Instructure Reaches Deal with ShinyHunters to Prevent Canvas Data Leak

Instructure has reached an agreement with the ShinyHunters group to return and destroy stolen Canvas data, protecting millions of student records from a public leak...

TeamPCP Used Mini Shai-Hulud Worm to Poison Over 400 npm and PyPI Packages

Research reveals that TeamPCP hijacked OIDC tokens to poison hundreds of TanStack, Mistral AI, and UiPath packages with the self-propagating Mini Shai-Hulud worm...

Slovakian Admin of Dark Web Kingdom Market Jailed for 16 Years in US

A Slovakian administrator tied to the dark web Kingdom Market received a 16 year US prison sentence for drug trafficking and cybercrime activity...

Why Canadian Telecom Providers Are Prime Targets for Cyberattacks

Canadian telecom providers face mounting cyber threats from ransomware, SIM swapping, data breaches, and nation-state attacks targeting critical infrastructure...

Canvas Hackers ShinyHunters Say Their Official Domain Was Suspended

ShinyHunters says its shinyhunte.rs domain was suspended after the Canvas LMS attacks, forcing the group to move fully to its dark web .onion site...

Fake Claude Code Installer Targets Developers With Browser Credential Stealer

Researchers at Ontinue have discovered an undocumented malware campaign targeting developers with fake Claude Code installers to steal browser passwords and cookies...

Pwn2Own Berlin 2026 Hits Capacity as Rejected Hackers Release 0-Days

Pwn2Own Berlin 2026 reportedly reached full capacity for the first time, prompting rejected researchers to publicly disclose zero-day exploits targeting Firefox, NVIDIA, and AI platforms...

Top Video Downloaders in 2026: Why Wondershare UniConverter Remains a Strong Choice

As video content continues to dominate entertainment, education, and social media platforms, more users are searching for reliable…...

Operation HumanitarianBait Uses Fake Aid Documents to Deploy Python Spyware

Operation HumanitarianBait uses fake aid documents, GitHub-hosted payloads, and Python spyware to target Russian-speaking victims...

Google Says Hackers Used AI to Develop a Zero-Day Exploit

Google researchers say hackers used AI to develop zero-day exploits, Android backdoors, and automated supply chain attacks targeting GitHub and PyPI...

Romanian Man Faces Up to 30 Years in US Prison Over Vishing Scams

Romanian national Gavril Sandu faces up to 30 years in a US prison after extradition over a VOIP vishing and fake debit card fraud scheme...

9-Year-Old Dirty Frag Vulnerability Enables Root Access on Linux Systems

The Dirty Frag vulnerability affects Linux systems and allows root access escalation, while public PoC exploit code increases attack risks...

Lyrie.ai Joins First Batch of Anthropic’s Cyber Verification Program

Dubai, UAE, 11th May 2026, CyberNewswire...

Hackers Exploit Vercel GenAI to Mass-Produce Convincing Phishing Sites

Hackers are abusing Vercel GenAI to create convincing phishing sites that mimic major brands, including Microsoft, Adidas, and Nike, making scams harder to detect...

Two US Men Jailed for Helping North Korean Hackers Infiltrate US Firms

Matthew Knoot and Erick Prince have been jailed for 18 months each for helping North Korean hackers infiltrate US firms through remote laptop farms...

Hackers Trick DigiCert Into Issuing Certificates Used to Sign Malware

DigiCert revokes 60 code signing certificates after hackers used a malicious support chat attachment to sign the Zhong Stealer malware...

Hackers Hijack JDownloader Site to Deliver Malware Through Installers

JDownloader confirms a security breach where hackers manipulated official download links to distribute malicious files between 6 and 7 May 2026...

Fake macOS Troubleshooting Sites Used to Steal iCloud Data in ClickFix Scam

Microsoft researchers warn of a new ClickFix campaign targeting macOS with fake guides on Medium and Craft to deploy AMOS and SHub Stealer via Terminal commands...

ClaudeBleed Vulnerability Lets Hackers Hijack Claude Chrome Extension to Steal Data

The ClaudeBleed vulnerability allows hackers to bypass Claude for Chrome guardrails to exfiltrate private Google Drive and Gmail data...

ShinyHunters Defaces Canvas LMS Portal, Hundreds of Universities Affected

ShinyHunters hackers defaced the official Canvas LMS portal after breaching Instructure systems, disrupting university access worldwide...

Hackers Use Fake Claude AI Site to Infect Users With New Beagle Malware

Researchers have discovered a new malvertising campaign using a fake Claude AI website to plant a new, undocumented backdoor named Beagle on user devices...

Researcher Shows Edge Browser Stores Saved Passwords in Plaintext

Cybersecurity expert Tom Rønning finds Microsoft Edge loads all saved passwords into computer memory as cleartext, making them easy for hackers to steal...

Google Chrome Accused of Silently Installing 4GB AI Model on User Devices

Cybersecurity researcher Alexander Hanff claims that Google Chrome automatically installs a 4GB Gemini Nano AI model without user notification or consent...

Why Outdated Maintenance Software Is a Growing Ransomware Risk

Outdated maintenance software increases ransomware risk by exposing weak access controls, unpatched systems, and critical operational data to attackers...

Scammers Use Hidden Text to Bypass AI Email Filters in Phishing Scams

Scammers are hiding invisible text inside phishing emails to manipulate AI-powered email filters and increase the chances of scams reaching inboxes...

