The FCC Wants to Kill Burner Phones

Plus: AI bug hunting fuels Microsoft’s biggest-ever Patch Tuesday, ShinyHunters ransomware gang exploits an Oracle zero-day, and more...

ShinyHunters Target Universities in Oracle PeopleSoft Zero-Day Attack

Google says ShinyHunters exploited Oracle PeopleSoft zero-day to steal data from 100+ organisations, with universities making up most victims...

Active Exploitation of Oracle PeopleSoft Zero-Day (CVE-2026-35273)

Overview On June 10, 2026, Oracle published a security alert for CVE-2026-35273, a critical vulnerability in the Updates Environment Management component of PeopleSoft Enterprise PeopleTools. Oracle released an out-of-band patch the same day as the advisory, underscoring the urgency of remediatio...

PT-2026-49070

🔴 ShinyHunters exploits Oracle PeopleSoft 0-day CVSS 9.8 targeting 100+ organizations Ransomware group ShinyHunters exploited CVE-2025-35273, a critical server-side request forgery vulnerability in Oracle PeopleSoft, for more than two weeks before Oracle disclosed it. The group targeted roughly 3...

ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities

The ShinyHunters extortion crew exploited an unpatched flaw in Oracle PeopleSoft to break into enterprise systems, steal data, and demand payment to keep it private. The campaign hit universities hardest. Google's Mandiant attributes it to the group it tracks as UNC6240, and dates the activity...

ShinyHunters Leak 40GB of University of Nottingham Student Data

ShinyHunters hackers leak 40GB of University of Nottingham personal and financial data, allegedly impacting 450,000 students and staff records...

Instructure Reaches Deal with ShinyHunters to Prevent Canvas Data Leak

Instructure has reached an agreement with the ShinyHunters group to return and destroy stolen Canvas data, protecting millions of student records from a public leak...

Canvas Hackers ShinyHunters Say Their Official Domain Was Suspended

ShinyHunters says its shinyhunte.rs domain was suspended after the Canvas LMS attacks, forcing the group to move fully to its dark web .onion site...

Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak

American educational technology company Instructure, the parent company of Canvas, said it reached an "agreement" with a decentralized cybercrime extortion group after it breached its network and threatened to leak stolen information from thousands of schools and universities. In an update shared...

ShinyHunters escalates Canvas attacks with school login defacements

Days after confirming a major data breach, Instructure is now facing a second blow. Earlier this week, Instructure confirmed a major data breach affecting its cloud‑hosted Canvas environment, with the ShinyHunters group claiming it stole hundreds of millions of records tied to thousands of school...

The Canvas Hack Is a New Kind of Ransomware Debacle

Thousands of schools around the US were paralyzed on Thursday after education tech firm Instructure shut down access to its Canvas platform following a breach by hackers going by the name ShinyHunters...

Canvas Breach Disrupts Schools & Colleges Nationwide

An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and coursework at school districts and universities across the United States today, after a cybercrime group defaced the service's login page with a ransom demand that threatened to...

ShinyHunters Defaces Canvas LMS Portal, Hundreds of Universities Affected

ShinyHunters hackers defaced the official Canvas LMS portal after breaching Instructure systems, disrupting university access worldwide...

ShinyHunters’ Instructure Canvas LMS and Vimeo Breaches Impact Millions of Users

ShinyHunters breached Instructure and Vimeo, exposing millions of student and user records through direct and supply chain attacks...

Millions of students’ personal data stolen in major education breach

Instructure, the company behind the Canvas learning management system LMS, confirmed a cyber incident and subsequent data breach affecting its cloud‑hosted environment. The ShinyHunters ransomware group claims it is behind the attack and says it stole roughly 275 million records tied to students,...

Vercel Breach Linked to Context.ai, ShinyHunters Says It’s Not Involved

Vercel confirms a breach linked to Context.ai as a hacker lists alleged data for $2M. ShinyHunters denies involvement and flags imposters...

ShinyHunters Leak Rockstar Games Data, No Player Records Impacted

ShinyHunters hackers leak 7.54 GB of Rockstar Games data from Snowflake analytics systems, confirming no player records or personal information were exposed...

ShinyHunters Claims Rockstar Games Snowflake Breach via Anodot

ShinyHunters claims access to Rockstar Games Snowflake data via Anodot breach, threatening a data leak on April 14 if ransom demands are not met...

Support platform breach exposes Hims & Hers customer data

Healthcare companies handle some of the most personal data imaginable. That makes them a magnet for hackers. And when those companies outsource their customer support to third-party platforms, every one of those platforms becomes another door someone can try to kick in. Telehealth giant Hims & He...

ShinyHunters Hackers Claim Theft of 3M+ Cisco Records, Threaten Public Leak

ShinyHunters hackers claim they stole 3 million+ Cisco records via Salesforce and AWS, warning of a public leak if demands are not met by April 3, 2026...