the wild. Roughly a dozen of…
Hackers accessed BWH Hotels reservation system for months
Hackers accessed BWH Hotels reservation system for months Pierluigi Paganini May 12, 2026 BWH Hotels says hackers accessed guest reservation data, including names and contacts,…