Best OSINT Tools for Investigations and Threat Intelligence in 2026

Explore the best OSINT tools for your digital investigations, threat intelligence, reconnaissance, and tracking online activity in 2026...

Google Fixes CVSS 10 Gemini CLI Vulnerability Enabling GitHub Issue-Based RCE

Google patches a CVSS 10 Gemini CLI vulnerability that allowed hackers to use prompt injection and privilege escalation for a full supply chain compromise...

ShinyHunters’ Instructure Canvas LMS and Vimeo Breaches Impact Millions of Users

ShinyHunters breached Instructure and Vimeo, exposing millions of student and user records through direct and supply chain attacks...

Building Strategic Advantage With Integrated Planning

Siloed planning slows decisions and hides risk. Integrated business planning connects finance, demand, supply, and strategy into a single disciplined cycle...

The “Juice” Factor: Designing Game Feel

Designing game feel requires responsive controls, hit-stop, sound, animation, and feedback systems that make gameplay satisfying...

Application Security Strategies Are Changing as AI-generated Code Floods the SDLC

AI-generated code is changing AppSec workflows, forcing teams to rethink SDLC security, dependency checks, code review, and risk prioritization...

Massive “Low and Slow” DDoS Attack Hits Platform With 2.45 Billion in 5 Hours

DataDome researchers uncovered a massive low and slow DDoS attack that delivered 2.45 billion requests using 1.2 million IP addresses...

LuxSci Launches Enterprise-Grade HIPAA-Compliant Email Security for Mid-Sized Healthcare Organizations

Cambridge, MA, 5th May 2026, CyberNewswire...

Anti-ICE Site GTFO ICE Accused of Exposing Data of 17,000+ Activists

An anti-ICE website, GTFO ICE, linked to Miles Taylor, is accused of exposing the personal details of 17,662 activists, sparking concerns that the data may have reached government agencies...

FEMITBOT Network Abuses Telegram Mini Apps for Crypto Scams and Android Malware

A massive fraud network called FEMITBOT uses Telegram Mini Apps and fake brand names like Apple, Disney, and…...

Wiz ZeroDay.Cloud Event Reveals 20-Year-Old PostgreSQL Vulnerabilities

Researchers revealed 20-year-old PostgreSQL flaws at Wiz ZeroDay.Cloud event, exposing critical bugs in pgcrypto and prompting urgent patches for database security...

Cyber-Secure Philanthropy: Tech Infrastructure for Global Donations

Secure philanthropy needs hardened payments, API security, and compliance controls to protect global donations from fraud and attacks...

7 Key Features That Make Secure Browsers Safer

Secure Browsers boost safety with tracking blocks, fingerprint protection, session control, and real-time threat defense against modern web attacks...

Paying Ransom Won’t Help as VECT 2.0 Ransomware Destroys Data Irreversibly

VECT 2.0 ransomware contains fatal flaws that permanently destroy files, making recovery impossible and rendering ransom payments useless for victims worldwide...

Google AppSheet Exploited in 30,000-User Facebook Phishing Operation

Scammers are abusing Google AppSheet and Google Drive to bypass security filters and steal thousands of Facebook Business accounts globally...

2 US Cybersecurity Experts Jailed for Aiding ALPHV (BlackCat) Ransomware

Two US cybersecurity experts jailed for aiding BlackCat ransomware group, extorting victims worldwide and exploiting insider access for profit...

45,000 Attacks, 5,300+ Backdoors Tied to China-Linked Cybercrime Operation

SOCRadar researchers have uncovered a massive Chinese cybercrime operation using the OpenClaw and Paperclip systems to automate global attacks...

Hackers Use Jenkins Access to Deploy DDoS Botnet Against Gaming Servers

A new campaign shows misconfigured Jenkins servers abused to deploy a DDoS botnet targeting gaming systems, with Valve Corporation infrastructure in focus...

Criminal IP and Securonix ThreatQ Collaborate to Enhance Threat Intelligence Operations

Torrance, United States / California, 1st May 2026, CyberNewswire...

Critical cPanel Vulnerability Lets Attackers Bypass Login, Gain Root Access

A critical cPanel vulnerability lets attackers bypass login and gain root access, with active exploitation reported before patches were released...

Best Diagram Software in 2026, Why EdrawMax Works for Everyday Use

Compare top diagram software in 2026 and see why Wondershare EdrawMax can be a practical choice for fast, template rich, AI supported diagramming...

Private Chats, Photos of Celebs Exposed in Suspected Stalkerware Leak

Private chats and photos of celebrities and influencers were exposed after a suspected stalkerware setup left a database open, revealing sensitive messages and files...

Misconfigured Server Run by Hackers Leaks 345,000 Stolen Credit Cards

A misconfigured server linked to the carding marketplace Jerry’s Store exposed 345,000 stolen credit cards after an AI coding error caused a major security flaw...

Managed vs Self-Managed Cloud Hosting: Choosing the Best Option for Your Business

As more businesses relocate their operations to the cloud, one important decision arises: should you choose managed or…...

9-Year-Old Linux Kernel Vulnerability “Copy Fail” Enables Full Root Access

Linux Kernel Vulnerability “Copy Fail” lets attackers gain root access via memory flaw. Patch now or disable algifaead to stay secure...